 Hey everyone, welcome back to their video on the HACCON CTF challenges. Let's go and get started and see what we're working with here. I just wanted to show off some of the BAC. I have no idea. Beginner challenges or whatever. A lot of these were real simple things, but we should be able to just roll through them. So I'll showcase them all for you in just this one video because there's no need to make a ton of videos just for it. So this rotated is very clearly a Caesar cipher, which we could just go ahead and Google honestly. Again, they're not that hard. There's descriptions of them. Obviously all over the internet. There are the cipher tools all over the internet and Let's just see what we get here. I don't think these will actually work that well for us because Yeah, and they have numbers in it. So that's why this won't work. We could just pass this into ROT 13. You can see this is a ROT 13 one. This would be the flag because it's plus 13, but the numbers are being parsed out by this online tool. So let's use ROT 13 on here. What I'm going to do is just pipe this into, oh, I literally copied what I just had. My bad. Let's go ahead and steal this back from the challenge prompt. Why is that not working? There we go. I don't know why that was so awful. I'm sorry. Hey. And this breaks too for whatever reason. It's not the full flag here. Oh, the dollar sign is in the way. So bash, we'd have to escape that dollar sign because it thinks that's a variable in bash, but so the flag here is dark. Who gives Caesar and a CTF code? Real easy. I didn't use the online tool or ROT 13 for this. I had just used the easy cipher thing that I put together. You can see in another video. So that is just this here. I use the collections module to create a deck, queue, deck, which is just a list that I can rotate and shift back and forth. And then I do that with whatever number I'm actually changing by the key. And then I use the translate function in strings to just go ahead and, you know, move a table. So I use the translate and make trans table function so I can kind of map each letter to the other letter that it would be if it were Caesar cipher shifted. And then I use 13. If I wanted to, I just put I in here and then loop through for I in however many and I could brute force it. But I knew it was 13. And obviously we could just use that brute force attack if we wanted to. So cool. What else we got here? High base, another real easy one. This is very clearly base 64 code. You may not notice it because it doesn't have the trailing equal sign of the variant. But honestly, after doing enough CTFs, you kind of just get an eye for what base 64 looks like. Kind of random capitalizations, mostly all letters and numbers, like an occasional plus sign, stuff like that. So we can go ahead and just throw that into our base 64 decoder. Which I'll use the command line again for. And there it is. This is just a base 64. Easy enough. And we'd submit that. Cool. File, this one was not hard at all. This was just an executable file that you literally just had to run. So if you were to download it, you literally have the binary here. You can do what you need to do on it. Oh, it's a executable file. If you run strings on it, there's stuff there. But literally just run it and it'll give you the flag. It just prints it out. Easy. Next is needle. This was like a needle in a haystack challenge. So they give you a zip archive. We can go ahead and unzip it. If you do unzip text dot zip, it would just extract a text dot text file and mine already exists. But we can just put it there. So we'll check it out. It's just a bunch of text, blah, blah, blah. So what we'll do is we'll grep for the flag format because we know we have it. We know what it would, what it's supposed to be. And there it is dark. It just finds that whole line for us. If we want to extract only the flag, I can use zero E. And just use this here. I think it's OE. There we go. So those flags are extended regular expressions and lowercase O for only what we capture. So there's a regular expression just to grab the flag. And that's all. Toss it in there to get our three points and all caps. This is just a cipher. It's a substitution cipher. And honestly, I don't have that very much of a good tool for it. I just threw it in QuipQuip, which is a really common CTF substitution cipher solver. This, you can add as many hints as you want. Because like some of these, it's not able to solve, right? So let's just say this. We can clearly tell that that word here is substitution. So find it up in the string and just say that equals that in the clues. And then it'll be able to figure out more and more of the actual string here. So substitution cipher is a method of encoding by which units of plain text. Okay. This one got it all except for the K and dark. So then we'd submit that. And that's what I had the flag be. That's it. And we'd submit that. You left it in all caps because for it is in all caps. So, cool. Caves, this was a weird one. I think these are just Egyptian letters or hieroglyphics, which, yeah, you can find however many images for and look for them. Some members of my team had found, okay, why am I searching for determinative books? Yeah, right here. These aren't the ones that we'd actually use. I think we ended up, yeah, this is the one that we ended up using, Egyptian hieroglyphics here. I've got the files. Yeah, this is the one that we used as the translation. And we would literally just go each character by character and write out what it should be. And it says the flag is Egypt is better than you. And it was all lowercase. So we just submitted that as a flag. Go ahead and submit. Get our five points. Numbers, that's a more busy one. That's a hard one that we'll do later because there's a lot there. RSA, this one. It's a simple RSA challenge, but they give you P and Q, so you already have the thing factored. You just have to do the RSA math, multiply these two to get N, take their totions, like subtract one from them, multiply them together, find D, et cetera, and do the inverse. So the code that I have for that is the same one that I've used in many a time before. I'll fire that up, show you. I have a ton of sublime take windows open right now, so I'm just trying to clean it for you. Here we go. So I've used the script a lot in some of the challenges that I've created for the team that I have at school. So there's a bunch of comments that aren't particularly that useful to you. But here we go. We just paste in PQ, the ciphertext and the exponent, find N, just multiply them together, phi, the totion function, and I take the multiplicative or modular inverse of these guys of D here. I just take E inverse, and that is out of the Python CryptoUtilNumber function, which has a lot of really good ones, especially inverse, because finding that is hard to do, but knowing there's a Python module to do it for you is pretty easy. And then we just decrypt with using ciphertext raised to the private key mod N as an unpowered function here, and then I convert it out of hex. So simple RSA, not this easy next time. That's a flag. Go ahead and submit that. Rocket. Flag.text, this is a reference to robots.text. Even Google won't be able to find the flag here. Get this website, you go to robots.text. This was kind of annoying to me and cheesy because the robots.text gives you this directory that does, at least the last time I checked, not exist, right? So it doesn't give you your directory indexing, but I guess you're just gonna have to figure out, oh, you'd put in flag.text as a file you're looking for out of that directory, so whatever. The challenge title is, I guess, the pointer to that, but I was very annoyed that that directory either doesn't exist or we're not allowed to see it, because I figured that would be the telltale that, oh, I'm in the right place, whatever. Whatever, don't matter. Oh, let's clean some of that stuff up. I removed the website, here we go. And XOR, XOR, XOR, XOR, and then we'll do numbers. So XOR is a XOR challenge, which I have some code that my friend had written just to be able to break a repeated XOR key, which I'll share. I'll put it on Payspin or something. But this is all in Hex already to begin with. So, in XOR, we've got the file that has all that crap to it. I had decoded that in Python, so I had just run Python file.text, save that as an object, read, decode Hex from it, and that can be the actual content. So see, now you have the Hex bytes, and we'll just open up real.texts, I think is where I put it. And I wrote all those bytes as real bytes now in there. So now you cat out real.text. It's the actual bytes, not an Hex, but actual daily you should see. So the way that the code works, we have break repeat XOR, it takes a, this is not my code, so this looks like nonsense, but it's something a good friend of mine had written. So I think he uses a hamming distance, yeah, hamming distance here to solve and find English. But he takes it through a base64 decoded file. So all we have to really do is just encode our base64 one. So if I base64 the real text that we just have here, I throw it in something like b.text. If I run, obviously b.text now has all that base64 content. If I run that break repeated XOR key, it needs to have the file, doesn't really have the best testing for it. Again, I did not write this disclaimer. We'll give it b and it'll start to look through, see what a possible key length is. We'll use the recommended one, recommended to spell wrong. I didn't write this. It wants to use the lowest score. So it recommends the minimum here and it recommends 30. And then it gives us a possible key after it kind of tabulates and calculates and does whatever it needs to do to actually run through the hamming distance and stuff like that. Takes a little bit of time, but almost always this thing works. It's barot, barot, barot, barot. And it will try this key, which you can see is just a repeated key. If I enter, it will go ahead and crank it out. And there we have all of our stuff. It decoded into pure English. So from there, I just honestly copied all this and had grept for flag after I put it in a file. Yeah, I think I saved it in crack.text. And then I'll use that same grep oe thing for dark code. And there we go, there's our flag. I love that script, honestly. I'm very grateful for my friend for writing that because I don't know as much as I should for XOR and hamming distance and stuff like that. But it's what I always throw at any XOR challenges because we see them way too often. Now let's look at numbers because numbers is huge and awful and scary, but it's not all at the same time. They give you a ton of lists here that have five values. So 0, 0, 0 is common at the three at the end and 10, 20, 10, 20 is another common one. And that's all we see. So seeing 10, 20, you think like, wow, that's pretty high. Normally we just see up to 255 in lists like this. And I agree, but we know there's a binary difference here. See there are gonna be 0, 0, 0, or 1, 20, 1, 10, 20, 10, 20. So that in my mind tells me black and white, honestly. And I see these as colors. I see these as RGB values. And then I'm thinking with that logic, the first two for each set of values is probably just gonna be a position or a coordinate. So I feel like this is just making an image. But there is so much here. Look at my scroll bar. There is so much data here because this is a color value for every single thing. So I had a lot of trouble actually processing this. So I had to do it from the command line here. I didn't actually open it in sublime text or any text editor because it would just straight up break. I think what I did is I had numbers.text, which was originally a one line. It's all just one line, but I wanted to be able to read it in Python for multiple lines. So I'll show you what I did. I think, yeah, lines.text is where it's split up. The way that I had done that, just a Python script that does it first, I had used all the numbers, the regional lines, and I used said to remove anywhere there's an end of, the end of a list, the end of an array there, and replace it with a new line. And then I just had to change the very top and the very bottom because obviously the starting parentheses and the ending parentheses just won't be matched. So I opened those all up. I read all the lines and then I figured out what the size of the image is gonna end up being by taking the X and the Y coordinates, just each of them and finding the largest value because it's obviously going to be highest possible position, highest possible pixel. And it was 569. So I app that one up to just want 570. And I created a new image with RGB with that width and height. I load the data out of it. Again, I'm just using Python image library and I manipulated the pixels in there. So for every single number that we get out of here, I, again, I take the pieces out of it. The X and Y coordinates are the first two and the color is the last bit, those three pieces. And since they're all gonna be the same, either 10, 20 or zero, I literally just take the first one because again, they're all gonna be the same. And then I don't know why I inverted it. It's either gonna have a 50, 50 shot. One color is gonna either be white or another color is gonna be black. And then I just set that pixel in the image that we're creating to either black or white. Now I ran this, I get a beautiful QR code. I'll show here so you can see it. And okay, that's super promising, right? Cause now we actually have a semblance of progress in this challenge. So what I had done there is I just ran Z bar image on that. Z bar image is the command line tool that I almost always use for QR codes. And it just gets me a base 64 code after decodes. So again, no trailing equal sign, but we can tell here. And dark QR codes are fun with pill. There's our flag, there's our flag. Super easy, super cool. We did it. But initially I wasn't able to process all that data because all it being one line, sublime text would just choke whenever I tried to open that. So that was hard. But I just doing some command line stuff with it and being able to process it without having a text editor buffer everything. It worked just fine. So okay, that was it. Thanks for watching some of those easy, simple challenges. Now we'll move into the other challenges. Show you some of the other things that I've got. So thanks for watching guys. See you later.