Art Gallery Description This was a Forensics challenge from the DaVinciCTF, where my team irNoobs managed to finish on the 4th place. This challenge particularly was extremely interesting as it closely mirrored an investigation of a ransomware attack, from the initial infection vector to the encryption routine. Challenge Description: Alert! A famous online art gallery […]
Author Archives: Trigleos
Excel macro
сука блять TL;DR Analyze a malicious Excel file and extract its payload Description I found some Russian malware online and I have no idea what it’s doing D: Author: xenocidewiki The challenge provides us with a Finances2020covid.xlsm file Initial analysis First of all, when you download this file, Microsoft Defender warns you that it is […]
PDF analysis
PDF is broken and so is this file TL;DR Analyze broken pdf file and extract several hints that lead to the solution Description This PDF contains the flag, but you’ll probably need to fix it first to figure out how it’s embedded. Fortunately, the file contains everything you need to render it. Follow the clues […]
Bootloader
The Proclamation TL;DR Debug and fix a bootloader that decrypts a flag Description A mysterious file appeared on a deep dark web forum. Can you figure out what we can’t see right now? NOTE: Flags will be easily identifiable by following the format CS{some_secret_flag_text}. They must be submitted in full, including the CS{ and } […]
AES encryption
Da French? TL;DR Reverse executable that uses AES encryption and decrypt network traffic Description This was one of the harder challenges for the XMAS-CTF 2020 and I actually managed to be the third one that solved it. In the end, the challenge only had around 15 solves, which shows that many people did not see […]
Easy Obfuscation
Thou shall pass? TL;DR Reverse executable that uses clever function renaming techniques Description This was a challenge from the X-MAS CTF 2020. It was the easiest one in the Reversing category but I still think it was pretty fun because it introduced me to an interesting obfuscation technique. Challenge Description For thou to pass, the […]
RSA encryption
s3-simple-secure-system TL;DR Extract RSA keys from executable and decrypt encrypted document Description This was a challenge at the ENISA Hackfest 2020, which posed as a replacement for the ECSC 2020 that was supposed to be held in Vienna but unfortunately got cancelled due to Covid19. This challenge was marked as easy. However, it took me […]
Networking 101
hello-nemo TL;DR Intercept unencrypted FTP traffic and extract a zip file as well as the password. Description This was a challenge at the ENISA Hackfest 2020, which posed as a replacement for the ECSC 2020 that was supposed to be held in Vienna but unfortunately got cancelled due to Covid19. While this challenge wasn’t that […]
Game Hacking Part II
Follow the white rabbit TL;DR Hacking a Unity game to access hidden areas and patch new content in Description This is the second part of a two part series. In this part, we’ll try to implement more hacks and patch more content into the game Recap In part 1, we discovered the first flag as […]
Ransomware Part II
castorsCTF2020 TL;DR Investigating a Ransomware attack and trying to reverse the process Description This is the second part of a two part series. In this part, we’ll apply the knowledge we got from analysing the executable in part 1 and reverse the encrypted image Recap In part 1, we discovered that the executable contacts a […]