Root @ Localhost on Binary Ruins

Nice

Wed, 14 May 2025 15:03:23 +0530

Very nice and niche CTF challenge

Hexdump

Mon, 09 Dec 2024 06:28:35 +0530

Why is there not a simple CLI tool for converting hex to ascii? :pray:

Xss

Mon, 09 Dec 2024 06:11:40 +0530

Solution

HTML

`1`	`<img src="42" onerr="alert(2)">`

Flag: `root@localhost{Byp4ss_Sanitiz3r_123}`

Idoor

Mon, 09 Dec 2024 05:08:00 +0530

Cracking hashes like there’s no tomorrow.

Mini Compiler

Mon, 09 Dec 2024 05:02:41 +0530

“Remote code execution as a service.”. Reminded me of my freshman year’s moodle exploitation :lol:.

Ez Web

Mon, 09 Dec 2024 04:41:52 +0530

The statement

duh.

Solution

Inspect the html and find js file.

Find this encoded string in js file.

`1`	`const encodedFlag: 'cm9vdEBsb2NhbGhvc3R7VGhlX3dlYl9jaGFsbF9pc19lYXN5fQ==';`

Decode it

$_ base64 -d «< cm9vdEBsb2NhbGhvc3R7VGhlX3dlYl9jaGFsbF9pc19lYXN5fQ==

root@localhost{The_web_chall_is_easy}

Flag: `root@localhost{The_web_chall_is_easy}`

Pixel Secrets

Mon, 09 Dec 2024 03:39:07 +0530

The statement

Decode the hidden message embedded in this image. Use steganographic techniques to uncover the flag that lies beneath the pixels!

Solution

Should be pretty self explanatory. Classic steganography bruteforce.

$_ docker run –rm -it -v ‘$(pwd):/steg’ rickdejager/stegseek steg1.jpg password.txt

Unable to find image ‘rickdejager/stegseek:latest’ locally
latest: Pulling from rickdejager/stegseek
a70d879fa598: Pull complete
c4394a92d1f8: Pull complete
10e6159c56c0: Pull complete
2a9284816e0c: Pull complete
da918f5114c3: Pull complete
172662ab993b: Pull complete
Digest: sha256:a3c6a82d5b7dd94dc49098c5080a70da8103b7ed3b3718423b3a70d4b43c9a8a
Status: Downloaded newer image for rickdejager/stegseek:latest
StegSeek 0.6 - https://github.com/RickdeJager/StegSeek



Hidden Truth
Mon, 09 Dec 2024 03:14:23 +0530
The statement
A hidden message lies concealed within a jumble of characters and numbers. Can you crack the code and reveal the secret? The mystery is waiting for you to uncover it.
Solution
Strings on the file gives a base64 string.

    
        
            
                $_
            strings -n 65 challenge.png
    
    <x:xmpmeta xmlns:x=‘adobe:ns:meta/’ x:xmptk=‘Image::ExifTool 12.76’>
<rdf:RDF xmlns:rdf=‘http://www.w3.org/1999/02/22-rdf-syntax-ns#'>
Attrib:ExtId03825ccf-d796-4baa-8dda-96a2acd20326</Attrib:ExtId>
<rdf:li xml:lang=‘x-default’>cm9vdEBsb2NhbGhvc3R7QzBuZ3JAdCRfWTB1X0YwdW5kX1RoM19NeXN0M3J5X04wd30=</rdf:li>
cm9vdEBsb2NhbGhvc3R7QzBuZ3JAdCRfWTB1X0YwdW5kX1RoM19NeXN0M3J5X04wd30=


Decode it to get flag


Echo of Time
Mon, 09 Dec 2024 03:08:46 +0530
The statement
You found an audio file named ab Somewhere within this audio lies a crucial piece of information: a year that marks a significant event. Extract the year hidden in the audio using steganography techniques.
Solution
Open the given file in audacity, and view it as spectogram.

Flag: r00t@localhost{2025}


Play With Qr
Mon, 09 Dec 2024 02:59:24 +0530
You don’t need A GUI FOR SORTING FILES BY SIZE.


Silent Courier
Mon, 09 Dec 2024 00:00:07 +0530
The statement
A mysterious file is being secretly transferred between servers. Your task is to intercept the transfer and uncover the hidden secret. Can you track it down before it’s too late?
Solution
File is analyzed using apacket.

The zip file is encrypted.

    
        
            
                $_
            unzip protected.zip
    
    Archive:  protected.zip
[protected.zip] secret.zip password: %


Crack it with johntheripper

    
        
            
                $_
            zip2john protected.zip > zip.hash
    
    ver 2.0 Scanning for EOD… FOUND Extended local header
protected.zip/secret.zip PKZIP Encr: cmplen=137, decmplen=178, crc=13905395


The Great Login Heist
Sun, 08 Dec 2024 23:48:26 +0530
The statement
In a daring attempt at digital mischief, a crafty threat actor tried to break into Cybertown Tech Solutions’ secure web interface. Their sneaky login attempts were caught red-handed in a PCAP file, thanks to our vigilant network monitoring.
flag format :root@localhost{username_password}
Solution
The pcapng file has the following string, which contains the username and password. ez win

**Flag: root@localhost{Liam_24_P%40ssw0rd!2024}** 
Quirks
I thought the password (P%40ssw0rd!2024) was meant to be Base64URLdecoded, but the organizers thought otherwise 😅.

Root @ Localhost on Binary Ruins

Nice

Hexdump

Xss

Solution

Flag: root@localhost{Byp4ss_Sanitiz3r_123}

Idoor

Mini Compiler

Ez Web

The statement

Solution

Flag: root@localhost{The_web_chall_is_easy}

Pixel Secrets

The statement

Solution

Hidden Truth

The statement

Solution

Echo of Time

The statement

Solution

Flag: r00t@localhost{2025}

Play With Qr

Silent Courier

The statement

Solution

The Great Login Heist

The statement

Solution

Quirks

Flag: `root@localhost{Byp4ss_Sanitiz3r_123}`

Flag: `root@localhost{The_web_chall_is_easy}`

Flag: `r00t@localhost{2025}`