Jump to content
Tuts 4 You

LabyREnth Capture the Flag (CTF) Challenge - 2017


crystalboy

Recommended Posts

On binary #5 is each Level revealing a real part of the flag or do I have to decrypt that later one? I'm wondering because after solving the first password it shows me just garbage but not real text which could be a part of the flag. Also the second Level is about doing something with the image right?

 

 

for Level 2 I would guess Steganography or something inside the actual PNG (bytes)

Edited by Castor
Link to comment
Share on other sites

So I made it so far, well not that far, fell flat on me face to be fair...

So i'm at the following places;

Spoiler

 

Doc2 seriously wtf with some many docs having the same powershell, all same size too, well within a kb.

bin2 Whats the best way to capture the value and submit it to the site, as cut n paste is too slow even after a line.

mob2 not looked at yet, the first hurt way too much, i'm scared to go back.

prog3 whats the strategy for this planning a few moves ahead is failing even after 400 goes :)

threat2 I dunno if I can be arsed to write a 300 long yara nibble when binwalk says I only got zeroes and the mz header to work with..

needle, got the .wmf but what tool should i use on it, it's freaking tiny?

fixed the elf header but get segfault

 

Any help would be great.

Link to comment
Share on other sites

Well, you haven't gotten very far, have you? :)

Doc2 - automate things. Some powershells print different output.

Bin2 - yes, that's what this challenge is all about. I made some inline patches - but I'm not saying it's the easiest way.

Prog3 - no idea, stuck there too. Check Twitter for hints from people who have solved it.

Threat2 - read last year solutions for Threat#6 (?), it's pretty much the same task, just bigger.

Needle - it's random #5 and it's hard. Better leave it alone. And wmf is not the answer you're looking for.

Link to comment
Share on other sites

43 minutes ago, DivBy0 said:

Doc2 seriously wtf with some many docs having the same powershell, all same size too, well within a kb.

File size does matter and will be a shortcut for you.

14 minutes ago, kao said:

Well, you haven't gotten very far, have you? :)

 

  Hide contents

Doc2 - automate things. Some powershells print different output.

Bin2 - yes, that's what this challenge is all about. I made some inline patches - but I'm not saying it's the easiest way.

Prog3 - no idea, stuck there too. Check Twitter for hints from people who have solved it.

Threat2 - read last year solutions for Threat#6 (?), it's pretty much the same task, just bigger.

Needle - it's random #5 and it's hard. Better leave it alone. And wmf is not the answer you're looking for.

 

Is there a Random track this year?! I only see Binary, Mobile, Docs, Programming and threat.

Link to comment
Share on other sites

Randoms are random. Walk to dead ends, read hints. Look for areas that look odd. Like a big splotch of grey where you'd expect black. You'll know it's a random when you find a riddle. Really, just follow every dead end. 

The randoms are my favorite this year. Especially #3 (dogs). 

I may make a grid map of the labyrinth. not sure if that'll break the rules for "finding" the randoms

 

Link to comment
Share on other sites

@Rurik: where's Random #6? Can't find it, even after visiting all dead ends, making a map and revisiting every single place.. :D PM or hint would be appreciated..

 

Link to comment
Share on other sites

Just now, kao said:

@Rurik: where's Random #6? Can't find it, even after visiting all dead ends, making a map and revisiting every single place.. :D PM or hint would be appreciated..

 

Don't think I have #6. Wasn't that the one they just released last Friday? Unfortunately they don't tell you the # until you submit it.

 

Spoiler

I have rainbow, pet, beta, cake, needle

 

Link to comment
Share on other sites

This may be it, but I have no clue how to 'activate' it.

Spoiler

Left side of map, at the dead end of the vertical hallway to the left of "O" (of ROYGBIV).
Searched through screenplay of movie for hints. Not seeing anything.
 

This dead end is just like the last one.
 
Until a little girl walks out of the corner of the room crying and
carrying an almost extinguished candle. 'Excuse me, can you help? My
best friend keeps running away every time I run closer. My candle is
almost out and I fear I'll never see him again! Please help!' she
wails miserably.

 

Edited by Rurik
Link to comment
Share on other sites

1 hour ago, Rurik said:

This may be it, but I have no clue how to 'activate' it.

  Reveal hidden contents

Left side of map, at the dead end of the vertical hallway to the left of "O" (of ROYGBIV).
Searched through screenplay of movie for hints. Not seeing anything.
 

This dead end is just like the last one.
 
Until a little girl walks out of the corner of the room crying and
carrying an almost extinguished candle. 'Excuse me, can you help? My
best friend keeps running away every time I run closer. My candle is
almost out and I fear I'll never see him again! Please help!' she
wails miserably.

 

It is a riddle, though it doesn't seem to be.

Link to comment
Share on other sites

1 hour ago, tec said:

It is a riddle, though it doesn't seem to be.

You are correct. It wasn't worded like a riddle, but I got it. Thanks.

Link to comment
Share on other sites

Any hint on threat 1.I am new to pcap analyze.
BTW, Found some weird strings in wireshark.

 

Regards,

Br. akkaldama

Link to comment
Share on other sites

On 6/27/2017 at 1:09 PM, kao said:

@Castor: Ignore those, you'll get a proper flag in the end.

I disagree with this. On Binary 5 I have a proper flag for 1, 2, 5. A broken one for 3, and a 90% proper one for 4.  From your statement it'd suggest that all you'd need is the correct answer at the end, but after 5 I'm getting a corrupted value.

Edited by Rurik
Link to comment
Share on other sites

@Rurik: Let me clarify that.. you don't need to write down those values or crack them or anything like that. Once all 5 levels are correctly answered, you'll get a flag.

Link to comment
Share on other sites

7 minutes ago, kao said:

@Rurik: Let me clarify that.. you don't need to write down those values or crack them or anything like that. Once all 5 levels are correctly answered, you'll get a flag.

Ah, that makes sense. From the original question, I took it as the "correct hash" was showing corrupt (like mine is for #3). But if all 5 are showing hash values, then it should work, yes.

Link to comment
Share on other sites

Hey, here is hoping for a slight nudge of docs #3.

Spoiler

I got the jpegs (one is a little messed up from the pcap, reversed the exe and found the key 0xXX. No idea what to do anymore. I tried using the key against the pictures, but that doesnt really seem to be doing anything. If i am giving away too much about the challenge, my apologies.

 

Link to comment
Share on other sites

17 hours ago, Rurik said:

Ah, that makes sense. From the original question, I took it as the "correct hash" was showing corrupt (like mine is for #3). But if all 5 are showing hash values, then it should work, yes.

I had that problem too, 1 and 5 were corrupted. Still the password was valid but the output was just byte-garbage if you can say it like that. So I've solved 1 again and saw that my calculation had wrong values at the end and fixed them. Also in the last Level one character was wrong but the password got accepted.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...