- It's JSFuck
- Evaluating it in the browser redirects you somewhere else...
- Find some other suitable decoder
** Locked Up
- Use =zipinfo= to look at archive contents
- Flag is one of the file names
** Admin Pass
- Description links to Git repo
- Looks like we have to crack a hash
- The comment doesn't have the right flag
- The Git history contains the right flag before it was redacted
** The Real Reversal
- Reverse the bytes
- Print the string
- Decode the numbers into bytes
- Print each char
- Reverse each line (because it's printed reverse)
** Broken GPS
- Write some code doing exactly what is asked from you
- Calculate the distance using Pythagoras
- Calculate the letter for each file
** Hidden Flag
- At the end of the file it spells out the key
- XOR each key byte with the first bytes, check whether it looks like
the PNG magic bytes
- Repeat for the rest of the file
- Obtain an image displaying the flag
* Cryptography
** Reverse Search Algorithm
- RSA with known factors (check factordb or use YAFU)
- Calculate ~d = (p - 1) * (q - 1)~
- Decrypt with ~m = modexp(d, c, n)~
- Format message as string to obtain the flag
** A Lost Cause
- Write some code that does the reverse of the transformation for each
possible offset, then prints the result
- One of those is the raw flag
* Forensics
** Chicken Crossing
- =strings= shows the flag at the end of the file
** Cool Image 2
- Remove the first 40 garbage bytes from the file
** Slap
- Check with =exiftool= for the flag
** Fish
- =steghide= key is at the end of the file
- Use =steghide= to extract the hidden text file
* Web
** md5--
- One way to solve this is to find a MD5 hash hashing to itself
- The other is to make use of PHP's funny ~==~ semantics
- If both strings look like numbers, they're coerced to numbers before
comparing
- So, =9= is equal to =09= and =0e123= is equal to =0e999=
- I wrote a bruteforce script that checked for numerical strings
hashing into an equivalent numerical string
- Eventually it found a working one
** Accessible Rich Internet Applications
- HTML file containing lots of JS
- When opened in a browser it creates lots of HTML, with way too many
ARIA tags that have a sort key and a binary value
- Copy them into a text file, sort by the sort key, extract the binary value
- Decode the binary into a text with the flag
** Networked Password
- If you send a password starting with =h=, the request takes 0.5s
longer than a password not starting with =h=
- For subsequent correct characters, the request time increases by
0.5s for each
- I wrote me a script that uses this to guess the flag for me
- It's not perfect as there's the occasional false positive, this can
be detected by subsequent guesses taking less time than the previous
ones
- The charset is alphanumerical with underscores and braces
