IITR's flagship CTF event
| Name | Category | Points | Comment |
|---|---|---|---|
| Welcome | Misc | 10 | discord lol |
| I Like McDonalds | Cry | 100 | hash-collision/pwntools |
| Cursed Credential | For | 100 | firefox-login/bruteforce |
| Torrent Tempest | For | ??? | pyshark/deepsound |
Forensics:
Most of the forensics challenges had to be bruteforced in some manner and were more
steganography heavy than is expected, especially a 24hr ctf. I learnt about 2 common
forensics challenges that are the firefox credential logins (firepwd.py) and XORing 2 images, though
the challenges here were a level above the standard. Also binwalk works for extracting very small files
a .pcap. That's how I got the key.txt in torrent chal
Looking at writeups I saw something called deepsound exists for .wav steg, and hashcat for password cracking.
Apparently hashcat uses "Rulesets" which were mentioned in the boss's boss chal.
The torrent chal apparently had a zip header that I didn't recognise, that would have helped
reconstruct the files.
- MQCyberSec
- Dr4g0n
- more specifically he points to this blog