Continuing with write-ups for events from DerbyCon is the DomainTools CTF. I’ll be contributing solutions for every challenge in the CTF, broken up by the same section names that they used. When possible, I’ll also be creating CyberChef recipes to directly solve each challenge, and linking to them following the solution description. First up: the crypto challenges!
Challenge: Data Blob in the Log! (10 Points)
Directions: You keep noticing a weird string in your log files. Decipher the string for the challenge flag!
The string in question is: “vevf!”
Solution: A simple 13 character rotation (ROT-13) solves this as “iris!” (CyberChef recipe), which is a DomainTools product.
Challenge: SHA1 is dead, long live SHA1! (10 Points)
Directions: What’s the SHA1 sum of the string ‘dns’?
Solution: This is a simple command in a *nix shell:
user@system:~$ echo "dns" | sha1sum
a6a3bb38694366355d11b439926dcf5ee823806b -Challenge: Get XOR’d! (20 Points)
Directions: A string has been encrypted using single-byte XOR. Can you decrypt it and get the flag?
4b424048574b46534f424d4657Solution: First recognize that the hex values, when broken up, are all printable ASCII characters. Convert from hex to ASCII, then use an XOR brute force and review results until you find the answer of “HACKTHEPLANET” from a key of ‘0x03’ (CyberChef recipe).
Challenge: DB Pwn3d! (20 Points)
Directions: You just compromised a database with passwords stored as md5 unsalted hashes. Crack the hash of the ‘admin’ password!
42f749ade7f9e195bf475f37a44cafcbSolution: While you could quickly find this using John the Ripper or Hashcat using a wordlist like RockYou or Twitter Banned, it’s much easier to simply search your favorite search engine which will quickly return this as a commonly known MD5 for “Password123” (example result).
[Fin]
Okay, that’s it for the first round… next up is the Forensics section of the DomainTools CTF. Until next time, good hunting!
Hermit's Cave 