Down Under 2020 CTF writeup

Stuff I learnt from the downunder ctf.

2 min read

ctf   security

Text goes here.

Forensics

Spot the Difference

327 easy Author: TheDon

An employee’s files have been captured by the first responders. The suspect has been accused of using images to leak confidential infomation, steghide has been authorised to decrypt any images for evidence!

Files: https://storage.googleapis.com/files.duc.tf/uploads/SpotTheDifference/Publish.zip (sha256: be6fd22e658b51124da5a608cc50e5fdc6698772a024cfe4dd9fb393f6ee5227)

I Love Scomo

440 medium

I really do love Scott Morrison! <3 <3 <3

However, some people don’t like me because of my secret crush :(. So I have to hide my secrets using steganography. This is my hidden space, where I can dream about being with Scomo and I really appreciate that no one tries to reveal my secret message for him.

Author: ghostccamm

Attached files:

ilovescomo.jpg (sha256: c1a820c8b17c179b93a1bdf677b01080a27cec2d130e58d50117ef669b4ab9af)

web

Web Badmin

370 easy

Author: Blue Alder

We launched a game and now it is no longer launched :( can you figure out what happened plox. HALP

https://chal.duc.tf:30102

crypto

babyrsa

200 easy

Author: joseph

This is just RSA for babies!

Attached files:

babyrsa.py (sha256: 37676169a895f541454f4a93a943a7718c09bd245233e1fa38eb1f85181e3fe8) output.txt (sha256: b1a705ce9efd6403006b00ecccc8225e7e103b704dc276797eafa68d26fba068)

misc

In a pickle

200 easy

Author: n00bmaster

We managed to intercept communication between und3rm4t3r and his hacker friends. However it is obfuscated using something. We just can’t figure out what it is. Maybe you can help us find the flag?

Addition

200 easy

Author: n00bmaster

Joe is aiming to become the next supreme coder by trying to make his code smaller and smaller. His most recent project is a simple calculator which he reckons is super secure because of the “filters” he has in place. However, he thinks that he knows more than everyone around him. Put Joe in his place and grab the flag.

Pretty Good Pitfall

200 easy

Author: k0wa1ski#6150

PGP/GPG/GnuPG/OpenPGP is great! I reckon you can’t find the message, because it looks scrambled!

Attached files: flag.txt.gpg (sha256: dad03ac28b7294c8696eeac21d11159c3dcfc8ed226438804fe82b4fb9f6ad87)

Tim Tams

273 easy

Author: QUT_WH

When I eat too many Tim Tams, I get rather slow!

WARNING You will want to turn down your audio for this one!

Download: https://storage.googleapis.com/files.duc.tf/uploads/Clive.wav

File Hash (SHA256): 4C1CC12D002956A83E168CA650B776B55AAC36F2131D0DF617BE7D55DBEF93D1

Koala Habitat

462 easy

Author: QUT_WH

What an Aussie Banger!

Flag Format: STRING you end up with after solving challenge –> Spaces seperate the words

NO DUCTF{} required

Attached files:

gumtrees.wav (sha256: E80D485C8A6F3818F9946EDE5283CDF4CCF7276A02BE76EA23A88AF21DD15843)

OSINT

Welcome to Petstagram

100 beginner

Who is Alexandros the cat exactly? And who is this mysterious “mum” he keeps talking about?

Submit his mum’s full name in lowercase and with underscores instead of spaces, as the flag: DUCTF{name}

Author: dahlia