VishwaCTF - 2024
Challenges solved for vishwaCTF, x4 web and x1 crypto
Recipe Archival Workshop - Web
There's a file upload
That accepts only images I couldnt find where the file was being uploaded Brute forcing what extensions could I use I found that tiff, showed us the flag:
Save the city - web
Connecting to the insance showed a ssh2 label
Theres a public exploit https://gist.github.com/mgeeky/a7271536b1d815acfb8060fd8b65bd5d
The flag was in:
-rw-r--r-- 1 root root 16 Jan 26 17:37 location.txtTrip to US
click Here / Error PHP tells us:
Then in the login: simple SQL injection
uname=Samarth Ghante&password='or 1=1-- -
They are coming
Robots.txt
localStorage.setItem("userRole", "admin"), localStorage.setItem("F1ag", "Open Your Eyes!"), localStorage.setItem("lastLogin", "2023-01-01T12:00:00Z"), localStorage.setItem("theme", "dark"), localStorage.setItem("language", "en_US"), localStorage.setItem("isLoggedIn", "true"), localStorage.setItem("unreadMessages", "5"), localStorage.setItem("preferredCurrency", "USD");
return localStorage.setItem("DivID", "205"), localStorage.setItem("Flag", "Gkul0oJKhNZ1E8nxwnMY8Ljn1KNEW9G9l+w243EQt0M4si+fhPQdxoaKkHVTGjmA"), localStorage.setItem("AppVer", "1.0"), (0, vt.jsx)(vt.Fragment, {
children: (0, vt.jsxs)("div", {
className: "hint-main",
children: [(0, vt.jsx)("h1", {
className: "hint",
children: "A Courrpt AI Agent and Its Army of 128 Aesthetic Looking Robots Are Heading Towards Local Vault of the City of Dawn!"
}), (0, vt.jsx)("p", {
className: "hint1",
style: {
display: "none"
},
children: "I have done 128 cbc tests"secret-location/
Decrypt AES CBC 128 with the key:
Happy Valentine's Day
We are given an encoded image
And the file with it was encoded with:
from PIL import Image
from itertools import cycle
def xor(a, b):
return [i^j for i, j in zip(a, cycle(b))]
f = open("original.png", "rb").read()
key = [f[0], f[1], f[2], f[3], f[4], f[5], f[6], f[7]]
enc = bytearray(xor(f,key))
open('enc.txt', 'wb').write(enc)The only problem is that is doing a XOR with the same 8 bytes of the beggining, which is 0... so we lost the key However, we know its an image, so the 8 first bytes are just the PNG header, so we can retrieve the key and re XOR everyting:
from PIL import Image
from itertools import cycle
def xor(a, b):
return [i^j for i, j in zip(a, cycle(b))]
f = open("enc.txt", "rb").read()
key = [f[0], f[1], f[2], f[3], f[4], f[5], f[6], f[7]]
# [137, 80, 78, 71, 13, 10, 26, 10]
p = bytes([137, 80, 78, 71, 13, 10, 26, 10])
key = [p[0], p[1], p[2], p[3], p[4], p[5], p[6], p[7]]
dec = bytearray(xor(f,key))
open('dec.png', 'wb').write(dec)
That was all for today´s write up, Hope you´ve enjoyed it.
I will be uploading a new write up every weekend, so don´t forget to stay up to the blog 😄
You can use my social media to leave me your thoughts about the write ups 👍
Twitter: https://twitter.com/KrakenEU_
Linkedin: https://www.linkedin.com/in/i%C3%B1aki-tornos-572580177/
Github: https://github.com/KrakenEU/Last updated