The Challenge

Do you like to decorate the Christmas tree?

This challenge was listed as “Misc”, and no other hints were provided.

The Solution

This was an easy challenge, as the answer was literally staring participants in the face during the entire CTF. Navigating to the kksctf web page showed a variety of Christmas themes, including a neat ASCII Christmas tree.

The above tree ASCII art shows a few different pieces of text in different colors. If we look in the HTML source, we can see the <span> tags which indicate a color change for certain pieces of text.

Combining the 7 pieces of colored text results in the final flag of kks{n3w_y34r_m@dn3$$}. Happy New Year!

The Challenge

We get some file. Can you find secret?

We are provided the above file of Shaq gracefully obfuscating himself behind a tree. No other clues or hints are provided.

The Solution

This was an extremely easy steganography challenge. The flag we are looking for is embedded inside the image data. We can extract the EXIF metadata from the image using exiftool, revealing the final flag.

We can see in the above image that the flag was in the Author field in clear text. On to the next challenge!

The Challenge

We receive a message that is captured, and since this challenge is listed as “crypto”, we need to decipher the cipher text of -*;91~.,1*1=12~;-*?<27–6;:r~+-;~=27;0*~*1~=100;=*p~7y3~)?7*709~81,~+,~,;.2'p~55-%?**j=5.?*.:j)0#

This write up is part of a bigger Capture The Flag competition. You can see other challenge write ups on the main post here.

Prior to the start of OverTheWire Advent Bonanza 2019, the creators released a “Challenge Zero” for teams to work on. The challenge was located at https://advent2019.overthewire.org/challenge-zero, which showed a web page with an animated GIF of fire burning with the following message:

Fox! Fox! Burning bright! In the forests of the night!

Hint: $ break *0x7c00

The above hint refers to the command line of gdb, a linux debugger. At this point though, we have nothing to break so we need to keep looking. In the spirit of Capture The Flag competitions, my team and I tried viewing the web page and GIF in different ways. …

This write up is part of a bigger Capture The Flag competition. You can see other challenge write ups on the main post here.

The Challenge

Santa’s little helpers are notoriously good at solving Sudoku puzzles.
Because regular Sudoku puzzles are too trivial, they have invented a variant.

This write up is part of a bigger Capture The Flag competition. You can see other challenge write ups on the main post here.

The Challenge

Can you forge Santa’s signature?

The Data

We are provided a remote service to connect to, as well as some source code on how that service is running.

This write up is part of a bigger Capture The Flag competition. You can see other challenge write ups on the main post here.

The Challenge

One of Santa’s Little Helpers received an unusual Christmas wish, a copy of the yet to be released Deus Hex game. All they managed to find were fragments from the dialogue system. Can you decode the last one?

The Data

The “tiny runes” challenge was a reverse engineering and forensics challenge that included an archive containing 4 binary files containing speech text data for a game engine. Files 1 through 3 included a .txt file showing the game text, so that competitors would have examples to reference. …

This write up is part of a bigger Capture The Flag competition. You can see other challenge write ups on the main post here.

The Challenge

‘Moo may represent an idea, but only the cow knows.’ — Mason Cooley

Mooo was one of the more fun challenges and provided us with a web service running on a specific port and IP address. Navigating to the site brings us to an implementation of cowsay. Cowsay takes input from a user and displays it in an ASCII art formatted cow.