c4ptur3-th3-fl4g writeup
TryHackMe- c4ptur3-th3-fl4g : A beginner level CTF challenge
Link to THM Room : c4ptur3-th3-fl4g
Challenge is based on 5 Tasks :
- [Task 1] Translation & Shifting
- [Task 2] Hashes
- [Task 3] Spectrograms
- [Task 4] Steganography
- [Task 5] Security through obscurity
Right! Let’s start cracking
- [Task 1] Translation & Shifting:
These tasks consists of decoding the cypher texts under Base’ encoding, Binary, HEX, Morse code etc…
Q1. c4n y0u c4p7u23 7h3 f149?
hint: This one is simple just put some logic to decode the cypher or google LEET decoder.
4 - A, 0 - O, 7 - T, 2 - R, 3 - E, 1 - L, 9 - G
ans: So, this becomes, cAn yOu cApTuRE ThE fLAG
Q2. 01101100 01100101 01110100 01110011 00100000 01110100 01110010 01111001 00100000 01110011 01101111 01101101 01100101 00100000 01100010 01101001 01101110 01100001 01110010 01111001 00100000 01101111 01110101 01110100 00100001
hint: All 0’s and 1’s, Binary encoding. Use binary decoder
ans: lets try some binary out!
Q3. MJQXGZJTGIQGS4ZAON2XAZLSEBRW63LNN5XCA2LOEBBVIRRHOM======
hint: Base32 encoded, viewing the Capital case alphabets and most specifically lots of ====== in end. cyberchef
ans: base32 is super common in CTF’s
Q4. RWFjaCBCYXNlNjQgZGlnaXQgcmVwcmVzZW50cyBleGFjdGx5IDYgYml0cyBvZiBkYXRhLg==
hint: Base64, mixed capital and small alphabets and == in end. cyberchef
ans: Each Base64 digit represents exactly 6 bits of data.
Q5. 68 65 78 61 64 65 63 69 6d 61 6c 20 6f 72 20 62 61 73 65 31 36 3f
hint: HEX, mixed char-sets of numbers and letters, also known as BASE16. cyberchef
ans: hexadecimal or base16?
Q6. Ebgngr zr 13 cynprf!
hint: ROT-13 or Rotate 13, a Caesar cypher (google if you want to learn more). cyberchef
Q7. **@F DA:? >6 C:89E C@F?5 323J C:89E C@F?5 Wcf E:>6DX
hint: ROT-47 or Rotate 47, a Caesar cypher as well. cyberchef
ans: You spin me right round baby right round (47 times)
Q8. - . .-.. . -.-. — – – ..- -. .. -.-. .- - .. — -.
. -. -.-. — -.. .. -. –.
hint: Morse code, one used in telecommunication {you know beep..beep stuff}. cyberchef
ans: TELECOMMUNICATION ENCODING
Q9. 85 110 112 97 99 107 32 116 104 105 115 32 66 67 68
hint: Decimal or Base10, BCD{Binary Coded Decimal}. cyberchef
ans: Unpack this BCD
Q10. I don’t mean to spam this page with that long encoding so better copy it from the room and refer to following link ;-)
hint: This one is littile tricky, decoding needs to be done in various levels, refering to previous task completed.
- level 1 : Base64
- level 2 : Morse code
- level 3 : Binary
- level 4 : ROT47
- level 5 : BCD(decimal)
ans: Let’s make this a bit trickier…
- [Task 2] Hashes:
These tasks consists of decoding the unhashing various modes of hashes like MD’s, sha’s etc… Hence, we could use the imfamous tool Hascat to decode all these hashes but depending on the time it takes to find the corresponding hashes it might take significant amount of time, therefore, there’s plenty of online tools to do the hash cracking tasks and as mentioned in room itself we can use CyberChef or md5hashing.net to complete this room.
However I recommend md5hashing and md5decrypt
Q1. 39d4a2ba07e44421c9bedd54dc4e1182
hint: MD2, use md5hashing as there’s an option as search by all hash types to make it easier.
ans: MDwhat?
Q2. e0418e7c6c2f630c71b2acabbcf8a2fb
hint: MD4, use tool as per your convenience.
ans: digest the message algorithm
Q3. efbd448a935421a54dda43da43a701e1
hint : MD5
ans: 128-bit of delicious hash values
Q4. 11FE61CE0639AC2A1E815D62D7DEEC53
hint: Windows hashing NTLM to be precise
ans: Microsoft has encryption?
Q5. a361f05487b879f25cc4d7d7fae3c7442e7849ed15c94010b389faafaf8763f0dd022e52364027283d55dcb10974b09e7937f901584c092da65a14d1aa8dc4d8
hint: sha512
ans: 1024 bit blocks!
Q6. d48a2f790f7294a4ecbac10b99a1a4271cdc67fff7246a314297f2bca2aaa71f
hint: sha256
ans: Commonly used in Blockchain
Q7. a34e50c78f67d3ec5d0479cde1406c6f82ff6cd0
hint: sha1
ans: The OG
- [Task 3] Spectrograms
Q1. Download the file
hint: Here we have a .wav file. Open the audio file in any sound or music editor, example Audacity as recommended in room itself. However I prefer Sonic Visualizer, but feel free to use any as per your convenience.
I’m using Sonic Visualizer to do this task, if you got one installed do as follows to crack the message in the audio.
open file > select “Pane” from meny bar > select “waveform” > can see message on the screen.
ans: super secret message
- [Task 4] Steganography:
The art of concealing files, images, messages etc. in another file…. Very common in ctf’s.
Q1. Decode the image to reveal the answer.
hint: We are given a file to download, do it now ! It’s a regular JPEG image, cute eh ???
Well let’s check if there’s anything for us worth keeping.
Feel free to check metadata with Exiftool, however, I didn’t find anything interesting so… steghide to crack the image.
- steghide extract -sf stegosteg.jpg
no passphrase required so just hit Enter for passphrase
-
wrote extracted data to “steganopayload2248.txt”.
-
cat steganopayload2248.txt
ans: SpaghettiSteg
- [Task 5] Security through obscurity
Q1. Download and get ‘inside’ the file. What is the first filename & extension?
hint: well this one needed passphrase to extract, I looked up with exiftool and stegoveritas, but failed to find any potentail clue for passphrase, then I just used cat meme.jpg, and what do you know, the answer to both questions were given out in plain sight…
ans: hackerchat.png
Q2. Get inside the archive and inspect the file carefully. Find the hidden text.
hint: “get inside the archive” ring any bell???
ans: AHH_YOU_FOUND_ME!
With that the room is completed, Congrats !!!
Fun room created by dcdavidlee, pretty straight forward.
feel free to DM me for queries on THM @xavag3djang0.
Thank you for reading, hope you enjoyed cracking. ;)