Unleash the Beast!

CTFなどのメモに使います

CTF 313 2019 WriteUps(2)

It is a continuation of this article.

https://imurasheen.hatenablog.com/entry/2019/05/23/000259

 

 

Hash

[MD5] - 2pts

f:id:imurasheen:20190523104125p:plain

dc647eb65e6711e155375218212b3964

This is the MD5 hash.

So I used online-service to decrypt it.

https://hashtoolkit.com/decrypt-md5-hash/dc647eb65e6711e155375218212b3964

The flag is : password

 

[Rivest Head] - 2pts

f:id:imurasheen:20190523104148p:plain

What is the MD2 hash of the string “ConvergeDetroitCTF313“ ?

I found the onilne-service to make the MD2 hash of the string.


https://lazesoftware.com/tool/hash/
https://md5hashing.net/hash/md2/

The flag is : 5fb25544556fa0ceb3c22dac16d18761

 

[NTLM] - 3pt

f:id:imurasheen:20190523104213p:plain

535BAF9CF1C3067F9E952CC093F47CEA

It looks like NTLM hash value.

So I googled it.

https://hashes.org/search.php?key=QKey0i9Nau1dkH39sxxmHF0tyWZkeeY89N5zgTUsf5SkZDWnLRsFaK6Huibq5u7z

>535baf9cf1c3067f9e952cc093f47cea:Spring2019

 

The flag is : Spring2019

 

[MD2] - 3pts

f:id:imurasheen:20190523104237p:plain

03e867920f32eff0c0dab625fec0c8ef

I googled this hash value, then I found this result.

https://www.integers.co/questions-answers/what-are-the-different-hash-algorithm-outputs-for-9999.html

The flag is : 9999

 

Potpourri

[Brillig] - 3pts

f:id:imurasheen:20190523104305p:plain

According to IEEE RFC 527, this three letter acronym outgrabe. What do these three letters stand for?

RFC 527 is a joke RFC.

This article is associated with "Jabberwocky", the character which appears in "Through the Looking-Glass, and What Alice Found There"

The title of this RFC "ARPAWOCKY"  comes from "Jabberwocky".

 

The sentence of issue means, in the RFC527, we should found the three letter acronym which "outgrabed" by "ARPAWOCKY".

Then I found this sentence : "And the RJE outgrabe,"

So the flag is the sentence which stand for "RJE".

 

The flag is : Remote Job Entry

 

[SPQR] - 3pts

f:id:imurasheen:20190523104333p:plain

CMXCIX

SPQR - Wikipedia

SPQR is "Senatus Populusque Romanus" , it is Latin.

I'm not familiar with Latin...So I googled "CMXCIX".

Roman Numerals: CMXCIX = 999

The flag is : 999

 

[No Secrecy Afforded] - 3pts

f:id:imurasheen:20190523104352p:plain

According to IEEE RFC 7169, a boolean value of FALSE can be set an in ASN.1 extension that can be used to indicate that a PKI key sent to an intended recipient may have also been shared with a third party, but the signer does not want to overtly indicate that the key has been shared. What is the identifier for this extension?

We should found the "identifier" which described in the extension : RFC 7169.

In this RFC, I guess this is the part which described about "identifier".

****************************
ext-KeyUsage EXTENSION ::= { SYNTAX
BOOLEAN IDENTIFIED BY id-pe-nsa }

id-pe-nsa OBJECT IDENTIFIER ::= { id-pe 23 }
****************************

The flag is : id-pe-nsa

 

[Swaying One] - 3pts

f:id:imurasheen:20190523104417p:plain

Old Wotan has a challenge for you... File: wednesday.PNG (SHA1: 062ef20939549bdc327c66b537d99dfe0bf7d4f9)

wednesday.PNG

f:id:imurasheen:20190523110822p:plain

These letters are the Runes.

The every letters of Runes can be translated to the alphabet.

https://testpage.jp/tool/rune_moji_latin_alphabet_henkan.php

 

I forgot the translate result,,,it means "Flag is name of Ordins spear"

The flag is : Gungnir

 

[DitDah] - 3pts

f:id:imurasheen:20190523104524p:plain

.... ./..-. .-.. .- --./.. .../..-. .. .-. ... -/-. .- -- ./--- ..-./-- --- .-. ... .

 It looks like morse code, but ,,,"/" is what??

-> In the CyberChef, "/" can be used as a separator between characters.

     The result is : "THE FLAG IS FIRST NAME OF MORSE"

The flag is : Samuel