Hack Havoc 2.0 Write Up – Sh1ro
LeaderBoard & points:
Solves:
Question
Bonus
Welcome To CyberMaterial - 5
Answer:CM{w3lc0m3_t0_H4ac_H4voc}
Welcome to Hack Havoc 2.0. The Premiere CTF Hosted by
Cybermaterial. Before we start the journey, let's make a
detour to our Discord Server and on instagram. Friends are
crucial for every adventure ...
Discord
https://discord.gg/ATw3qYMX7e
Instagram
https://www.instagram.com/cybermaterial_/
Linkedin
https://www.linkedin.com/company/cybermaterial/
Don't forget to give us a follow
Flag Format: CM{String}
進入CyberMaterial的Discord後,在他們的聊天室輸入”/flag”,
會有一個Discord Bot私訊,可以看到Flag的第一個部分。
接著打開CyberMaterial的Instagram,在個人簡介可以看到Flag的第二部分,
將兩部分Flag組合起來即可得出本題的答案。
FeedBack - 5
Flag you will be getting on mail
https://forms.gle/MtgWRp67i7n2QZJ86
- 點進連結後可以看到一個Google表單,回覆完之後,主辦單位就會傳到你的Email,
Flag就在他附的GIF檔裡面~
Mobile
APK-ocalypse Now! - 20
Answer:CM{H1dd3n_7L4g_1n_M4nIF35T}
Put on your detective hat and dive into our mysterious
APK! Get it and uncover hidden treasures—will it be
memes, cat videos, or just code? Get ready to crack the
APK-ocalypse! 🐱👤💥
Download Link:
https://ctf.cybermaterial.com/files/aeeca9f91264d4b2c75f9f6e3a135592/hackhavoc.apk?token=eyJ1c2VyX2lkIjo0MzgsInRlYW1faWQiOm51bGwsImZpbGVfaWQiOjh9.Zx3SsQ.FPACwCJKIdIAW5rCJkEpK_39Sxs
將下載的APK檔案丟進去虛擬機後(這邊使用Kali),使用Engrampa打開後,
點擊app-release -> AndroidManifest.xml,可以在中間看到加密過的Flag。
把加密過的Flag丟至ROT解密,在ROT13可看到原本的訊息,也就是本題的答案。
Misc
The Case of the Missing Flag - 40 [First Kill]
Answer:CM{F0r3n3ic_1s_34sy}
Congratulations, detective! You’ve found ABC.dat, the file
that’s about as exciting as watching paint dry. But wait!
Rumor has it there’s a flag tucked away in there, possibly
hiding RQ.
Can you solve the mystery before your snacks run out? Get
cracking, and may the bytes be ever in your favor!
Download Link:
https://ctf.cybermaterial.com/files/94f873833d7c61c78d37365b9b5dfa1e/abc.dat?token=eyJ1c2VyX2lkIjo0MzgsInRlYW1faWQiOm51bGwsImZpbGVfaWQiOjl9.Zx3bBg.q1sZZOr0xUX6W15EFmaOr7FaSCk
利用文本編輯器(Ex:notepad)打開後,可以知道原本的檔案是svg檔。
還原svg檔後,丟去網路上的svg viewer,可以看到是一個QRcode。t
掃描過後即可獲得本題的Flag。
Crypto
The Curious Case of the Jumbled Symbols - 40
Answer:CM{stauiliss_ruins_muharg}
Dive into a tangled web of characters! Can you decode
{╵⸍⸝╮ᛁ⸌ᛁ╵╵_◟╮ᛁ⸜╵_ᛙ╮ᚽ⸝◟ᛍ} ? Here’s a clue: It’s not what
it seems—things aren’t always as clear as they appear.
Good luck, puzzle master!
Wrap Flag in CM{}
根據題目給的資訊,我們需要解碼”{╵⸍⸝╮ᛁ⸌ᛁ╵╵_◟╮ᛁ⸜╵_ᛙ╮ᚽ⸝◟ᛍ}”這段訊息,
根據dcode網站上AI的猜測,推測是Futhark字母,也就是所謂的Rune符文。
在網上找到對應的Rune Transfer,就可以得到本題的Flag。
:::info
記得在前面加上CM的前綴。
:::
Boot To Root
Hacker’s Fortress - 50
Answer:CTF{3sc4l4t3d_t0_r00t}
In this boot-to-root exercise, participants will need to leverage their skills in file uploading and privilege escalation to uncover a hidden flag. The challenge simulates a real-world scenario where unauthorized access to a server must be achieved to find sensitive information.
Author: DarkUnic0rn
http://35.208.110.64
利用目錄暴力破解後(Ex:dirb、hydra),可以得知有以下圖片列出的目錄可以進去。
發現在/uploads上可以看到其他本次參賽玩家上傳的exploit,使用他們的exploit可以發現有./hidden_flag,後面有標記Flag,獲得本題的答案。
:::danger
正常來講,這題不該這麼解的,但主辦單位並沒有限制攻擊的手段,
只要能獲得Flag跟不要把網站搞爆就ok(根據Rules),
雖然我也不知道這算不算是一種bug還是作弊手段?
:::
Forensic
Dialing for Danger - 100
Answer:CM{GOLDEN_GATE_BRIDGE}
Oops! Two not-so-smooth criminals just spilled the beans
during a phone chat on a brick phone! 📞🎶 Crack the
location before their next mischief unfolds. Find the place
befor attack
Flag: Wrap it in CM { First_second_third }
Download Link:
https://ctf.cybermaterial.com/files/93f67ade17f00899b51e4bde54245174/4_666_555_3_33_66_0_4_2_8_33_0_22_7.txt?token=eyJ1c2VyX2lkIjo0MzgsInRlYW1faWQiOm51bGwsImZpbGVfaWQiOjEwfQ.Zx3hHA.m4QU1u8bN7Gso51d0dUwx41aBOM
根據題目附的文字檔,只有一串數字而已,一樣利用dcode的AI辨識看看?
發現加密方法極有可能是Multi-tap Phone,所以丟至對應的解碼網站,
可以獲得一個地點”GOLDEN GATE BRIDGE”,也就是美國的金門大橋
英文就是本題的答案。
After all
這次打的還算輕鬆,還拿了The Case of the Missing Flag的First Kill,
算是還不錯吧,可惜最後只拿了Rk.36,因為還得忙升學(特殊選才),
期待下一次能再打更高一點的名次!
The Case of the Missing Flag [First Kill]