This page looks best with JavaScript enabled

TryHackMe - CTF collection Vol.1

 ·  ☕ 6 min read  ·  ✍️ sckull

CTF collection Vol.1 es una serie de retos de TryHackMe aqui encontrarás la solucion para obtener las flags.

Informacion de la Maquina

Titulo CTF collection Vol.1
Info Sharpening up your CTF skill with the collection. The first volume is designed for beginner.
Puntos 3173
Dificultad Facil
Maker Deskel

What does the base said?

Can you decode the following?
Reto:

1
VEhNe2p1NTdfZDNjMGQzXzdoM19iNDUzfQ==

Reto:

1
Base64

Meta meta

Solucion:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
➜  ctf_collection_vol1 exiftool Findme.jpg 
ExifTool Version Number         : 10.80
File Name                       : Findme.jpg
Directory                       : .
File Size                       : 34 kB
File Modification Date/Time     : 2020:02:12 17:29:21-06:00
File Access Date/Time           : 2020:02:12 17:29:54-06:00
File Inode Change Date/Time     : 2020:02:12 17:29:49-06:00
File Permissions                : rw-rw-r--
File Type                       : JPEG
File Type Extension             : jpg
MIME Type                       : image/jpeg
JFIF Version                    : 1.01
X Resolution                    : 96
Y Resolution                    : 96
Exif Byte Order                 : Big-endian (Motorola, MM)
Resolution Unit                 : inches
Y Cb Cr Positioning             : Centered
Exif Version                    : 0231
Components Configuration        : Y, Cb, Cr, -
Flashpix Version                : 0100
Owner Name                      : THM{... snip ...}
Comment                         : CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 60.
Image Width                     : 800
Image Height                    : 480
Encoding Process                : Progressive DCT, Huffman coding
Bits Per Sample                 : 8
Color Components                : 3
Y Cb Cr Sub Sampling            : YCbCr4:2:0 (2 2)
Image Size                      : 800x480
Megapixels                      : 0.384
➜  ctf_collection_vol1

Mon, are we going to be okay?

Something is hiding. That’s all you need to know.

Solucion:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
➜  ctf_collection_vol1 steghide info Extinction.jpg 
"Extinction.jpg":
  format: jpeg
  capacity: 1.3 KB
Try to get information about embedded data ? (y/n) 

➜  ctf_collection_vol1 steghide info Extinction.jpg
"Extinction.jpg":
  format: jpeg
  capacity: 1.3 KB
Try to get information about embedded data ? (y/n) y
Enter passphrase: 
  embedded file "Final_message.txt":
    size: 79.0 Byte
    encrypted: rijndael-128, cbc
    compressed: yes
➜  ctf_collection_vol1 steghide extract -sf Extinction.jpg 
Enter passphrase: 
wrote extracted data to "Final_message.txt".
➜  ctf_collection_vol1 cat Final_message.txt 
It going to be over soon. Sleep my child.

THM{... snip ...}
➜  ctf_collection_vol1

Erm……Magick

Huh, where is the flag?
Solucion:
image

QRrrrr

Such technology is quite reliable.
Solucion:
image

Reverse it or read it?

Solucion:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
➜  ctf_collection_vol1 r2 hello.hello   
[0x00001060]> aaa
[x] Analyze all flags starting with sym. and entry0 (aa)
[x] Analyze len bytes of instructions for references (aar)
[x] Analyze function calls (aac)
[x] Use -AA or aaaa to perform additional experimental analysis.
[x] Constructing a function name for fcn.* and sym.func.* functions (aan)
[0x00001060]> afl
0x00001000    3 23           sym._init
0x00001030    1 6            sym.imp.puts
0x00001040    1 6            sym.imp.printf
0x00001050    1 6            sub.__cxa_finalize_248_50
0x00001060    1 43           entry0
0x00001090    3 33           sym.deregister_tm_clones
0x000010c0    3 50           sym.register_tm_clones
0x00001100    4 49           sym.__do_global_dtors_aux
0x00001140    1 5            entry1.init
0x00001145    1 24           sym.skip
0x0000115d    1 23           sym.main
0x00001180    4 93           sym.__libc_csu_init
0x000011e0    1 1            sym.__libc_csu_fini
0x000011e4    1 9            sym._fini
[0x00001060]> pdf @sym.skip
/ (fcn) sym.skip 24                                                                                                         
|   sym.skip ();                                                                                                            
|           0x00001145      55             push rbp                                                                         
|           0x00001146      4889e5         mov rbp, rsp                                                                     
|           0x00001149      488d3db80e00.  lea rdi, qword str.THM_345y_f1nd_345y_60 ; 0x2008 ; "THM{... snip ...}"
|           0x00001150      b800000000     mov eax, 0
|           0x00001155      e8e6feffff     call sym.imp.printf         ; int printf(const char *format)
|           0x0000115a      90             nop
|           0x0000115b      5d             pop rbp
\           0x0000115c      c3             ret
[0x00001060]>

Another decoding stuff

Can you decode it?
Reto:

1
3agrSy1CewF9v8ukcSkPSYm3oKUoByUpKG4L

Solucion:
image

Left or right

Left, right, left, right… Rot 13 is too mainstream. Solve this

Reto:

1
MAF{atbe_max_vtxltk}

Solucion:
image

Make a comment

No downloadable file, no ciphered or encoded text. Huh …….

Solucion:
image

Can you fix it?

I accidentally messed up with this PNG file. Can you help me fix it? Thanks, ^^

Pasamos el archivo a Hexadecimal, editamos el archivo y reemplazamos la cantidad de “magic numbers” de un archivo PNG, luego de esto podemos obtener nuestra imagen renderizando la con CyberChef.

Reto:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
➜  ctf_collection_vol1 xxd -p spoil.png > spoil_hex_data
➜  ctf_collection_vol1 head spoil
head: cannot open 'spoil' for reading: No such file or directory
➜  ctf_collection_vol1 head spoil_hex_data 
2333445f0d0a1a0a0000000d4948445200000320000003200806000000db
700668000000017352474200aece1ce9000000097048597300000ec40000
0ec401952b0e1b0000200049444154789cecdd799c9c559deff1cf799e5a
bb7a5f927477f640480209201150c420bba288a8805c19067c5d64c079e9
752e03ce38e30e8e2f75e63a23ea8c0ce8308e036470c191cd80880c4b20
0909184c42b64ed2e9f4bed7f23ce7fe51559dea4e27a4bbaaf7effbf5ea
57d2d5554f9daa7abafa7ceb9cf33bc65a6b1111111111111907ce443740
4444444444660e0510111111111119370a202222222222326e1440444444
444464dc28808888888888c8b8510011111111119171a300222222222222
e34601444444444444c68d028888888888888c1b0510111111111119370a
➜  ctf_collection_vol1 vim spoil_hex_data 
➜  ctf_collection_vol1 head spoil_hex_data
89504E470D0A1A0A0000000d4948445200000320000003200806000000db
700668000000017352474200aece1ce9000000097048597300000ec40000
0ec401952b0e1b0000200049444154789cecdd799c9c559deff1cf799e5a
bb7a5f927477f640480209201150c420bba288a8805c19067c5d64c079e9
752e03ce38e30e8e2f75e63a23ea8c0ce8308e036470c191cd80880c4b20
0909184c42b64ed2e9f4bed7f23ce7fe51559dea4e27a4bbaaf7effbf5ea
57d2d5554f9daa7abafa7ceb9cf33bc65a6b1111111111111907ce443740
4444444444660e0510111111111119370a202222222222326e1440444444
444464dc28808888888888c8b8510011111111119171a300222222222222
e34601444444444444c68d028888888888888c1b0510111111111119370a
➜  ctf_collection_vol1

Solucion:
image

Read it

Some hidden flag inside Tryhackme social account.

Solucion:
image

Spin my head

What is this?

Reto:

1
++++++++++[>+>+++>+++++++>++++++++++<<<<-]>>>++++++++++++++.------------.+++++.>+++++++++++++++++++++++.<<++++++++++++++++++.>>-------------------.---------.++++++++++++++.++++++++++++.<++++++++++++++++++.+++++++++.<+++.+.>----.>++++.

Solucion:
image

An exclusive!

Exclusive strings for everyone!
Reto:

1
2
S1: 44585d6b2368737c65252166234f20626d
S2: 1010101010101010101010101010101010

Solucion:

1
2
3
4
5
6
script.py
s1 = "44585d6b2368737c65252166234f20626d"
s2 = "1010101010101010101010101010101010"

a = hex(int(s1, 16) ^ int(s2, 16))[2:]
print(bytes.fromhex(a).decode('utf-8'))

Binary walk

Please exfiltrate my file :)

Solucion:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
➜  ctf_collection_vol1 binwalk hell.jpg 

DECIMAL       HEXADECIMAL     DESCRIPTION
--------------------------------------------------------------------------------
0             0x0             JPEG image data, JFIF standard 1.02
30            0x1E            TIFF image data, big-endian, offset of first image directory: 8
265845        0x40E75         Zip archive data, at least v2.0 to extract, uncompressed size: 69, name: hello_there.txt
266099        0x40F73         End of Zip archive, footer length: 22

➜  ctf_collection_vol1 binwalk hell.jpg -e

DECIMAL       HEXADECIMAL     DESCRIPTION
--------------------------------------------------------------------------------
0             0x0             JPEG image data, JFIF standard 1.02
30            0x1E            TIFF image data, big-endian, offset of first image directory: 8
265845        0x40E75         Zip archive data, at least v2.0 to extract, uncompressed size: 69, name: hello_there.txt
266099        0x40F73         End of Zip archive, footer length: 22

➜  ctf_collection_vol1 ls
Extinction.jpg     Findme.jpg  _hell.jpg.extracted  help.txt  spoil_hex_data  ti.py
Final_message.txt  hell.jpg    hello.hello          img       spoil.webp
➜  ctf_collection_vol1 ls _hell.jpg.extracted 
40E75.zip  hello_there.txt
➜  ctf_collection_vol1 cat _hell.jpg.extracted/hello_there.txt
Thank you for extracting me, you are the best!

THM{... snip ...}
➜  ctf_collection_vol1

Darkness

There is something lurking in the dark.

Solucion:
image

A sounding QR

How good is your listening skill?

P/S: The flag formatted as THM{Listened Flag}, the flag should be in All CAPS

Solucion:

QR:
image

Descargamos el archivo de audio y utilizamos Speech to Text.
image

Dig up the past

Sometimes we need a ‘machine’ to dig the past.

Reto:

1
2
Targetted website: https://www.embeddedhacker.com/
Targetted time: 2 January 2020

Utilizamos web.archive.org para obtener nuestra flag en la fecha descrita.

Solucion:
image

Uncrackable!

Can you solve the following? By the way, I lost the key. Sorry >.<

Reto:

1
2
3
MYKAHODTQ{RVG_YVGGK_FAL_WXF}

Flag format: TRYHACKME{FLAG IN ALL CAP}

Utilizamos Vignere Decoder para obtener primero la KEY, utilizamos el formato del flag como KEY (TRYHACKME), luego de eso utilizamos el mismo formato de lo que obtuvimos.

Solucion:
image

image

Small bases

Decode the following text.

Reto:

1
581695969015253365094191591547859387620042736036246486373595515576333693

Solucion:

Decimal > Hex

Hex - Ascii

Read the packet

I just hacked my neighbor’s WiFi and try to capture some packet. He must be up to no good. Help me find it.

Solucion:

HTTP Wireshark.
image

Share on

sckull
WRITTEN BY
sckull
Pentester wannabe

THM: CTF collection Vol.1