More than 1 year has passed since last update.

UECTF2022

Last updated at 2022-11-29Posted at 2022-11-29

PWN

~$ nc uectf.uec.tokyo 30002
What is your name?
>aaaaaaaaaaaaaaa1
[DEBUG]:flag is UECTF{ye4h_th1s_i5_B0f_flag}
Hello aaaaaaaaaaaaaaa1.

UECTF{ye4h_th1s_i5_B0f_flag}

REV

A file

$ file chall
chall: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=cc6cbef9d855aa72b5673ebe2709fb27b75a6e67, for GNU/Linux 3.2.0, not stripped
$ file chall
chall: XZ compressed data
$ mv chall chall.xz
$ xz -dv chall.xz
chall.xz (1/1)
  100 %          2,032 B / 15.6 KiB = 0.127
$ cat chall
//略                                                                             �H��The flag is below:UECTF{Linux_c0mm4nDs_ar3_50_h3LPFU1!}Nice try, but you need to do a bit more...0����d��������������L�����zRx

UECTF{Linux_c0mm4nDs_ar3_50_h3LPFU1!}

Crypto

RSA

from Crypto.Util.number import getPrime, inverse, bytes_to_long, long_to_bytes, GCD

C=40407051770242960331089168574985439308267920244282326945397
p=1023912815644413192823405424909
q=996359224633488278278270361951
e=65537
d=pow(e,-1,(p-1)*(q-1))
M=pow(C,d,p*q)
flag=long_to_bytes(M)
print(flag)

$ python3 solve.py 
b'UECTF{RSA-iS-VeRy-51Mp1e}'

FORENSICS

Deleted

$ fls image.raw
r/r 4-128-1:    $AttrDef
r/r 8-128-2:    $BadClus
r/r 8-128-1:    $BadClus:$Bad
r/r 6-128-4:    $Bitmap
r/r 7-128-1:    $Boot
d/d 11-144-4:   $Extend
r/r 2-128-1:    $LogFile
r/r 0-128-6:    $MFT
r/r 1-128-1:    $MFTMirr
r/r 9-128-8:    $Secure:$SDS
r/r 9-144-11:   $Secure:$SDH
r/r 9-144-5:    $Secure:$SII
r/r 10-128-1:   $UpCase
r/r 10-128-4:   $UpCase:$Info
r/r 3-128-3:    $Volume
r/r 41-128-1:   mv_ARIMjapan_pc.jpg
r/r 41-128-3:   mv_ARIMjapan_pc.jpg:Zone.Identifier
r/r 44-128-1:   mv_choufusai2022_pc.png
r/r 44-128-3:   mv_choufusai2022_pc.png:Zone.Identifier
r/r 48-128-1:   mv_corona_pc.jpg
r/r 48-128-3:   mv_corona_pc.jpg:Zone.Identifier
r/r 46-128-1:   mv_oc2022-2-1_pc.tif
r/r 46-128-3:   mv_oc2022-2-1_pc.tif:Zone.Identifier
d/d 34-144-1:   System Volume Information
r/r 36-128-1:   uec.png
r/r 36-128-3:   uec.png:Zone.Identifier
r/r 45-128-1:   uec_ukraine_pc.jpg
r/r 45-128-3:   uec_ukraine_pc.jpg:Zone.Identifier
-/r * 37-128-1: test1.txt
-/r * 39-128-1: flag.png
//省略
$ icat image.raw 39 >flag.png

UECTF{TH1S_1M4G3_H4S_N0T_B33N_D3L3T3D}

MISC

WELCOME
UECTF{C4PTURE_TH3_FL4G_2022}

redaction gone wrong 1
PDFをコピペすればいい
UECTF{PDFs_AR3_D1ffiCulT_74d21e8}

GIF1

これ使いました。85枚目

UECTF{G1F_4N1M4T10NS_4R3_GR34T!!}

caesar

from string import ascii_uppercase,ascii_lowercase,digits,punctuation

ascii_all=''
for i in range(len(ascii_uppercase)):
  ascii_all=ascii_all+ascii_uppercase[i]+ascii_lowercase[i]
letter=ascii_all+digits+punctuation
print(letter)

$ python3 solve.py 
AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz0123456789!"#$%&'()*+,-./:;<=>?@[\]^_`{|}~

ふむ。-14すればいいね

from string import ascii_uppercase,ascii_lowercase,digits,punctuation


def decode(cipher):
  plain=''
  for i in cipher:
    index=letter.index(i)
    plain=plain+letter[(index-14)%len(letter)]
  return plain

ascii_all=''
for i in range(len(ascii_uppercase)):
  ascii_all=ascii_all+ascii_uppercase[i]+ascii_lowercase[i]
letter=ascii_all+digits+punctuation
cipher_text='2LJ0MF0o&*E&zEhEi&1EKpmm&J3s1Ej)(zlYG'
plain_text=decode(cipher_text)
print(plain_text)

$  python3 solve.py 
UECTF{Th15_1s_a_b1t_Diff1Cult_c43seR}

UECTF{Th15_1s_a_b1t_Diff1Cult_c43seR}

You get articles that match your needs
You can efficiently read back useful information
You can use dark theme

What you can do with signing up