Magnify logo

Intro

CyberDefenders.org, have a fun challenge where you need fix and decode/decrypt various files.

Walkthrough

1)File: MALWARE000 - I’ve used this new encryption I heard about online for my warez; I bet you can’t extract the flag!

Hint:

strings malware000 |grep "=$"|base64 -d|grep flag

Answer

flag<0ops_i_used_1337_b64_encryption>

2) File: Just some JS - Check out what I can do!

Hint:

Answer:

what_a_cheeky_language!1!

3) File: This is not JS - I’m tired of Javascript. Luckily, I found the grand-daddy of that lame last language!

Hint:

Answer:

Now_THIS_is_programming

4) File: Unzip Me - I zipped flag.txt and encrypted it with the password “password”, but I think the header got messed up… You can have the flag if you fix the file

Hint:

  • zipinfo (part of fcrackzip)
  • hexeditor
  • filename bytes change 0x5858 to 0x0800

Answer:

R3ad_th3_spec

5) File: MALWARE101 - Apparently, my encryption isn’t so secure. I’ve got a new way of hiding my flags!

Hints:

  • Linux
  • gdb
  • set a breakpoint - break printf
  • print stack strings - x/30s $rsp

Answer:

sTaCk_strings_LMAO

6) File: MALWARE201 - Ugh… I guess I’ll just roll my own encryption. I’m not too good at math, but it looks good to me!

Hint:

  • Ghidra (extract the crypto algorithm)
  • Cyberchef
  • XOR math
  • circular bit shift
  • endianess
  • key hint: a1a0a3a2

Answer:

 malwar3-3ncryp710n-15-Sh17

Share on: