Sunday, 30 March 2014

Volga CTF 2014 Quals Joy-300

This was just a replica of flappy bird game.

Question was in short "Autopilot mode isn't working and the rocket is unable to reach the destination point.reach the destination point for the message(42level)" [Not exact but it meant this]

Well i thought of reversing the game and figured it was written in Delphi and used the Delphi dissasembler also.But just as a confirmation i asked people whether the task was just to reach 42nd level? I got a reply saying "Yes" .Ah perfect timing for showing my flappy bird skills. Bwah it was just 42 level.Piece of cake i thought. But its not easy playing with keboard. Check it yourself.Download the game using the link below.
The game given

After so many attempts i reached 42 level and got this :

Ah observe that at level 42 i crashed :-D This is pure luck :-D

FLAG : it_was_not_so_hard_rrly

Volga CTF 2014 Quals Web-100

Well,It was very hard to solve challenges frankly speaking.We were well prepared for the CTF but was in vain.

The question was to find the hidden flag in their webpage (

Note: [Server is down so cannot fetch the exact question.Sorry about that]

I really have no clue about web challenges as i am not the guy at all.But i know the basics.Hence as a challenge with blank mind i just looked at the login page

I just logged in.I saw this.

Monday, 24 March 2014

Backdoor CTF 2014 Misc-150

First i thought it was like Defkthon's zip challenge..Wrote script and it went wrong. :-p

Question :
This wierd file was found by H4XOR when trying to search for his flags. Can you get him his flag ?

Submit flag as flag_obtained

After 6 times unzipping you would get a file called Misc150. A quick file command tells this :

So its time for mounting now.
Command : mount -t ext2 Misc150 ../../../mnt/image -o loop 
Note: file path is different for you.Adjust it accordingly.

Backdoor CTF 2014 Misc-200-2

This was an awesome challenge and we solved it in a different way.It was fun solving this challenge.We knew that using python we can code this.But we were almost getting the flag when we realized that.

Question :
Username and password based login seemed a bit too monotonous. We developed an indigenous image based login system.

The login service is available here.

The image below can be used to login as the backdoor user. Unfortunately that doesn't serve any purpose.
Login as the sdslabs user for a change.

Submit the flag as: md5(flag_obtained)

Before we got in we loaded the image and saw how it would look like..

So our first approach was paint and look what we found..
So we tried figuring out logic for this coz when we took out the last dot we were getting " Logged in as backdoop"
After which my friend figured out the logic.
01100010 -b
01100001 -a
01100011 -c
01101011 -k
01100100 -d
01101111 -o
01101111 -o
01110010 -r

01110011 -s
01100100 -d
01110011 -s
01101100 -l
01100001 -a
01100010 -b
01110011 -s

Black dot was 1 and the space or blank is 0..This is how we figured it out.
We used colorfiller and filled out accordingly what sdslabs would look like and when put in paint and seen it would look like this.
"Logged in as sdslabs
Congrats the flag is practice_makes_one_perfect"

md5("practice_makes_one_perfect") => c16a3c8504985a8c91956c29f7338184

FLAG : c16a3c8504985a8c91956c29f7338184

Saturday, 22 March 2014

Backdoor CTF 2014 Binary-10

Just a basic skill of viewing the strings of files is required.

Question :
Information Security Agency uses preshared passwords for sending senstive information to its agents.

Somehow we managed to know that one such piece of sensitive information exists in this file.
File :

Submit the flag as flag_obtained

FLAG : 40511702a6193f9b38d37699e676fd40

Backdoor CTF 2014 Web-10

Got help from a teammate..He did it actually.Just learnt it so thought of sharing.Am not a web guy moreover.

Question :
H4x0r is a curious guy. He normally looks into every detail around. H4x0r managed to find the flag of this level. Can you ?

Looking at the http headers gave us the flag:

FLAG : 28b3324be8b003ee7e1d0d153fad3c32

Backdoor CTF 2014 Crypto-10

Just cracked this in seconds..Have a very good experience with these kind of stego's.

Question :
H4x0R recently went missing. An investigating team specializing in hacking was deployed to search around his place. All they found was this file. Please help them obtain secret 32characters string that can lead to him

Submit the flag as: flag_obtained
Image given :

So the below image says ther is a image inside this image.How to extract? just rename the jpg to rar and extract it you would see a image.

Backdoor CTF 2014 Miscellaneous-10

Was a very tedious challenge.Had to sit and analyze every packet and finally found a packet with a hint
Question :
This file was retrieved by CID during a task to catch a black hat hacker. Can you find the flag and help CID ?.

Submit the flag as: flag_obtained

Open the pcap file in wireshark[coz thats wat i do with pcap's :-p]

Link :

A QRcode is ther.Just scan it for the flag.
If not use this :

FLAG : efb8f4cd67963a5652ee0aa2187b830a

Backdoor CTF 2014 Hidden challenge

Was fun playing this CTF.I gathered oly 1 hidden flag which was hidden in the css file.There were around 6 according to admins and few players.I searched almost everythng i knew and finally got this.

so the flag was md5("hashme") => 533f6357e0210e67d91f651bc49e1278

FLAG : 533f6357e0210e67d91f651bc49e1278

Backdoor CTF 2014 [All trivia]

Submit flag as md5 of answer. Answer consists of small alphabets (a-z) only. [Applies to all trivia]

Trivia 1 -

This above link was given .
Quick google about the link showed it was ios-Apple"gotofail" security bug.
md5("gotofail") => 9c00b580a9a1d022d62fa3e8506c3c51

FLAG : 9c00b580a9a1d022d62fa3e8506c3c51

Who is Megaracer?

Again Googling revealed Megaracer aka kimdotcom
md5("Who is Megaracer?") => 148e6711a03f43a1955bcff667d967cc

FLAG : 148e6711a03f43a1955bcff667d967cc

"How I hacked github again". Where am I now?

Google helped to find me the blog of Egor Homkov :
We now know that he is in bangkok..Country is Thailand
md5("thailand") => 8689391a8b93cd2d55ccf3f436eef4e2

FLAG : 8689391a8b93cd2d55ccf3f436eef4e2


This image is about the ted talk to a robot resembling snowden called "beam"
md5("beam") => 5435eeb714f3a0739ca75b3b0eb8cfb3

FLAG : 5435eeb714f3a0739ca75b3b0eb8cfb3

Trivia 21?

This was the question ,something worth thinking.
Anyway it was about the port 21,even i thought in the beginning as blackjack but wasn't the answer.
md5("ftp") => ff104b2dfab9fe8c0676587292a636d3

FLAG : ff104b2dfab9fe8c0676587292a636d3

Wednesday, 19 March 2014

HACS[Hackers for applied cyber security] -2014 Mini CTF

We were determined to teach our juniors what we had learnt as a team.We thought as we have enough experience as beginners in CTF's.So we decided to conduct a Mini-CTF and help beginners learn something out of box.
As I believe that CTF is one of the most successful way of improving the skills.We had to restrict the categories and problems.The CTF was live for 2 weeks with a irc-channel to help our juniors solve the problems.
As it was a beginner CTF,i thought may be a practice session and a good challenges for beginners,so thought of sharing it in my blog.

I have given the links for Forensics and Miscellaneous in the description part.The solutions are in the slides which i have uploaded in slideshare.
The link to slides :

Hope you enjoy the challenges.

Hacs team
Tanoy Bose,
Farhan sheik,
Yogeesh S,
Movnavinothan V,
Adithya Naresh

Thursday, 13 March 2014

RUCTF 2014 Quals Misc-100 [Shredder] Misc-200 [RuCTF radio] Reverse-10 [Harm]

I am writing all the three because its not that great challenges which requires that much space to explain it :-)

Misc-100 [Shredder]

We were given this image

Painful challenge but something different i have ever seen till this day.I had to take a printout and cut it and rejoin to get the flag.This is the image i got ,even though i missed a main cutting in between.


RUCTF 2014 Quals Forensics-100 [Secret host]

This time challenges were more,But i couldn't solve much.

We intercepted configs and dump. What were they hide on

Search for password and username for the openvpn connection using the MDMP crash dump.
Using "strings" command or using Hexdump you can find these username and password.
So we got the username : SuperPuperRoot and password : VeryStrongSecret

Install openvpn here.

You need to place the certificate file and the config file(Extracted from the configs and dumps) in "openvpn configuration file directory" like this.

Wednesday, 5 March 2014

Defkthon2014 Recon-200

I had read somewhere that recon challenges resembled CSAW.
Question 2 : yashin Mehaboobe

aka Sp3ctr3

Was obvious that it would be related his image posted recently,twitter posts or github.
Github was the key.
Link :

This above link gives his activities recently .Down there in readme a update has been there and luckily  the flag was sooo visible :-)

Flag : djangounchained

Defkthon2014 Recon-100

Question : Francis Alexander.

I already knew the team or the admins who organized the CTF.So they all were in my friends list in Facebook.
First thing that striked my head was about page of Francis Alexander. woot!! there it is his blogspot .

There was a interesting text in the page "Try Getting the Flag :p " .
Basics of web challenges that is right click-> inspect element. :-D lol there it is flag hidden in comments :-)

Here is what it looks like -->
Flag : hmm_try_nosql_dbs_dude

Defkthon-2014 Reversing-100

This is my first successful hunting in .NET applications.
This CTF was peculiar and tougher too.Firstly wanted to mention 2 things : there were no admins in IRC,there were no description about challenges.

Lets Get back to work now :-)

Link :
File description :
So it is clear that it is a .NET application.
Tools I used -> Jetbrains Dotpeek,You can use Reflector also.
After decompiling and opening Defkthon.cs this is what i found :-)