ECSC CTF 2021 - User Manual
Forensics 1 - user manual Challenge Description Recently I bought a custom made video game from a totally legit salesman under a dark bridge. There was a user manual alongside, but I can not see the contents of it.
This challenge has a downloadable part. Steps Unzip challenge files:
unzip forensics_user_manual We get a file user_manual.docm, which is a word document file with macros.
Unzip docm file Our first try was to unzip the .
ECSC CTF 2021 - Serial
Hardware 1 - Serial Challenge Description We managed to eavesdrop on the serial communication of an Arduino-based door locks debugging interface. Can you find the password?
This challenge has a downloadable part. Steps Unzip challenge files:
unzip hw_serial.zip We get a file signal.txt, which is the debugging dump of the arduino-based door lock. As we get from the challenge description the file will contain the Serial binary data that we have received from the Arduino.
ECSC CTF 2021 - Baby JAWTS Doo Doo Doo
Web 1 - baby JAWTS doo doo doo Challenge Description There is None like you, There is None like you, And there will never be another JAWTS hunter, Deemed as worthy as you 🎣 …
This challenge is started on-demand. Steps Brute Force URIs The first step was to find any open directories-files:
gobuster -u http://159.65.50.127:30139 -w common.txt But nothing was found…
Input Field After looking the page and inspecting the HTML-JS code the only valuable piece of info is the input field and the fact that the fish database is stored as an object in memory and we can see all entries.
ECSC CTF 2021 - RSA Leaks
Crypto 1 - RSA Leaks Challenge Description DinoCorp has been experimenting with dinosaurs for years. Their labs are located on an island in the middle of the ocean. We managed to intercept an encrypted message from the head scientist. It looks like something is wrong. Can you decrypt the message?
This challenge has a downloadable part. Steps Unzip challenge files:
unzip crypto_rsa_leaks.zip First thoughts If we check the files we have: