CTF Writeups by @fazledyn

CyberTalents: Cryptography Category

CyberTalents: Cryptography Category

Ataf Fazledin Ahamed's photo
Ataf Fazledin Ahamed
·

2 min read

Table of contents

Crack The Hash

A hacker leaked the below hash online.
Can you crack it to know the password of the CEO?
1ab566b9fa5c0297295743e7c2a6ec27

Solution: Reversing the MD5 gives us Iamtheflag

Guess The Password

A hacker leaked the below hash online.
Can you crack it to know the password of the CEO?
The flag is the password
Hash: 06f8aa28b9237866e3e289f18ade19e1736d809d

Solution: Reversing the SHA-1 gives us jrahyn+

Postbase

We got these letters and numbers and don't understand them. Can you?
R[corrupted]BR3tCNDUzXzYxWDdZXzRSfQ==

Solution: The trailing == looks like a BASE64 string. Let's remove R[corrupted] part and decode it. We get G{B453_61X7Y_4R}. Now, it's common sense that the complete flag would be FLAG{B453_61X7Y_4R}

Hide Data

I used to hide my data with a classic cypher, can you get the flag hidden inside?
gur synt vf 2w68lsudym Vg vf cerggl rnfl gb frr gur synt ohg pna lbh frr vg v gbbx arneyl 1 zvahgr gb rapbqr guvf jvgu EBG13 tbbq yhpx va fbyivat gung

Solution: This looks like a classic ROT13 encryption. Let's decrypt and we get the following: 

the flag is 2j68yfhqlz It is pretty easy to see the flag but can you see it i took nearly 1 minute to encode this with ROT13 good luck in solving that

The flag is 2j68yfhqlz

RSA101

we received a message from our agent but we don't know how to use our key to read the message.

And a zip file is given. Solution: We're get an RSA private key, and a ciphertext. Let's use openssl to decrypt it using the terminal. 

openssl rsautl -decrypt -in cipher -out plain -inkey key.pem

And, we get the flag: flag{RSA_nice_try}

Up

We're given the message:

Every time you go up you will gain one ballon
ejxc{T0nY0J_BsUMS4}

Solution: By hunch, we can map ejxc to flag by adding their position in the string to themselves. After mapping each alphabetic character, we get: flag{Y0uG0T_MeHAH4}

Hash3rror

we got this corrupted hash password from a Pcap file with a note (password = sha-1(hash-result)).
HASH:77be5d24ed2e3e590045e1d6o7e84i50d2799c19f48ede46804a8734e287df120f

Solution: Look at the hash 77be5d24ed2e3e590045e1d6o7e84i50d2799c19f48ede46804a8734e287df120f

It's basically in hex format, right? But no, it has two illegal characters: o and i. Let's remove that. Now, it's 64 characters long, which is the length of a sha-256 hash.

We get the plaintext s3cr3tpassword. Now, as per instruction, we've to sha-1 encrypt it. After encryption, we get 83874343435092cb681c0d558a84bfeb389c32ed. That's our solution.

hacking#cybersecurityCryptography