2024-11-06

CBCTF 2024 Part 1

This will be a series of writeups from qualifying to finals. I will try to finish one per week till I get all of them out. Then maybe I’ll also do 2023’s as well. We’ll see if I have the time to properly do it.

Qualifying

Cryptography: Trust The Sequence [75 pts]

Description: “Like I said for the 80th time, always trust the sequence!” - Prof. Vign\xc3\xa8ron (lol scraper escaped the characters)

File: MESSAGE.txt Content:

Gkeosggjk zcv gs Oxhmkdn rgxogpcwohoeu gtrm yni Ygswerni sm Qkva, hurzkgguki zs if "vke ruwa vdnhtykh Dfuwewt qhvkgpgyogpbp rf yni Tkgfok Fmiz."

Ujh nfsi og lu furssuma faqrik, Hldrtfigp, xcv mfji br lp 1838 ee yni Mscqct-Oxhnlcq nnyxvskdn Lamsndwpk Qofyj cqd ny woquv iuw lmsjwv Bttejel ('urt tl Fvocfcn'). Nsdgygu, kakr lbtoijx, mu 1506, c qqwgwe sm ujh Htrc Yqpcq Krvmyf, Rhrnfssq pgqznurz Mgrnfxhv cv "Nlusgvkp Hlbttejel."

Hlhttejdk souaphtlbhj yni Pofr–Awgfpe qwpkwgp zzuwer or ajh Yhyykvu xquli vvpodtlrd zlypwjh mow jqprrynzmvo kq 1202 ok Rmigu Cegho (Fvpm rf Hgpjwocwott) eue cost oratrfxijj Ibsqse yu xog vgtajtgl ph Iigurhefk qarhiyt, ykihn ll wvgg gx gr lycppqk mu Nldhx Fhejj. Jls buvr, ylvk oyy tyfelsj yxywfvxxj grk egwanrik garogsgxpppv, cft fl nlmhtjj xv b yhlq-uvncqkcki iskf, thfqkgakqi kox arprwh cttxykewwottw ap odtmkqhvlev. Sftc aiqxgmz xog kkgjjt qltudgj cmajlp kox csyl yds jtgvfhf dy {gao4ugn4jnd4}, hya vkkv cfy e tjugiwkgakrp.

Iogurhdel wfy fvtq cuuzth 1170 ap Ixgqoisor, cq Oygppbp pewilhpw cqj hawapov oklmjkdn. Jalrmlmor dnxijvhf d zwghpoi soxz mu Dxilg (Gknhjc), ln ruhltq-fde Frklskd. Fnhsucfel zwgzlmgg wnzl okp cv g duyuh dry, fth pv zcv os Hynjc (Dllkvpc) zjhxj ni dbu hdzieagg vkgy ni sfcunjj eiqxv wnj Nmuew–Drfhmj pxohxfr wftvhm.

Kofvpdefo yxecfnhd fxsbpg vkk Rkhpugurftihp fqdyy, silukqg boxo odpb sjxgobpws fth sgdtqosm eipww tmkmy ubuwkry sm eqlnl gvpvkohzni. Ll tqrn wkeskcgg zmk qhoa ddagracjgv uk zll Ikqdz-Gvhdle vexzit, xjlcm, arskng wnj Xstbp qurkvhnv wvki gx aig wirk, esnryhj jgwf dcoczreakrp xyntk h qndcj-beswh ubyykq. Po 1202, jh ctstsgwgg zmk Ppcgu Agggp (Drqn uk Gfhdwv ow Zll Drqn uk Iesdwoayosu), ykkfn uutbmcuiekh Okqfx–Gwgfpd pxmjxesu lp Hawutl. Ujls xewagp'u frfxmaz cqd jljpelgqid ciyf cv twgrzhrtpgyozl bu iisjmui d jljikr rfa, puhn ppmh vkk uxsjfuv ok arjqyguosm gvoehaqkh tgvudmjy. Wvng whtakov wjh iqai tjikt gk iuerfhj fy {r0aujhfq4m}, fbv wjly bgw hmur mnyplcgkqm.

Kofvocfcn cez c jwhyy uj Lnrhrtx Jyggguohq MP, xjr espsfgg odzmkqhukfs fth zelgqij. G qlndhr tl Jyggguohq MP't eruwz, Nvjq qi Vfriynq, soxkh zgygugq wyltvlosy fhuhf rt Fxei ncwhjseakfco ctxoz gqu Fnhsucfel zt ysswg. Ln 1240, yni Ygswerni sm Qkva murvthf Iogurhdel (rjliythf wu fy Plppdriu Fpirnou) ge kybpwism lpo d udrfxc po c gehxil vkcw xjisnokcei nmt hrt wnj yiywkfex zlhv kg kgi mmcfp wo yni jkwa dy ft ekwkvow ur tcwvhxx uj hderuszmui dpg osyxyvewitt xv elvlfjtw.

Mjdrnfigp kv vkuzmla uq kaak hpgg dhzbkiu 1240 bpg 1250, is Vmzc. Kkv ctxo, zvek ax Rmigu Cegho, muutrdziik vkg Kosjy–Hsceih tytguco ydyxln, ykihn vlxrnxznurpagg cfrgbndvlusy eue jdd f rezvlpj orveju qq Ezxswgdp wntakou. Vke gxmsnlcqij uj Mjdrnfigp’u fqqzwofbukrnx ow hmlp wu korkjpj a mohkgq ohyxgkl xkwhnt e ccvv vkf uj uvoeewy, e tgvudmj zlhu uxbyrc wtreognsw: {1s0w3h1e0n4hi1}.

Mu vkg Oogkv Hccfi (1202), Kofvpdefo ntxypfxcjj xog vq-fgqrik nqgux Orkquwp (sjzlve qi tmk Muflcqy), yuhhz mqobt ez vkg Kosjy–Hsceih tytguco ydyxln, yltm ziu flilzx orjmwgism e gguq dti vszjvlosgp uqwcwott. Xof drop ylvyhf wnj vvhdvlcfr yzg dpg bfryl ph whny ff csroentk aig qurkvhnv vr itsqlselaq hsvmnghvntk, jppyewzmui zglmmzw hof pefyyygv, edrhaphukrn tl muvhthyy, ssufa-fhftkppj, cqj tzlls cspqoghvlqqy. Yni ipqn wfy alno-thijozle vkrtakoqxv hjzieaff Huwutl cqf kgi g typhrusj mtrdew us Kyyprhas zlvwjjw. Xjvphdkqg Wuqhp qwpkwgpz, jvv asimlpw Gjeuzmho oxlyotskfcwott qlujrd, fth bulpj gs gfhdwv ftx ghnfwogyosut yds ft ekxdpfk nt qhlkqg gawpphuv ifrgbmcwittw lcvkhx fth mbuwew, clpek cvynyxle vke lxsdvk qi hftopoi dni ggjqxpwosm mu Fwuouk.

Solve: The hint points towards Vigenere, tried a few solvers online and found one that works and then it’s just copy/pasting the content. URL of solver: https://www.guballa.de/vigenere-solver

What it looks like:

As seen above, the solver found the key to be bcdafgehcdcdgfgeh.

Flag: CBCTF{1l0v3f1b0n4cc1}

Web Challenges

There were three web challenges for the qualifying, sadly I did not take any screenshots. However I still remember how they were solved.

Flag Hunter [75 pts]

Description: Welcome agent flag hunter, you\xe2\x80\x99re going to need this flag for your next mission. link

Solving steps: The link brings you to a website that says you need to use a Nintendo 3DS to get the secret information or something like that. So all you need to do is to use this User-Agent: Mozilla/5.0 (Nintendo 3DS; U: en) Version 1.7498 US which is one of the Nintendo 3DS user agents for its browser.

curl --header 'User-Agent:Mozilla/5.0 (Nintendo 3DS; U: en) Version 1.7498 US' {URL} will give you the flag.

Flag: CBCTF{y0urm15510n5h0uldy0uch0053704cc3p7}

Unemployed [75 pts]

Description: Looking for another job? Yeah yeah just put the fries in the bag man link USERNAME = johndoe PASSWORD = password123

Solving steps: The link brings you to a job website. You just log in using the link above then. You will see the following:

Clicking on Profile will show:

With the following URL: https://unemployed.cyberbattle.info/profile?id=MQ

The id parameter MQ is a base64 encoded value for 1. When we increment the id parameter by 1, which equals Mg=2. We can then see the flag reflected on the page.

Flag: CBCTF{g1v3_m3_4_j0b!!!!!}

As you’ve read, the challenges are all pretty simple and straightforward. I will write a part 2 at the end of the week!

Thanks for reading! 😄