Cookie Consent by

Archives of tag ctf

Tag ctf

DownUnderCTF 2020: fix my pc

fix my pc

500 points

My boss's computer died recently. We managed to dump some of the drive, but can't figure out a way to unlock it.

Download (233MB)


We start with with two files within: system.bin and crash.bin

The first one is disk image, the second one looks like memory dump.

I’ve started with mounting the disk.

modprobe nbd max_part=8

qemu-nbd –connect=/dev/nbd0 /tmp/system.bin

But I’ve been stopped by disk encryption.

Ok, let’s try to retrieve the key to decrypt those partitions (/dev/nbd0p1 was boot with nothing interesting).

I downloaded findaes tool from and used it to find the keys in memory dump.

Looks like I’ve been lucky today ;-)

I’ve combined two parts of the key together and saved as binary.

echo 094e2adf58cfb17d85f0f6933f7b44efa00a3cda7bbe01873e09ff4ee7a60539ff98d76761147024ebb0c8d4e1141814214d2a83d7936609377755e5180a3c57 | xxd -r -p > /tmp/key

And then tried to use it.

cryptsetup luksAddKey /dev/nbd0p2 --master-key-file /tmp/key

cryptsetup luksOpen /dev/nbd0p2 rescue


mount /dev/mapper/rescue /mnt

On mounted partition there were many files with corrupted names, but the content was ok and gave me the hint where’s the key for 2nd partition.

cryptsetup luksOpen /dev/nbd0p3 crypthome --key-file /mnt/etc/crypttab.d/home.key

Interesting parts were ssh keys and .ash_history

So I’ve used bob’s keys to clone the repo and have a look.

export GIT_SSH_COMMAND="ssh -o IdentitiesOnly=yes -i /mnt2/bob/.ssh/id_rsa"

git clone [email protected]:cornochips/configs

cd configs

Checked the content of files with no luck, then suddenly...

for i in `git log --all --oneline | awk -F ' ' '{print $1, $8}'`; do git diff ${i}; done


DownUnderCTF 2020: On the spectrum

On the spectrum

100 points

My friend has been sending me lots of WAV files, I think he is trying to communicate with me, what is the message he sent?

Author: scsc

Attached files:

  • message_1.wav (sha256: 069dacbd6d6d5ed9c0228a6f94bbbec4086bcf70a4eb7a150f3be0e09862b5ed)


I've used Sonic Visualizer to open the provided file. With some alignments I've managed to visualize the flag hidden in the spectrum.


CSAW CTF Qualification Round 2020: authy


150 points

Check out this new storage application that your government has started! It's supposed to be pretty secure since everything is authenticated...


#!/usr/bin/env python3
import struct
import hashlib
import base64
import flask

# flag that is to be returned once authenticated
FLAG = ":p"

# secret used to generate HMAC with
SECRET = ":p".encode()

app = flask.Flask(__name__)

@app.route("/", methods=["GET", "POST"])
def home():
    return """
This is a secure and private note-taking app sponsored by your favorite Nation-State.
For citizens' convenience, we offer to encrypt your notes with OUR own password! How awesome is that?
Just give us the ID that we generate for you, and we'll happily decrypt it back for you!

Unfortunately we have prohibited the use of frontend design in our intranet, so the only way you can interact with it is our API.


        Adds a new note and uses our Super Secure Cryptography to encrypt it.

        :author: your full government-issued legal name
        :note: the message body you want to include. We won't read it :)

        :id: an ID protected by password  that you can use to retrieve and decrypt the note.
        :integrity: make sure you give this to validate your ID, Fraud is a high-level offense!

        View and decrypt the contents of a note stored on our government-sponsored servers.

        :id: an ID that you can use to retrieve and decrypt the note.
        :integrity: make sure you give this to validate your ID, Fraud is a high-level offense!

        :message: the original unadultered message you stored on our service.

@app.route("/new", methods=["POST"])
def new():
    if flask.request.method == "POST":

        payload = flask.request.form.to_dict()
        if "author" not in payload.keys():
            return ">:(\n"
        if "note" not in payload.keys():
            return ">:(\n"

        if "admin" in payload.keys():
            return ">:(\n>:(\n"
        if "access_sensitive" in payload.keys():
            return ">:(\n>:(\n"

        info = {"admin": "False", "access_sensitive": "False" }
        info["entrynum"] = 783

        infostr = ""
        for pos, (key, val) in enumerate(info.items()):
            infostr += "{}={}".format(key, val)
            if pos != (len(info) - 1):
                infostr += "&"

        infostr = infostr.encode()

        identifier = base64.b64encode(infostr).decode()

        hasher = hashlib.sha1()
        hasher.update(SECRET + infostr)
        return "Successfully added {}:{}\n".format(identifier, hasher.hexdigest())

@app.route("/view", methods=["POST"])
def view():

    info = flask.request.form.to_dict()
    if "id" not in info.keys():
        return ">:(\n"
    if "integrity" not in info.keys():
        return ">:(\n"

    identifier = base64.b64decode(info["id"]).decode()
    checksum = info["integrity"]

    params = identifier.replace('&', ' ').split(" ")
    note_dict = { param.split("=")[0]: param.split("=")[1]  for param in params }

    encode = base64.b64decode(info["id"]).decode('unicode-escape').encode('ISO-8859-1')
    hasher = hashlib.sha1()
    hasher.update(SECRET + encode)
    gen_checksum = hasher.hexdigest()

    if checksum != gen_checksum:
        return ">:(\n>:(\n>:(\n"

        entrynum = int(note_dict["entrynum"])
        if 0 <= entrynum <= 10:

            if (note_dict["admin"] not in [True, "True"]):
                return ">:(\n"
            if (note_dict["access_sensitive"] not in [True, "True"]):
                return ">:(\n"

            if (entrynum == 7):
                return "\nAuthor: admin\nNote: You disobeyed our rules, but here's the note: " + FLAG + "\n\n"
                return "Hmmmmm...."

            return """\nAuthor: {}
Note: {}\n\n""".format(note_dict["author"], note_dict["note"])

    except Exception:
        return ">:(\n"

if __name__ == "__main__":


My first idea was to make a sha1 collision. But in the meanwhile (when attempt to calculate collisions was running) I read the code once again and figured out that all interesting values can be overridden by payload.

I've created below payload:

And attempted to retrieve my message: