🚩
CTF Writeups
  • CTF Writeups
  • CloudSEK 2023 Writeups
    • Bases
    • Serialization Saga
    • The SHA Juggler
  • Cyber Heroines CTF 2023 Writeups
    • crypto
      • Lenore Blum
      • Sophie Wilson
    • forensics
      • Barbara Liskov
      • Elizabeth Feinler
      • Margaret Hamilton
      • Marian Croak
      • Stephanie Wehner
    • pwn
      • Sally Ride
    • re
      • Anita Borg
    • web
      • Frances Allen
      • Grace Hopper
      • Radia Perlman
      • Shafrira Goldwasser
      • Susan Landau
  • DeconstruCTF 2023 Writeups
    • Gibberish
    • Hash Roll
    • MOVE
    • Magicplay
    • Missing
    • Snowy Rock
    • Space Ahoy
    • Two Paths
    • Very Basic
    • gitcha
    • sweet-nothing
    • where-are-the-cookies
    • why-are-types-weird
  • Digital Defenders CTF 2023
  • ISFCR EC CTF 2023 Writeups
    • Base the Bases
    • CrackMe
    • Device
    • Emoji Man
    • Fast Fernet
    • Hands Up
    • Hot and Cold
    • I walk alone
    • Inception
    • Lucky Guess?
    • Mess
      • chal
    • NotFooter
    • Oink Oink v2
    • Oink Oink v0
    • Oink Oink v1
    • STR
    • Seek The Treasure
    • Standard-bearer
    • Tap The Wire
    • Thomas The Train
    • What You See Is (Not) What You Get
    • Where's My Dog?
    • splitXquest
    • Zip Bomb
  • KICyber CTF 2023 Writeups
    • All Hail Hydra
    • Binary Cryptogram - Unravel the Enigma
    • Breakout - Unleash the Flag
    • Cross Platform Hunt
    • CryptoShift - Decipher the Hidden Message
    • Hidden-Network-Quest
    • MetaQuest
    • No remorse, No regret
    • OTP Portal Intrigue
    • Policy-patrol_IAM
    • Secure-Storage-Showdown
    • The-Forbidden-Telnet-Portal
    • Time Traveler's Git (Part 1)
    • Time Traveler_s Git (Part 2)
    • Time-Capsule
    • Unveiling the Hidden Message
    • Welcome to KICyber CTF
    • XORCrypt: Solitary Cipher
    • Zipper is stuck
  • Snyk Fetch The Flag 2023 Writeups
    • Back The Hawks
    • Beep64
    • Finders Keepers
    • Jott
    • Nine-One-Sixteen
    • Protecting Camp
    • Quick Maths
    • Unhackable Andy II
    • Unhackable Andy
  • YCTF Mini 2023 Writeups
    • Cat's Concert 🎧🎵
    • Death Song
    • Enigmatic Vault
    • Fire Accident
    • Military Spy
    • Movie scene
    • OSINT 1
    • OSINT 2
    • Stego Master
    • Twinkle Twinkle
    • Unchained 1
    • Unchained 2
    • Inception
  • flaws.cloud
  • YCTF-Weekly 2023
    • Week-2
      • Web
        • Cookie
        • Confluence
      • Misc
        • Never Found
Powered by GitBook
On this page
  • Challenge Description
  • Solution
  • FLAG
  1. YCTF Mini 2023 Writeups

Unchained 2

Last updated 1 year ago

Challenge Description

"Go from hacking web to solving puzzles"

Wow! You helped admin to recover his password! Now help him recover his lost rar password

Good Luck!

(It's the continuation of Unchained 1!)

Challenge link: https://harsh1tarora.pythonanywhere.com/

Solution

  • This is the continuation of Unchained 1

  • Using ls we can list the files

  • We can also download these files using download command

download FILE-1.png
download FILE-2.rar
download FILE-3.py

  • After downloading the files, running strings on the png file gives us

  • Decoding using morse gives us P_A_SS_W8RD_FR@F!LE2

  • Unzip the rar file using the password P_A_SS_W8RD_FR@F!LE2, gives us a key.txt file

  • the key.txt file contains the key and IV, which will be used when we run the FILE-3.py file

  • Running the FILE-3.py file with the key and IV gives us the a hex string.

  • Decoding the hex string gives us the flag

$ python3
Python 3.11.5 (main, Aug 29 2023, 15:31:31) [GCC 13.2.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> bytes.fromhex('784354467b7930755f6630756e645f6d335f6e305f776179217d060606060606').decode()
'xCTF{y0u_f0und_m3_n0_way!}\x06\x06\x06\x06\x06\x06'
>>>

FLAG

xCTF{y0u_f0und_m3_n0_way!}
strings
hex