 Hey, what's going on everybody? My name is John Hammond. I haven't done a capture the flag video in some time So I wanted to get back on the bandwagon Recently, I was able to play rice tea cat Panda CTF Over the weekend or over the week whatever day it is in reality I've been playing with the team. So we actually are doing pretty well I think at the time recording we're on like fourth place in the school board, which is kind of cool So I have a lot of challenges solved that I may or may not be able to cover But I was pretty pleased with it. Anyway, this will be a quick video I just want to showcase a small technique or a little encoding that you may not have seen before I know it took me some time to learn it or find it, but this is it This is called the home run challenge in the cryptography section. It's only 50 points. It has a lot of solves So this one's not extremely difficult. It's a simple base encoding the challenge prompt is and Jake is running the bases He passes base 32 he rounds base 64 witnessing a miracle just one more base to go So this CTF is strange. They don't give you a file to download often or really Included in the challenge prompt. They let you view the hint which will then be What you're particularly working with so this is our string to work with and this is all that we have We know that it's probably not going to be base 32 or base 64 Looking at it. You can actually tell If you're kind of associated or have gotten some acquaintance with a lot of different bases you can tell with kind of the note of common punctuation characters or other kind of Just punctuation marks that you might see in there that aren't often in base 64 base 64 will only use Letters and numbers and a plus sign and a forward slash Base 32 only uses a couple letters Not all of them I think 2 through 7 for numbers if you take a look at that and the padding that you'd see in base 64 are Some equal signs for base 32. You'll see a lot more equal science So anyway, this is base 85 and what you can do is if you really wanted to you just do like a base 85 Decoder track it down online and honestly, whatever you'll find you can just slap that in or to put it into decode mode in this section ASCII 85 is I guess what this is loaded for us So I will change the text to our given prompt here and the flag is our TCP Jake weren't you at the Storage, I don't know what that means But that is what you can submit for the flag here super simple challenge not too difficult Just recognizing base 85 or being able to tell that that is Subsequent following base 32 and base 64. This is something that Katana can solve if you are tinkering with that. I Will move into my Katana directory. I will go ahead and mark it As source bin activate activate my virtual environment, and then I will remove the results directory in case I need it I'm gonna activate Python with Katana. I'll specify the flag format as RTCP Open braces and regular expressions making that lazy and actually because we don't particularly Have an easy way to include some of these characters because you can see there's a quote double quotation mark there a single quotation mark there I can't just slap that into my command line. So what I'm gonna do is I'm just gonna create a Temporary directory or temporary file. I'll paste it in that's the flag my bad Okay now that that file is created we can just pass that to Katana so RM results and Run Katana with now temp foobar is the file that we want to use It doesn't worry about the results directory because I already removed it it cued that target and Ran through and just maybe a tenth of a second and I found it with ask you to find so there's our flag Automatically copied and pasted just thrown into our clipboard and we could slap that in What we could do is actually set that up with a CTF option so that you could actually Query the entire CTF into Katana. I won't showcase that functionality right now, but That's how Katana can solve that it has a unit for ASCII 85 base 85 stuff So that is that challenge super simple super easy Just want to showcase it to you in case you haven't seen base 85 before ASCII 85 If you're to do some googling and do some research on that there are a couple different renditions of it ASCII 85 also called base 85 There are different Representations of it between the adobe version and if you actually tinker with Python 3 you might see that as well Let me exit out of Katana Okay, I'll kill my terminal. That's works just as well Python 3. Let's import base 64 base 64 does have a B85 decode and we can pass that in. Let's make it bytes and Again, I don't want to deal with those Characters, but maybe I can just escape them Pace that in the only double code. I see there is that one. So let's see if that works bad Base 85 character that position. Okay, let's try ASCII 85 and that does it so you can see those two functions B 85 decode and a 85 decode Those are doing the ASCII 85 and I think there's some distinction on how B 85 will work Let's check out the Python 3 documentation for base 64 module Check it out B85 decode Base 85 encoded What's the difference between that and a 85 decode ASCII 85? So by the on three apparently has some distinction between base 85 and ASCII 85 although Wikipedia says they might often be the same thing if you guys have some understanding of that I'd like to know But cool, that's it. That's all I really want to show you That is that challenge super simple ricey cat Panda CTF was fun and weird and strange But I'll try and showcase some more of these challenges. So thanks guys for watching just a quick little video. I'll see you in the next one Bye-bye