CTF Write-Ups Blog: Write-Ups: RiceTeaCatPanda CTF 2020

RiceTeaCatPanda (https://riceteacatpanda.wtf/) is a CTF (Capture The Flag competition) that crosses a variety of random ideas and challenges to solve, including but not limited to cryptography, web, binary, forensics, general computer skills, data analysis, AI hacking, and talking!

Cryptography: Don't Give The GIANt a COOKie (100)

Solution:

String 69acad26c0b7fa29d2df023b4744bf07 is md5 hash.

So we need to decrypt it.

Cryptography: 15 (100)

Solution:

This is alphabetical substitution.

Use https://quipqiup.com/ with clue "tovm = rtcp" and get flag.

Flag: rtcp{c4R3Ful_w1tH_3X1f_d4T4}

Cryptography: notice me senpai (100)

Solution:

String tlyrc_o_0pnvhu}{137rmi__i_omwm contains rtcp, so we try to use Rail fence cipher.

Count of symbol ! in the task is 6, and count of symbol ? is 9.

So we use key = 6 and offset = 9.

Flag: rtcp{im_1n_lov3_wi7h_y0ur_mom}

Cryptography: Wrong Way (150)

Solution:

Use cyberchef https://gchq.github.io/CyberChef/ with "Base64 offset" recipe.
It will return:

Offset 0: RTcPUnEXPEcTEDpLAceS
Offset 1: AEU3D1JxFzxHExA6SwHHkg==
Offset 2: AABFNw9ScRc8RxMQOksBx5I=

Flag: rtcp{UnEXPEcTED_pLAceS}

Cryptography: Wrong Way (350)

Solution:

This is Pigpen cipher https://www.boxentriq.com/code-breaking/pigpen-cipher

We got this string:

YSAY{HJKAHR_QQGDIA_UNR_KW_YRQ_PM_NNFB}

Then we decrypt is as Vigenère Cipher.

Flag: rtcp{pandas_should_not_be_put_in_pens}

Cryptography: Code On (500)

Solution:

Use Codons (Genetic code) https://www.dcode.fr/codons-genetic-code to decode string AUGCAAGGUCUCUUGACCCAGUGGAUACUAAAUGCCUGGAAGGUAGCAUACUAG

We got:

Met Gln Gly Leu Leu Thr Gln Trp Ile Leu Asn Ala Trp Lys Val Ala Tyr

Next represent amino as full names (ex. Met = Methionine).
Then use Key do get flag:

Key: 6, 3, 4, 3, 1, 9, 8, 3, 3, 2, 7, 4, 1, 2, 4, 1

Key = rtcp
6 - 6th number in Gln
3 - 3th number in Gly
etc.

Flag: rtcp{my_cute_houseplant}

Cryptography: I Love You 3000 (700)

Solution:

ILOVEYOU is the virus, so we use https://github.com/onx/ILOVEYOU/blob/master/LOVE-LETTER-FOR-YOU.TXT.vbs

We use Book cipher decoder (there was a hint with word book):

And the result: RTCPI10V3H0WBROKENMY3MAILZR

Flag: rtcp{I10V3H0WBROKENMY3MAILZR}

General Skills: Basic C4 (30)

Solution:

C4 ID - Universally Unique and Consistent Identification. We use http://www.cccc.io/ to get flag: just drop file and get flag.

General Skills: pandamonium (100)

Solution:

This task is related to chemistry.

String 91 7 10 D 95 42 28 A is the name of elements in Periodic table (ex. Protactinium (Pa) is the 91th element).

91 7 10 D 95 42 28 A = Pa N Ne D Am Mo Ni A

Flag: rtcp{panned_ammonia}

General Skills: Treeeeeeee (200)

Solution:

Extract files from archive, cope all jpg-files to one directory and sort by file size - the biggest image has the flag.

Web: Robots. Yeah, I know, pretty obvious (25)

Solution:

Open /robots.txt

Go by https://riceteacatpanda.wtf/robot-nurses

Web: No sleep (100)

Solution:

Set gamerfuel cookie as Jan 20, 2020 04:20:00

Flag: rtcp{w0w_d1d_u_st4y_up?}

Web: Phishing for Flags (105)

Web: Uwu? (125)

Solution:

Intercept traffic. There are several redirected pages. One of the pages contained flag.

Web: What's in the box? (200)

Solution:

Check comments for flag

Web: Web Invaders (250)

Solution:

Check all client requests.
File https://jef1056.github.io/archive/game.arcd0 contains flag.

Flag: rtcp{web_h^ck3r_0004212}

**Web: growls at the chicken (1000)**

Solution:

There were data in the hints. We discovered that this is RSA, So we decrypted it https://8gwifi.org/rsafunctions.jsp

We went by link http://unknown-123-246-470-726.herokuapp.com/ There was the gif-file

Also page contained hidden data:

<p hidden>9 20 30 15 16 5 14 19 30 27 29 8 20 13 12 28</p>
<p hidden>"abcdefghijklmnopqrstuvwxyz[]. "</p>

After decoding we'd got next text:
it opens [.html]

Gif-file had drawer that opened.
So the http://unknown-123-246-470-726.herokuapp.com/drawer.html gave as the flag

Flag: rtcp{ch1ck3n_4nd_th3_3gg}

Forensics: cat-chat (125)

Solution:

Use Morse code translator in the #catchat on Discord:

purr - " "

nya - "."

meow - "-"

Forensics: BTS-Crazed (75)

Solution:

Use strings command to find flag

Forensics: Chugalug's Footpads (125)

Solution:

Check file differences in hex and diffs contain the flag

Forensics: BASmati ricE 64 (150)

Solution:

Use steghide to get hidden txt-file.

Then get base64 from this file.

Saturday, January 25, 2020

Write-Ups: RiceTeaCatPanda CTF 2020

RiceTeaCatPanda (https://riceteacatpanda.wtf/) is a CTF (Capture The Flag competition) that crosses a variety of random ideas and challenges to solve, including but not limited to cryptography, web, binary, forensics, general computer skills, data analysis, AI hacking, and talking!

Cryptography: Don't Give The GIANt a COOKie (100)

Solution:

Cryptography: 15 (100)

Solution:

Cryptography: notice me senpai (100)

Solution:

Cryptography: Wrong Way (150)

Solution:

Cryptography: Wrong Way (350)

Solution:

Cryptography: Code On (500)

Solution:

Cryptography: I Love You 3000 (700)

General Skills: Basic C4 (30)

Solution:

General Skills: pandamonium (100)

Solution:

General Skills: Treeeeeeee (200)

Solution:

Web: Robots. Yeah, I know, pretty obvious (25)

Solution:

Web: No sleep (100)

Solution:

Web: Phishing for Flags (105)

Web: Uwu? (125)

Solution:

Web: What's in the box? (200)

Solution:

Web: Web Invaders (250)

Solution:

Web: *growls at the chicken* (1000)

Solution:

Forensics: cat-chat (125)

Solution:

Forensics: BTS-Crazed (75)

Solution:

Forensics: Chugalug's Footpads (125)

Solution:

Forensics: BASmati ricE 64 (150)

Solution:

**Web: growls at the chicken (1000)**