c0c0n XI DomeCTF Writeup — Libya — Congo-Team RedX!!

Challenge: Libya

This Challenge came under the MISC section. The challenge was to download the locked pdf file, which was supposed to have the flag or clue to get the flag.

Approach:

For us this was quite easy. Whenever there is a need to crack the password, my first attempt will be guessing. I will use brute forcing only when that fails. So I started guessing password, I have tried only three words.

1. c0c0nx1

2. cyberdome

3. domectf

And yes! That worked. And that pdf file contained the flag itself.


Challenge:Congo-Kinshasa

This Challenge was STEGO based. We have provided a zip file with this challenge.

Approach:

When extracting the zip file, we found three jpeg files named flag1, flag2 and flag3.

This one was also quite easy. We started over with applying strings command on each jpeg file. From the output of each file we were able to find the chunks of flag

1.txtdomectf{VUOtDSJ1B7P

2.txtW6XuEUu9Rfp

3.txt9UFrN3G6VK}

And thus combining these three we were able to crack the flag.

domectf{VUOtDSJ1B7PtxtW6XuEUu9Rfptxt9UFrN3G6VK}

This was one was the second CTF I have played, with lot of challenges from different areas like web, network, forensics and misc. Without mentioning my teammate’s name, this write-up won’t come to an end. Gem, his knowledge and skill is an unavoidable factor in winning as a team RedX. And also thanks AppFabs for organizing this CTF and our hearty congrats to the team RedRaptor who was one of our major competitor ended in 2nd position.