We have intercepted communication in a private network. It is used a strange protocol based on RSA cryptosystem. Can you still prove that it is not secure enough and get the flag? We have a pcap files with multiples TCP sessions and a python script: #!/usr/bin/python import sys import struct […]
Do you like math? We have an encrypted flag.wmv.out file and this python script: #!/usr/bin/python import random from struct import pack def Str2matrix(s): #convert string to 4×4 matrix return [map(lambda x : ord(x), list(s[i:i+4])) for i in xrange(0, len(s), 4)] def Matrix2str(m): #convert matrix to string […]
This challenge is about the control panel of the Southpark police department. (I wonder how many weird google searches I’m going to get on this post) You can choose an action and a victim. When you submit the form, it’s a simple AJAX call that will display “‘human’ was ‘action’” […]
Challenge source code: #!/usr/bin/env python ”’ Running instructions. sockets are insecure. We do not implement any socket behaviour in this file. Please make this file +x and run with socat: socat TCP-LISTEN:45454,fork EXEC:./chal.py,pty,stderr Debugging: Just execute chal.py and play on terminal, no need to run socat Note: This […]
In this challenge we 2 files: 1 PCAP, 1 Python The PCAP file contains a dialog between a client and server that goes like this: > = client to server < = server to client > 8e67bb26b358e2ed20fe552ed6fb832f397a507d:3daf723376f823eceeb314c8fa60e47b1ba23633 < 5f367ff47fff772986cca54219fa167175353dc7 > 78be5fe51f264a4067463bad57022348 < 3290452b9a9f6d18523347dd1daa54a1e09195a7 > 94817a6b1d833e1ffb4fcb2aa7dd14143dc5759e>_