redpwnCTF 2021 Writeup

Posted on

misc/sanity-check (1 point)

Just a flag sanity check.

Answer: flag{1_l0v3_54n17y_ch3ck_ch4ll5}

misc/discord (1 point)

Go to their discord and check the “#announcements” channel for the flag.

Answer: flag{chall3n63_au7h0r5h1p_1nfl4710n}

web/inspect-me (101 points)

I found the flag by viewing the page source and searching for the string “flag”. The full flag is commented out in the HTML code.

Answer: flag{inspect_me_like_123}

misc/compliant-lattice-feline (102 points)

Just paste the nc mc.ax 31443 command into a terminal window. The flag will show up as the response.

Answer: flag{n3tc4t_1s_a_pip3_t0_the_w0rld}

crypto/scissor (102 points)

Run the python code (with Python3, not Python2) and input the the given string. You might have to run the program multiple times with the given string until you get surround_this_flag_with_flag_format as the output. Placing the output into the proper flag format gives the full answer.

Answer: flag{surround_this_flag_with_flag_format}

rev/wstrings (102 points)

I used cat wstrings to see the contents of the file. The flag was clearly visible in part of the output and it successfully validated.

Answer: flag{n0t_al1_str1ngs_ar3_sk1nny}

crypto/baby (102 points)

I used the RsaCtfTool for this challenge. n, e, and c are used from the output.txt file as argumemnts in program execution. I ran the command python3 RsaCtfTool.py -n 228430203128652625114739053365339856393 -e 65537 --uncipher 126721104148692049427127809839057445790 and the flag was visible as part of the output:

[*] Performing factordb attack on /tmp/tmpe6m4bpum.
[*] Attack success with factordb method !

Results for /tmp/tmpe6m4bpum:

Unciphered data :
HEX : 0x666c61677b363861623832646633347d
INT (big endian) : 136143999223147678052546820270298707069
INT (little endian) : 166424541424929871380238131574360599654
utf-8 : flag{68ab82df34}
utf-16 : 汦条㙻愸㡢搲㍦紴
STR : b'flag{68ab82df34}'

Answer: flag{68ab82df34}