[hsf 2015] Back to Base64

ZmxhZ3tp => Base 64 => flag{i
745f7761735f => Hex => t_was_
104 105 115 95 102 108 => Dec =>his_fl
011000010110011101011111011011010111001001011111 => Bi => ag_mr_
NNZGCYTTL4====== => Base32 => krabs_
<~Blm^+@<5dnF_tSDEaNs,0OK)ZI/~> => base 85 => it_was_numb3r_un0_y0}

flag{it_was_his_flag_mr_krabs_it_was_numb3r_un0_y0}

Advertisements

Solution for Net-Force.nl : Level 701 – Hey, where are you from?

Solution for Net-Force.nl : Level 701 – Hey, where are you from?
This is the link to the original challenge: http://www.net-force.nl/challenge/level701/index.php
Quest:
When all the HTTP vars are [OK] you will find the password!
Forwarded: (politie.nl) [FAILED]
OS: (Unix) [FAILED]
Via: (net-force.nl) [FAILED]
Tools Required:
Logic Behind this challenge:
Well from initial analysis, it seems that the author of this challenge wanted us to fake our data to conform to what he / she wanted.
So let’s use Modify Headers and fill it with these information as shown in the image below.

After we have started it, and we try to refresh the challenge page. It will look like this.

It seems like we are required to get it right if we use a Mac or Ubuntu. But in this case, i prefer to use User Agent Switcher and changed it to Android user agent.

After changing to that, we smelled success and immediately. The answer appeared right before our eyes.

The password is: httpheaders

Cheers
0x4A61636F62

Solution for Net-Force.nl : Level 601 – Keep walking…

Solution for Net-Force.nl : Level 601 – Keep walking…

This is the link to the original challenge: http://www.net-force.nl/challenge/level601/
Quest:
This is a challenge to test your basic programming skills.

Pseudo code:
Set X = 1
Set Y = 1
Set previous answer = 1

answer = X * Y + previous answer + 3

After that => X + 1 and Y + 1 (‘answer’ becomes ‘previous answer’) and repeat this till you have X = 525.

The final answer is the value of ‘answer’ when X = 525. Fill it in below to check if it’s the correct answer. If it is, you will get the password for the challenge page.

Example:
5 = 1 * 1 + 1 + 3
12 = 2 * 2 + 5 + 3
24 = 3 * 3 + 12 + 3
........................
........................

Since this is a programming challenge, let’s look at the clues given to us.

Set X = 1
Set Y = 1
Set previous answer = 1

answer = X * Y + previous answer + 3

So we need 3 variables, xy and answer as we can reuse “answer” as “previous answer“. This will translate to something like the following.

x=1
y=1
answer = 1
answer = x * y + answer + 3

Based on the hints given, i’ve finally code an python script that gave me the answer.

import os, sys

def main():
x=1
y=1
answer = 1

for z in range(0,525):
answer = x * y + answer + 3
x+=1
y+=1
if x==524:
print(“\nprevious answer = %d”) % (answer)
print(“\nx=%d, y=%d\nanswer = %d”) % (x,y,answer)

if __name__ == ‘__main__’:
main()

Running my own script, i got back this:

previous answer = 47823644

x=526, y=526
answer = 48373851

Entering the answer in the challenge page and we smelled success again.

So the answer for this challenge is “pr0ggen

Cheers
0x4A61636F62

Solution for Net-Force.nl : Level 804 – Nice colors eh?

Solution for Net-Force.nl : Level 804 – Nice colors eh?

This is the link to the original challenge: http://www.net-force.nl/challenge/level804/
Quest:
Uhm ok, get the password out of this image…it’s a dutch word 🙂

Required Tools:
Gimp –  http://www.gimp.org/
AsciiTable – http://www.asciitable.com/

Logic Behind this Challenge: 
Ok, from what i can see right now, the image seems to be in different shades of a similar colour.
Using Gimp, i have derived the following HTML notation for the colours:
8B8B61, 8B8B61, 8B8B70, 8B8B6A, 8B8B65, 8B8B73


As we can see, the HTML notation for all the colours differ slightly. So let’s try converting the last portion of each colour from Hex back to Ascii.

The word that we got back is aapjes and that is the password to this particular challenge.


 

Cheers
0x4A61636F62

Exploit 01 Easy Starter

This is the link to the original challenge http://www.bright-shadows.net/challenges/exploit_long/index.php However, you will need to register before you can make an attempt to solve this. Tools Used: Tamper Data or Firefox Console This is an easy warmup. We are presented with a login page and a clue stating that the username should be at least 5 characters long but less than 20. Let’s try passing in invalid usernames. Login with a username with less than 5 characters. An alert box pops up saying that this is not the solution. Next lets try logging in with a username which is more than 20 characters. Here is where the problem is. The form input restricts the max length to 20 characters. There is 2 ways to bypass this. 1) Tamper Data Tamper Data is a addon for Firefox. I highly recommend to install this addon as it will help with many of the exploit challenges on bright-shadows.net Using Tamper Data, we can tamper the post parameters that are sent after the submit button is clicked. 2) Firefox Console If you are using Firefox, you can bring up the Firefox console (Ctrl + Shift + K). After which type the javascript command “document.forms[0].elements[‘input_user’].maxLength = 30;” into the console. This alters the html document and the form now allows you to enter up to 30 characters in the username field. Using either method, submit a username that is longer than 20 characters and the resulting “error” page gives you the correct username and password to login with. Enjoy =D thegrayone