capture the flag, hacking

PicoCTF 2017 – Hex2Raw

Another day, another challenge…

Today’s challenge we will be solving the Hex2Raw challenge in the PicoCTF.

Let’s start.

Clicking on the challenge we see the following:

PicoCTF_Hex2Raw_1

OK. With this challenge we see that we need to print unprintable characters from the following location.

Let’s see what the hints give us.

Clicking on the hints we see:

PicoCTF_Hex2Raw_2

OK. We can see that Google has easy techniques to do this.

Let’s go to the command line and see what we can do.

After logging in and going to the directory we see the following:

PicoCTF_Hex2Raw_3

Running the hex2raw application we see:

PicoCTF_Hex2Raw_4

I pressed Ctrl + C to end the program.

OK. We are given raw input and we need to convert it to hexadecimal character.

Doing a Google search we noticed that we can use Python to get our desired output.

How would we do this?

With the decode function!

PicoCTF_Hex2Raw_5

Explaining the screenshot below we’re invoking the python interpreter the -c designated that we’re using a command. We’re printing the raw form, and using the decode function designated that we wanted to decode with the hexadecimal system. We’re going to pipe the output to the hex2raw program.

Doing this we see the flag, and acquired 20 points!

capture the flag, hacking, web application security

InfoSec Institute Challenge #12

Another day, another challenge.

Today’s challenge is coming from the InfoSec Institute.

Going to the following link we see the following:

infosec_12_intro

Doing a right click, view page source we see the following:

infosec_12_css

We noticed there’s an extra CSS (Cascading Style Sheets).  Let’s see what’s in this file.

Going to the file we see the following:

infosec_12_css_opened

Hmm… this looks interesting. Knowing a thing or two about CSS, the colors are represented in hex (hexadecimal, base 16) form. More can be found here.

I’m thinking this is the actual flag, but it’s just encoded.

Using out knowledge from other challenges, let’s try base64 decoding, since it has worked before.

Going to the link here, and typing in the encoding we get the following:

infosec_12_base_64_decoding

Our decoding wasn’t successful. This encoding is not base64.

Going back to the challenge, we know that CSS uses hexadecimal to represent colors.

Maybe the encoding is in hexadecimal form.

Going to Google and typing in “converting hexadecimal to text” we get the following link.

Putting our encoding in the text box and changing the decoding to “hexadecimal to text” we get the following:

infosec_12_flag

We found the flag!

Lessons learned:

Attention to detail! We noticed that there was another file when we did the right click, view page source. Going to that page we noticed that there was encoding. We first tried base64 which did not work. Going back to the drawboard on how CSS works, we know the colors are represented in hexadecimal. Doing a Google search of hexadecimal to text we were able to find the flag.