Cryptonic's Blog

DEEP CTF writeup PART-2

DEEP CTF writeup PART-2

Mohit Khemchandani's photo
Mohit Khemchandani
·

4 min read

Hello All, we are back with part-2 of DEEP CTF. Let’s start with the writeup.

  1. Crypto Category

i) Challenge Name — WarmUp

Download the file and open it.

This file contains binary, decimal, hex, and octal encoding. So, decode them in parts and we will get the flag.

Flag: d33p{Ju5t_4_N0rm4l_Ch4ll__Isn`t_1t?}

ii) Challenge Name — WTf`ish

Download the file and see the text.

It is a brainfuck language. Let’s decode it.

Yeah. We got the flag.

iii) Challenge Name — Ali3nAgain

As they are saying in challenge alien again. I think, this file containing alien language. Let’s check it.

let’s decode it. Using this site http://cs.oswego.edu/~dreichel/alienese_decoder/. You will get the flag.

Flag: d33p{POWERRANGERSPDFORCEWON}

iv) Challenge Name — WierdText

Download the file and see the text.

This is something weird text. But, they gave us a hint in the challenge that finds a new keyboard. Let’s find that there is any cipher related to the keyboard…OHH YES there is…Keyboard shift cipher.

Use it and decode it.

Voila…! You got the flag dude.

v) Challenge Name — Tr0ll

Download the file and check the text data.

It’s looking like base64. Let’s decode it.

Ohh nice…Troll..fake flag..let’s decode again.

Again…Troll..It’s a decimal. Let’s decode it.

Let’s decode it again.

It’s a base64. Let’s decode it.

Finally…! We got the flag.

vi) Challenge Name — Ali3nCalling

Download the file and check the png file.

It’s looking like pigpen cipher. Let’s decode it.

Yeah. We got the flag easily.

vii) Challenge Name — RSA 1.0

Download the file and see the data of the file.

It is having all the parameters for RSA. Let’s use the RSA Tool to get the flag.

Cool. We got the flag easily again.

2. Misc Category

i) Challenge Name — Welcome

This one is an easy challenge. Just fill the google form and you will get the flag.

Flag:d33p{w3lc0m3_to_d33pctf0x01!!!!!!!}

ii) Challenge Name- Let’s chat!

It’s simply saying to join the discord server. Join it and in announcements, you will get the flag.

iii) Challenge Name -Exploity Things

We have to just find the CVE for the given detail.

Google it.

Flag: d33p{CVE-2020-8813}

iv) Challenge Name — Old stuff

There is a paragraph that is saying the oldest way of hiding. Copy the text and google it.

Ohh… It’s Ceaser cipher. Yeah, It is one of the oldest techniques.

Flag: d33p{caesar}

v) Challenge Name — Weirdo

Download the file and see the text.

As we have hint 13–0x-64 means rot 13 →hex → base64.

Let’s decode it.

We got the hex. Let’s decode it.

We got the flag.

vi) Challenge Name — Should Have Used SSH.

Download the file.

We have extract files from capture, and we have 2 images :

Rename as a jpg file

I used ​stegcracker​ to brute-force passphrase.

Passphrase: murphy

Flag: ​d33p{f4c3s_c4n_b3_d3c3ptiv3}

3. Web Category

i) Challenge Name-Oh JS!

As challenge name says Oh JS!… means it’s related to javascript. Let’s check. Open the given URL. We got admin page. Now, check the source code. We find something…ohhhh.. that’s JS Fuck. Let’s decode it.

we got the admin username and password. Login through credentials. You will get the flag.

ii) Challenge Name — Magic Word!

Open the given URL.

Check the source code.

It’s removing the d33p and we have to magic_word=d33p to get the flag. Let’s change d33p with d33d33pp and submit.

Yes…! We got the flag.

iii) Challenge Name — Nothing is Impossible

Open the URL.

So, we are having PHP compiler here and as the description said that flag is located at /tmp/flag.php. Let’s get the flag.

flag.php had the a long output. So, I encoded that in base64.

Let’s decode base64.

Yeah, finally we got the flag.

So, this was our DEEP CTF journey. I hope, you guys like this. I tried my best to make the writeup better as much as possible. If you have any suggestions or responses. You can put it in the comment box. That’s all my side guys. Bye.. We will meet soon with a new writeup. If you like, it just shares it.

Authors:

Cryptonic007 (http://instagram.com/cryptonic007)

[Login * Instagram
Welcome back to Instagram. Sign in to check out what your friends, family & interests have been capturing & sharing…instagram.com](http://instagram.com/cryptonic007 "instagram.com/cryptonic007")

DreyAnd (instagram.com/dreycoding)

[Login * Instagram
Welcome back to Instagram. Sign in to check out what your friends, family & interests have been capturing & sharing…instagram.com](http://instagram.com/dreycoding/ "instagram.com/dreycoding")

Elweth (https://twitter.com/Elweth_)

[Elweth
The latest Tweets from Elweth (@Elweth_): "First part of write up for @deepctf0x01 t.co/OGhaMf46eQ"twitter.com](https://twitter.com/Elweth "twitter.com/Elweth")