weekend CTF 2020 by Cyber talents

Writeups[code,sharp,Replay, F4c70r5,TCP]

general information

code
Q) is a small piece of code used as the payload in the exploitation of a software vulnerability.

answer : shellcode

digital forensics

sharp

extract files

oppps :3

To solve this challenge ,I just use exiftool , I find an interesting hex values in “Comment” after extracting the metadata of all images via exiftool :

flag{l00king_sh4rper_n0w}

digital forensics

Reply

zoom wave

aftre filter wave

I converted wave signals Manually : down = 0 , up = 1
after converting :
the number binary :

001100010101111100110010010111110110100001100001011000110110101101011111011011010111100101011111011000110011010001110010

convert binary to ASCII :

1_2_haCk_My_c4r

now I use steghide

fl@g{NO7_on1y_k3y_fob_it$_G5M;)}

Network Security

TCP

after opening it by Wireshark, I didn’t find any things that interest me except Seq (Sequence and Acknowledgment Numbers).

all seq and ack numbers if tcp.seq>2

I used script : scapy to solve it .

flag{I_d0nt_w4n7_tO_ConQu3r_anYThin9_im_just_in_l0Ve_with_ScApy}

Cryptography

F4c70r5

code :

from Crypto.Util.number import *
import primefac
#RSA

c=327077386348346101184096522158226652435706099109225871900230605984351117903800246594337858410998149918232043480026957704607340241003909393490401385485967743182982413825006847930414171836365770142856359887366316596069720587979267537855809519478307478497476670378851336046128690581039298872182315778241635987972130791221393116202794711834897336580404069432555731332417554769920971759422836093644474913072748419219775921177794703183463315887088800152508124613335592138959844405427877616162481782552685977904222219470836883362427047811047129537868670830271572458177982888737218480600629620866088954699453114643847442370426675902077649948684148966904979971879186350657529867576919878719798381783529320030879788710833303137705581868186648545623094120792531304439317096445770907381060231469831880099129024887979180049500212268418241730570329522546476427136143317324249361548308164803903878761206743509441852708440542456223079124860276831333647047599740892333186355672896520911048217823236552892724847829949668610259009435097223596719104078489761546715092840149323895747624504395584601579144904792920541825749864659143193662609460918063314733238927359300548944228296908818325053348886598442688500795391716150621274601216681553976683866131173458417009219427716408782474282016150081936949011159232183305456506255260128017517283847723434446687211648945191738498243855399126444288977984419400412388096293382856052759009813224850897743317819017365421420567063206322176282003030630564379588629232090789463210087919793870744942378934994203557879067720951637556039454580251080480853408218836150626461790953446312776137924265253529859339253679904558759148971395984135661351771162122128182000249840629158929879588788517248104174638728121624277244803476490932860470492654810980915069811506536290083966326945180552995137541908382419642851304697704419620393233170013467112815287659902036962453676681004661436019063891097253794023633083935593859211244178961282904838164034035503609018017085207813372743755106523870407300139090930471246246452348347608751309929620939053506778225492876252594499312034372725757786558330299216112395531067775533238799121023265242763734573994957531160562422049356773668682449519855511601566261028308457741280980377600910658293342522613412979271358590917850339008659636307394967716472776596347614221668364785104488251632443992650239493772549442105328396648365818985242371694074768517093063734552089273679040641390304309114286021181293539442153357310326761928632
n=951752236915140832199748908693039643482784483902074328805152520574468385894787697421628889837312458972368822789183098930476868578994142902453764619470382186354755124562803268913310858946286402116516483754756602529140275651078834300546643264985329750684825417442514923821552633128625753457645015075044061956724052192812576201789794767301565010564202298988374151879060406294779207920467185412840082028372405791915383934456951737197975581056577455791036472946853658594411665332114506312107092278569171428558469601903172523050878720198012321065470355433469102888390983859620558787782721021089046454177636243251008530778652539935319177019860166186598073853688108173567866856964231247743467203884294661799001344528347401880203635793885635687603373996944778461477934238349308758143858756378007109795423094162767268604861217986574048575615695036605182467246663712698158708360994071228569740025875000061607591055998995791318294626029902423257925493557973396873086155141354215324268519945474274624518403980430243297107310646831850667409915421977427982814772841812364106728134725959018907476291114992862954747327639913039819011123510523468215933213307149052291041234690528992120953812506086775432947875150929032507470872383342321761152185862410954914695269256060010182103092293436220392161939322643220150850208969833274937053068973036583300776912495875448942037637954685467830888130579233843151020956996407127776535323875659902175256183919651900586231557101839033051692618183938054400883059654179603789649279342156436311107337135650837932570003864094755382785765132441275390932663926677067406875136312313026192349567835315882590179528261212886474357396988032402033951840198822593311717170345608440901322529031100463858003133206628129764268267186114478751138267868108177825787340514421124393463100710365602111990713166880105539662820515965997510336916057089919924127382268740016570933153882739481179823220194457498711735966237458544092166854492151855733680113669882834970917588467468450763773336882979228362194182442258322316805501041863297777969310334720546258597111615461312729100390612277069296070632654079517272872979055722183223194776869479328497670120352467722367536755524499589657444808423490113499222992115969009472046264319634133903375127278919109319803759184078586322967338305943072778915505052846361177654906506357532514407981608861738428484545619373078305491281976784140033166189850676357295084311575339612481840333505348160169849713312838754559337662281366047808411
e=65537
#download library primefac becuase find p and q
#how download it ?
#first : download gmpy2 library
#secound : sudo pip3 install “git+https://github.com/ryosan-470/factordb-python"
p ,q =primefac.factorint(n)

d=inverse(e,(p-1)*(q-1))
flag =pow(c,d,n)
print(long_to_bytes(flag))

THE END

follow me :

Linkedin : irsheidat
youtube : irsheidat
FaceBook : irsheidat