Cyber Defenders - RE101 CTF
Intro
CyberDefenders.org, have a fun challenge where you need fix and decode/decrypt various files.
Walkthrough
1)File: MALWARE000 - I’ve used this new encryption I heard about online for my warez; I bet you can’t extract the flag!
Hint:
strings malware000 |grep "=$"|base64 -d|grep flag
Answer
flag<0ops_i_used_1337_b64_encryption>
2) File: Just some JS - Check out what I can do!
Hint:
Answer:
what_a_cheeky_language!1!
3) File: This is not JS - I’m tired of Javascript. Luckily, I found the grand-daddy of that lame last language!
Hint:
Answer:
Now_THIS_is_programming
4) File: Unzip Me - I zipped flag.txt and encrypted it with the password “password”, but I think the header got messed up… You can have the flag if you fix the file
Hint:
- zipinfo (part of fcrackzip)
- hexeditor
- filename bytes change 0x5858 to 0x0800
Answer:
R3ad_th3_spec
5) File: MALWARE101 - Apparently, my encryption isn’t so secure. I’ve got a new way of hiding my flags!
Hints:
- Linux
- gdb
- set a breakpoint - break printf
- print stack strings - x/30s $rsp
Answer:
sTaCk_strings_LMAO
6) File: MALWARE201 - Ugh… I guess I’ll just roll my own encryption. I’m not too good at math, but it looks good to me!
Hint:
- Ghidra (extract the crypto algorithm)
- Cyberchef
- XOR math
- circular bit shift
- endianess
- key hint: a1a0a3a2
Answer:
malwar3-3ncryp710n-15-Sh17
Share on: