



Sanity

Misc

Crypto

Forensics

Web

Pwn

Reverse

Sanity Check 1

evlz{I_pledge_to_play_fair_and_I_promise_to_not_attack_the_infrastructure}ctf

Sanity Check 2





[1]

# zip2john flag.zip > ziphash

[2]

# john --wordlist=/usr/share/wordlists/rockyou.txt ziphash

Using default input encoding: UTF-8

Loaded 1 password hash (PKZIP [32/64])

Will run 2 OpenMP threads

Press 'q' or Ctrl-C to abort, almost any other key for status

!!!0mc3t (flag.zip/flag.txt)

1g 0:00:00:01 DONE (2019-02-03 13:55) 0.6134g/s 8798Kp/s 8798Kc/s 8798KC/s !!rebound!!..*7¡Vamos!

Use the "--show" option to display all of the cracked passwords reliably

Session completed





As seen in the output above, !!!0mc3t was the password.

652076206c207a207b207320302075206e2064205f20302066205f206d2075203520692063207d206320742066

e v l z { s 0 u n d _ 0 f _ m u 5 i c } c t f

Don't Blink

# convert persistant.gif -transparent white result.gif





Jail

Your input:

/bin/bash

bash-4.3$ ls

bash: ls: command not found

bash-4.3$ cd /home/u1/ #note: tab completion output seen below this line

.bash_profile Desktop/ Music/ Videos/ flag.txt

.bashrc Documents/ Pictures/ bin/ programs/

bash-4.3$ echo "$(</home/u1/flag.txt)"

bash-4.3$ echo "$(</home/u1/flag.txt)" 1>&2

Pass: evlz{0ut_0f_ech0}ctf

bash-4.3$

Goddamnit Mark! Learn how to type you f00l

rollllllin about an axis boi

+/*386-112

I recently heard of the Evlz CTF from a reddit post in /r/securityCTF by u/coffee-loop. The CTF is put on by Al Capwn, a collaboration of Indian college CTF players with members from eavesdroppers, UPES, and Amrita University.Holy macaroni did this competition blow me away! There were so many quality challenges I can't believe it was limited to less than 48 hours. I only had about 6 hours between Saturday and Sunday to put towards the challenges so I was only able to get a few of the "easy" ones.They had multiple challenges for each of the following categories:I have write ups for the Sanity challenges as well as two of the Misc challenges.Let's get started:1 point, simply enter the flag that was set for the ctf channel in the evlzctf slack workspace.50 points. This challenge provided a link to the following QR code:I scanned the code and obtained the following link: link: https://www31.zippyshare.com/v/09nlhIKo/file.html(Warning - this website causes cancer)The zippyshare website was full of fake download buttons and pornographic popups. However, if you hovered your mouse over the download button above the "Advertisement" section, you could copy this link to download flag.zip: https://www31.zippyshare.com/d/09nlhIKo/384/flag.zipThe zip file was password protected.Here's how I solved this one:I then unzipped the flag.txt file and that's where I found the following string:I took a lazy approach to this part of the challenge and sent it to cyberchef and used "magic" to decode the string. Magic used from hex to convert the reveal the flag:I manually removed the spaces and submitted the flag.This challenge was an animated gif that flashed small lines and color blotches as it looped. I figured I'd need to piece each frame together in order to see the complete image. I loaded the gif in to gimp and found that the backgrounds were solid white so I couldn't simply merge them.I did a bit of googling and found a command that would change the white background in each frame to transparent:I then opened up result.gif with gimp and got the flag:This one was 100 points.I didn't solve this challenge while the CTF was open so I didn't receive the 290 points it was worth at the time. I ended up chatting with Stroppa (no relation) about this one after the event ended and they set me straight with my redirects which was key to solving this one. Anyway, I forgot to document what I did the 100 point WeTheUsers web app challenge so I'm going to call it even and post this writeup instead.This challenge had you ssh to a box with a specific user, password, and port combination.When connected, you were in a restricted shell that simply prompted you with "Your input:"I entered /bin/bash as my input which dropped me to a quasi usable shell. What made this a real challenge for me was the extremely limited set of commands you could run, and the fact that all command output was not sent to standard out.Tab completion helped me find the file that contained the flag, and ultimately, redirecting standard out to standard error got me the flag. Here's the commands that I used to solve this one:I have some other notes on partially solved challenges, but I don't feel they are worth posting at this point. For instance, if anyone knows what to do with this:I'd love to hear about it! I found this text by following the link to a pastebin site that I found in a file that I pulled out of an image using steghide and a password I found using strings. Apparently what I posted there was 1 of 6 challenges. #humbledThis competition was pretty amazing. I wish I the team together in a room to hack on this one and I'm definitely going to be watching for what these folks do in the future.-strupo_