Things are not always what they seem (Web 50)

Webページに白字でフラグが隠されていた。

flag{Whale_w0u1d_y0u_l00k3y_th3r3}

purvesta (Recon 75)

github purvestaで検索すると、以下のサイトがある。

https://github.com/purvesta

purvesta/purvesta.github.ioのリンクをたどり、lolファイルを見ると、フラグが書いてある。

flag{Th1s_g1thub_l00ks_a_l1l_sparc3}

Super Old School (Crypto 150)

左向きの山の数を10の位、釘の数を1の位としてアルファベットを割り当てる。

25 15 21 18
Y  O  U  R

6 12 1 7
F L  A G

9 19
I S

19 15
S  O

13 1 14 25
M  A N  Y

3 18 25 16 20 15 19
C R  Y  P  T  O  S

SO MANY CRYPTOS

Bash 1 (BashNinjas/Bash Games 25)

$ ssh -p 3333 neverlan@157.230.73.80
The authenticity of host '[157.230.73.80]:3333 ([157.230.73.80]:3333)' can't be established.
ECDSA key fingerprint is SHA256:XY46h2ppKjwKd1VeT0be52Y/lyPAPx4UKrf95nNuF8o.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[157.230.73.80]:3333' (ECDSA) to the list of known hosts.
###############################################################
#                   Welcome to my game                        # 
#         Check out https://neverlanctf.com for info          #
#               Make sure you read the rules                  #
#         https://neverlanctf.com/docs/code-of-conduct        #
###############################################################
neverlan@157.230.73.80's password: 
Permission denied, please try again.
neverlan@157.230.73.80's password: 

                                                                       ╗     
██████╗  █████╗ ███████╗██╗  ██╗███╗   ██╗██╗███╗   ██╗     ██╗ █████╗   ███████╗  
██╔══██╗██╔══██╗██╔════╝██║  ██║████╗  ██║██║████╗  ██║     ██║██╔══██╗  ██╔════╝  
██████╔╝███████║███████╗███████║██╔██╗ ██║██║██╔██╗ ██║     ██║███████║  ███████╗  
██╔══██╗██╔══██║╚════██║██╔══██║██║╚██╗██║██║██║╚██╗██║██   ██║██╔══██║  ╚════██║  
██████╔╝██║  ██║███████║██║  ██║██║ ╚████║██║██║ ╚████║╚█████╔╝██║  ██║  ███████║  
╚═════╝ ╚═╝  ╚═╝╚══════╝╚═╝  ╚═╝╚═╝  ╚═══╝╚═╝╚═╝  ╚═══╝ ╚════╝ ╚═╝  ╚═╝  ╚══════╝  
                                                                                   
   ██████╗  █████╗ ███████╗██╗  ██╗     ██████╗  █████╗ ███╗   ███╗███████╗        
   ██╔══██╗██╔══██╗██╔════╝██║  ██║    ██╔════╝ ██╔══██╗████╗ ████║██╔════╝        
   ██████╔╝███████║███████╗███████║    ██║  ███╗███████║██╔████╔██║█████╗          
   ██╔══██╗██╔══██║╚════██║██╔══██║    ██║   ██║██╔══██║██║╚██╔╝██║██╔══╝          
   ██████╔╝██║  ██║███████║██║  ██║    ╚██████╔╝██║  ██║██║ ╚═╝ ██║███████╗        
   ╚═════╝ ╚═╝  ╚═╝╚══════╝╚═╝  ╚═╝     ╚═════╝ ╚═╝  ╚═╝╚═╝     ╚═╝╚══════╝        
                                                                                   
═════════════════════════════════════════════════════════════════════════════════
           ____ ____ _  _    ____ ____    _  _ ____ _  _ ____ ____ 
           [__  |  | |\ |    |  | |___    |__| |  | |\ | |  | |__/ 
           ___] |__| | \|    |__| |       |  | |__| | \| |__| |  \ 

Level: neverlan

Instructions
═════════════════════════════════════════════════════════════════════════════════
For this challenge you need to get the contents of Welcome.txt
neverlan@son-of-honor:~$ ls
Welcome.txt
neverlan@son-of-honor:~$ cat Welcome.txt
----------------------------------------------------------------------------
                  __          __  _
                  \ \        / / | |
                   \ \  /\  / /__| | ___ ___  _ __ ___   ___
                    \ \/  \/ / _ \ |/ __/ _ \| '_ ` _ \ / _ \
                     \  /\  /  __/ | (_| (_) | | | | | |  __/
                      \/  \/ \___|_|\___\___/|_| |_| |_|\___|

----------------------------------------------------------------------------

      .m.                                                          .m.
      (;)                                                          (;)
      (;)                                                          (;)
      (;)                                                          (;)
   .  (;)  .                                                    .  (;)  .
   |\_(;)_/|                                                    |\_(;)_/|
    )     (                                                      )     (
   |/ )|( \|                                                    |/ )|( \|
     ( o )                 You have entered the                   ( o )
      )8(                     Path of Honor                        )8(
     ( o )                                                        ( o )
      )8(             We're going to start our adventure           )8(
     ;|S|;          talking about the neverlan honor code.        ;|S|;
     ||S||                                                        ||S||
     ||S||                   level1 password:                     ||S||
     ||S|<          act-with-honor-and-honor-will-aid-you         ||S|<
     ||S||                                                        ||S||
     ||S||                                                        ||S||
     ||S||                                                        ||S||
     ||S||                                                        ||S||
     >|S||                                                        >|S||
     ||S||                                                        ||S||
     ||S||                                                        ||S||
     \\ //                                                        \\ //
      \V/                                                          \V/
       V                                                            V

act-with-honor-and-honor-will-aid-you

act-with-honor-and-honor-will-aid-you

Bash 2 (BashNinjas/Bash Games 50)

$ ssh -p 3333 level1@157.230.73.80
###############################################################
#                   Welcome to my game                        # 
#         Check out https://neverlanctf.com for info          #
#               Make sure you read the rules                  #
#         https://neverlanctf.com/docs/code-of-conduct        #
###############################################################
level1@157.230.73.80's password: 

                                                                       ╗     
██████╗  █████╗ ███████╗██╗  ██╗███╗   ██╗██╗███╗   ██╗     ██╗ █████╗   ███████╗  
██╔══██╗██╔══██╗██╔════╝██║  ██║████╗  ██║██║████╗  ██║     ██║██╔══██╗  ██╔════╝  
██████╔╝███████║███████╗███████║██╔██╗ ██║██║██╔██╗ ██║     ██║███████║  ███████╗  
██╔══██╗██╔══██║╚════██║██╔══██║██║╚██╗██║██║██║╚██╗██║██   ██║██╔══██║  ╚════██║  
██████╔╝██║  ██║███████║██║  ██║██║ ╚████║██║██║ ╚████║╚█████╔╝██║  ██║  ███████║  
╚═════╝ ╚═╝  ╚═╝╚══════╝╚═╝  ╚═╝╚═╝  ╚═══╝╚═╝╚═╝  ╚═══╝ ╚════╝ ╚═╝  ╚═╝  ╚══════╝  
                                                                                   
   ██████╗  █████╗ ███████╗██╗  ██╗     ██████╗  █████╗ ███╗   ███╗███████╗        
   ██╔══██╗██╔══██╗██╔════╝██║  ██║    ██╔════╝ ██╔══██╗████╗ ████║██╔════╝        
   ██████╔╝███████║███████╗███████║    ██║  ███╗███████║██╔████╔██║█████╗          
   ██╔══██╗██╔══██║╚════██║██╔══██║    ██║   ██║██╔══██║██║╚██╔╝██║██╔══╝          
   ██████╔╝██║  ██║███████║██║  ██║    ╚██████╔╝██║  ██║██║ ╚═╝ ██║███████╗        
   ╚═════╝ ╚═╝  ╚═╝╚══════╝╚═╝  ╚═╝     ╚═════╝ ╚═╝  ╚═╝╚═╝     ╚═╝╚══════╝        
                                                                                   
═════════════════════════════════════════════════════════════════════════════════
           ____ ____ _  _    ____ ____    _  _ ____ _  _ ____ ____ 
           [__  |  | |\ |    |  | |___    |__| |  | |\ | |  | |__/ 
           ___] |__| | \|    |__| |       |  | |__| | \| |__| |  \ 

Level: level1

Instructions
═════════════════════════════════════════════════════════════════════════════════
We're going to play hide and seek. I'll hide a file and you seek for it.
level1@son-of-honor:~$ ls -la
total 32
drwxr-xr-x 1 level1 level1 4096 Feb  3 05:10 .
drwxr-xr-x 1 root   root   4096 Jan 29 20:12 ..
-rw------- 1 level1 level1  220 Aug 31  2015 .bash_logout
-rw------- 1 level1 level1 3771 Aug 31  2015 .bashrc
drwx------ 2 level1 level1 4096 Feb  3 05:10 .cache
-rw------- 1 level1 level1 1127 Jan 29 20:12 .honor-code.txt
-rw------- 1 level1 level1  329 Jan 29 20:12 .instructions
-rw------- 1 level1 level1  655 May 16  2017 .profile
level1@son-of-honor:~$ cat .honor-code.txt 
# our honor code

 What are you best at? What is your passion? How can you provide the most good to the world? These are some of the questions that you should ask yourself.

Our Code of Conduct is based on the R00tz Asylum's Honor Code: https://r00tz.org/honor-code

# PRINCIPLES

neverlan kids focuses on these fundamental truths about the universe:

- The world is one. We are all connected.
- These connections are growing stronger and faster everyday.
- Chaos controls the connections.
- Focus controls the chaos.
- You control the focus.


# VALUES

Please remember these values in everything you do:

- Only do good
- Always do your best
- Constantly improve
- Innovate
- Think long-term
- Be positive
- Visualize it
- Inspire others
- Go big & have fun!  


# RULES

The Internet is a small place. Word gets around, fast.

Follow these rules at all times:

- Only hack things you own
- Do not hack anything you rely on
- Respect the rights of others
- Know the law, the possible risk, and the consequences for breaking it
- Find a safe playground

level2 password: the-only-path-to-honor-is-to-stick-to-your-chosen-code

the-only-path-to-honor-is-to-stick-to-your-chosen-code

Bash 3 (BashNinjas/Bash Games 75)

$ ssh -p 3333 level2@157.230.73.80
###############################################################
#                   Welcome to my game                        # 
#         Check out https://neverlanctf.com for info          #
#               Make sure you read the rules                  #
#         https://neverlanctf.com/docs/code-of-conduct        #
###############################################################
level2@157.230.73.80's password: 

                                                                       ╗     
██████╗  █████╗ ███████╗██╗  ██╗███╗   ██╗██╗███╗   ██╗     ██╗ █████╗   ███████╗  
██╔══██╗██╔══██╗██╔════╝██║  ██║████╗  ██║██║████╗  ██║     ██║██╔══██╗  ██╔════╝  
██████╔╝███████║███████╗███████║██╔██╗ ██║██║██╔██╗ ██║     ██║███████║  ███████╗  
██╔══██╗██╔══██║╚════██║██╔══██║██║╚██╗██║██║██║╚██╗██║██   ██║██╔══██║  ╚════██║  
██████╔╝██║  ██║███████║██║  ██║██║ ╚████║██║██║ ╚████║╚█████╔╝██║  ██║  ███████║  
╚═════╝ ╚═╝  ╚═╝╚══════╝╚═╝  ╚═╝╚═╝  ╚═══╝╚═╝╚═╝  ╚═══╝ ╚════╝ ╚═╝  ╚═╝  ╚══════╝  
                                                                                   
   ██████╗  █████╗ ███████╗██╗  ██╗     ██████╗  █████╗ ███╗   ███╗███████╗        
   ██╔══██╗██╔══██╗██╔════╝██║  ██║    ██╔════╝ ██╔══██╗████╗ ████║██╔════╝        
   ██████╔╝███████║███████╗███████║    ██║  ███╗███████║██╔████╔██║█████╗          
   ██╔══██╗██╔══██║╚════██║██╔══██║    ██║   ██║██╔══██║██║╚██╔╝██║██╔══╝          
   ██████╔╝██║  ██║███████║██║  ██║    ╚██████╔╝██║  ██║██║ ╚═╝ ██║███████╗        
   ╚═════╝ ╚═╝  ╚═╝╚══════╝╚═╝  ╚═╝     ╚═════╝ ╚═╝  ╚═╝╚═╝     ╚═╝╚══════╝        
                                                                                   
═════════════════════════════════════════════════════════════════════════════════
           ____ ____ _  _    ____ ____    _  _ ____ _  _ ____ ____ 
           [__  |  | |\ |    |  | |___    |__| |  | |\ | |  | |__/ 
           ___] |__| | \|    |__| |       |  | |__| | \| |__| |  \ 

Level: level2

Instructions
═════════════════════════════════════════════════════════════════════════════════
Ok. So you found the hidden file. How about trying to find the password in plain
sight? You'll have to figure out how to sift through the muck though...
level2@son-of-honor:~$ ls
canyoufindme.txt
level2@son-of-honor:~$ cat canyoufindme.txt | grep level3
level3:child-of-honor

child-of-honor

Bash 4 (BashNinjas/Bash Games 100)

$ ssh -p 3333 level3@157.230.73.80
###############################################################
#                   Welcome to my game                        # 
#         Check out https://neverlanctf.com for info          #
#               Make sure you read the rules                  #
#         https://neverlanctf.com/docs/code-of-conduct        #
###############################################################
level3@157.230.73.80's password: 

                                                                       ╗     
██████╗  █████╗ ███████╗██╗  ██╗███╗   ██╗██╗███╗   ██╗     ██╗ █████╗   ███████╗  
██╔══██╗██╔══██╗██╔════╝██║  ██║████╗  ██║██║████╗  ██║     ██║██╔══██╗  ██╔════╝  
██████╔╝███████║███████╗███████║██╔██╗ ██║██║██╔██╗ ██║     ██║███████║  ███████╗  
██╔══██╗██╔══██║╚════██║██╔══██║██║╚██╗██║██║██║╚██╗██║██   ██║██╔══██║  ╚════██║  
██████╔╝██║  ██║███████║██║  ██║██║ ╚████║██║██║ ╚████║╚█████╔╝██║  ██║  ███████║  
╚═════╝ ╚═╝  ╚═╝╚══════╝╚═╝  ╚═╝╚═╝  ╚═══╝╚═╝╚═╝  ╚═══╝ ╚════╝ ╚═╝  ╚═╝  ╚══════╝  
                                                                                   
   ██████╗  █████╗ ███████╗██╗  ██╗     ██████╗  █████╗ ███╗   ███╗███████╗        
   ██╔══██╗██╔══██╗██╔════╝██║  ██║    ██╔════╝ ██╔══██╗████╗ ████║██╔════╝        
   ██████╔╝███████║███████╗███████║    ██║  ███╗███████║██╔████╔██║█████╗          
   ██╔══██╗██╔══██║╚════██║██╔══██║    ██║   ██║██╔══██║██║╚██╔╝██║██╔══╝          
   ██████╔╝██║  ██║███████║██║  ██║    ╚██████╔╝██║  ██║██║ ╚═╝ ██║███████╗        
   ╚═════╝ ╚═╝  ╚═╝╚══════╝╚═╝  ╚═╝     ╚═════╝ ╚═╝  ╚═╝╚═╝     ╚═╝╚══════╝        
                                                                                   
═════════════════════════════════════════════════════════════════════════════════
           ____ ____ _  _    ____ ____    _  _ ____ _  _ ____ ____ 
           [__  |  | |\ |    |  | |___    |__| |  | |\ | |  | |__/ 
           ___] |__| | \|    |__| |       |  | |__| | \| |__| |  \ 

Level: level3

Instructions
═════════════════════════════════════════════════════════════════════════════════
So you know how to use grep or some other similar program. Good for you. Now can
you do the same thing with a binary file?
level3@son-of-honor:~$ ls
random
level3@son-of-honor:~$ cat random | grep -a level4
���'�VQ��0���ʌ�^����Ҿ�3X�h�e���Ӎ��� �X�m���]�iX�(Ʒ��:��Y��x�xD=�d�{����Y��-��o:ᛣ䢦��TpC��u�?��v���Z�@�+��d��Zj���U8�4S.�GW���goJ���项*����/lZ�AI�� �+�t��level4:only*hack^things%you$own

only*hack^things%you$own

Bash 5 (BashNinjas/Bash Games 125)

$ ssh -p 3333 level4@157.230.73.80
###############################################################
#                   Welcome to my game                        # 
#         Check out https://neverlanctf.com for info          #
#               Make sure you read the rules                  #
#         https://neverlanctf.com/docs/code-of-conduct        #
###############################################################
level4@157.230.73.80's password: 

                                                                       ╗     
██████╗  █████╗ ███████╗██╗  ██╗███╗   ██╗██╗███╗   ██╗     ██╗ █████╗   ███████╗  
██╔══██╗██╔══██╗██╔════╝██║  ██║████╗  ██║██║████╗  ██║     ██║██╔══██╗  ██╔════╝  
██████╔╝███████║███████╗███████║██╔██╗ ██║██║██╔██╗ ██║     ██║███████║  ███████╗  
██╔══██╗██╔══██║╚════██║██╔══██║██║╚██╗██║██║██║╚██╗██║██   ██║██╔══██║  ╚════██║  
██████╔╝██║  ██║███████║██║  ██║██║ ╚████║██║██║ ╚████║╚█████╔╝██║  ██║  ███████║  
╚═════╝ ╚═╝  ╚═╝╚══════╝╚═╝  ╚═╝╚═╝  ╚═══╝╚═╝╚═╝  ╚═══╝ ╚════╝ ╚═╝  ╚═╝  ╚══════╝  
                                                                                   
   ██████╗  █████╗ ███████╗██╗  ██╗     ██████╗  █████╗ ███╗   ███╗███████╗        
   ██╔══██╗██╔══██╗██╔════╝██║  ██║    ██╔════╝ ██╔══██╗████╗ ████║██╔════╝        
   ██████╔╝███████║███████╗███████║    ██║  ███╗███████║██╔████╔██║█████╗          
   ██╔══██╗██╔══██║╚════██║██╔══██║    ██║   ██║██╔══██║██║╚██╔╝██║██╔══╝          
   ██████╔╝██║  ██║███████║██║  ██║    ╚██████╔╝██║  ██║██║ ╚═╝ ██║███████╗        
   ╚═════╝ ╚═╝  ╚═╝╚══════╝╚═╝  ╚═╝     ╚═════╝ ╚═╝  ╚═╝╚═╝     ╚═╝╚══════╝        
                                                                                   
═════════════════════════════════════════════════════════════════════════════════
           ____ ____ _  _    ____ ____    _  _ ____ _  _ ____ ____ 
           [__  |  | |\ |    |  | |___    |__| |  | |\ | |  | |__/ 
           ___] |__| | \|    |__| |       |  | |__| | \| |__| |  \ 

Level: level4

Instructions
═════════════════════════════════════════════════════════════════════════════════
Nice job on that last level. I'll have to step it up. Alright here is a file,
but I won't tell you what it is. You'll have to figure that out on your own.
level4@son-of-honor:~$ ls
nextlevel
level4@son-of-honor:~$ file nextlevel
nextlevel: gzip compressed data, was "principles.txt", last modified: Fri Mar 30 08:05:12 2018, max compression, from Unix
level4@son-of-honor:~$ gzip -dc nextlevel
PRINCIPLES

r00tz kids focuses on these fundamental truths about the universe:

- The world is one. We are all connected.

- These connections are growing stronger and faster everyday.

- Chaos controls the connections.

- Focus controls the chaos.

- You control the focus.

level5:on-my-honor-i-will-do-my-best

on-my-honor-i-will-do-my-best

Bash 6 (BashNinjas/Bash Games 150)

$ ssh -p 3333 level5@157.230.73.80
###############################################################
#                   Welcome to my game                        # 
#         Check out https://neverlanctf.com for info          #
#               Make sure you read the rules                  #
#         https://neverlanctf.com/docs/code-of-conduct        #
###############################################################
level5@157.230.73.80's password: 

                                                                       ╗     
██████╗  █████╗ ███████╗██╗  ██╗███╗   ██╗██╗███╗   ██╗     ██╗ █████╗   ███████╗  
██╔══██╗██╔══██╗██╔════╝██║  ██║████╗  ██║██║████╗  ██║     ██║██╔══██╗  ██╔════╝  
██████╔╝███████║███████╗███████║██╔██╗ ██║██║██╔██╗ ██║     ██║███████║  ███████╗  
██╔══██╗██╔══██║╚════██║██╔══██║██║╚██╗██║██║██║╚██╗██║██   ██║██╔══██║  ╚════██║  
██████╔╝██║  ██║███████║██║  ██║██║ ╚████║██║██║ ╚████║╚█████╔╝██║  ██║  ███████║  
╚═════╝ ╚═╝  ╚═╝╚══════╝╚═╝  ╚═╝╚═╝  ╚═══╝╚═╝╚═╝  ╚═══╝ ╚════╝ ╚═╝  ╚═╝  ╚══════╝  
                                                                                   
   ██████╗  █████╗ ███████╗██╗  ██╗     ██████╗  █████╗ ███╗   ███╗███████╗        
   ██╔══██╗██╔══██╗██╔════╝██║  ██║    ██╔════╝ ██╔══██╗████╗ ████║██╔════╝        
   ██████╔╝███████║███████╗███████║    ██║  ███╗███████║██╔████╔██║█████╗          
   ██╔══██╗██╔══██║╚════██║██╔══██║    ██║   ██║██╔══██║██║╚██╔╝██║██╔══╝          
   ██████╔╝██║  ██║███████║██║  ██║    ╚██████╔╝██║  ██║██║ ╚═╝ ██║███████╗        
   ╚═════╝ ╚═╝  ╚═╝╚══════╝╚═╝  ╚═╝     ╚═════╝ ╚═╝  ╚═╝╚═╝     ╚═╝╚══════╝        
                                                                                   
═════════════════════════════════════════════════════════════════════════════════
           ____ ____ _  _    ____ ____    _  _ ____ _  _ ____ ____ 
           [__  |  | |\ |    |  | |___    |__| |  | |\ | |  | |__/ 
           ___] |__| | \|    |__| |       |  | |__| | \| |__| |  \ 

Level: level5

Instructions
═════════════════════════════════════════════════════════════════════════════════
Look around for more guidance.
level5@son-of-honor:~$ ls
Syl.jpg  values.txt
level5@son-of-honor:~$ cat values.txt 
VALUES

Please remember these values in everything you do:

- Only do good

- Always do your best

- Constantly improve

- Innovate

- Think long-term

- Be positive

- Visualize it

- Inspire others

- Go big & have fun! 

Oh... and you probably want to pull the image file to your computer and look at it.
You don't know how to do that? Google is your friend. 
Something like "Transfer files over SSH" might do the trick.

ローカルに戻って、jpgファイルをダウンロードする。

$ scp -P 3333 level5@157.230.73.80:/home/level5/Syl.jpg .
###############################################################
#                   Welcome to my game                        # 
#         Check out https://neverlanctf.com for info          #
#               Make sure you read the rules                  #
#         https://neverlanctf.com/docs/code-of-conduct        #
###############################################################
level5@157.230.73.80's password: 
Syl.jpg                                       100%  108KB 108.2KB/s   00:01

jpgファイルにパスワードが書いてある。

have-you-memorized-the-code-yet

Bash 7 (BashNinjas/Bash Games 175)

$ ssh -p 3333 level6@157.230.73.80
###############################################################
#                   Welcome to my game                        # 
#         Check out https://neverlanctf.com for info          #
#               Make sure you read the rules                  #
#         https://neverlanctf.com/docs/code-of-conduct        #
###############################################################
level6@157.230.73.80's password: 

                                                                       ╗     
██████╗  █████╗ ███████╗██╗  ██╗███╗   ██╗██╗███╗   ██╗     ██╗ █████╗   ███████╗  
██╔══██╗██╔══██╗██╔════╝██║  ██║████╗  ██║██║████╗  ██║     ██║██╔══██╗  ██╔════╝  
██████╔╝███████║███████╗███████║██╔██╗ ██║██║██╔██╗ ██║     ██║███████║  ███████╗  
██╔══██╗██╔══██║╚════██║██╔══██║██║╚██╗██║██║██║╚██╗██║██   ██║██╔══██║  ╚════██║  
██████╔╝██║  ██║███████║██║  ██║██║ ╚████║██║██║ ╚████║╚█████╔╝██║  ██║  ███████║  
╚═════╝ ╚═╝  ╚═╝╚══════╝╚═╝  ╚═╝╚═╝  ╚═══╝╚═╝╚═╝  ╚═══╝ ╚════╝ ╚═╝  ╚═╝  ╚══════╝  
                                                                                   
   ██████╗  █████╗ ███████╗██╗  ██╗     ██████╗  █████╗ ███╗   ███╗███████╗        
   ██╔══██╗██╔══██╗██╔════╝██║  ██║    ██╔════╝ ██╔══██╗████╗ ████║██╔════╝        
   ██████╔╝███████║███████╗███████║    ██║  ███╗███████║██╔████╔██║█████╗          
   ██╔══██╗██╔══██║╚════██║██╔══██║    ██║   ██║██╔══██║██║╚██╔╝██║██╔══╝          
   ██████╔╝██║  ██║███████║██║  ██║    ╚██████╔╝██║  ██║██║ ╚═╝ ██║███████╗        
   ╚═════╝ ╚═╝  ╚═╝╚══════╝╚═╝  ╚═╝     ╚═════╝ ╚═╝  ╚═╝╚═╝     ╚═╝╚══════╝        
                                                                                   
═════════════════════════════════════════════════════════════════════════════════
           ____ ____ _  _    ____ ____    _  _ ____ _  _ ____ ____ 
           [__  |  | |\ |    |  | |___    |__| |  | |\ | |  | |__/ 
           ___] |__| | \|    |__| |       |  | |__| | \| |__| |  \ 

Level: level6

Instructions
═════════════════════════════════════════════════════════════════════════════════
Look in level7.txt. You'll have to figure out what to do with that on your own.
level6@son-of-honor:~$ ls
level7.txt
level6@son-of-honor:~$ cat level7.txt 
UlVMRVMKClRoZSBJbnRlcm5ldCBpcyBhIHNtYWxsIHBsYWNlLiBXb3JkIGdldHMgYXJvdW5kLCBmYXN0LgoKRm9sbG93IHRoZXNlIHJ1bGVzIGF0IGFsbCB0aW1lczoKCi0gT25seSBoYWNrIHRoaW5ncyB5b3Ugb3duCgotIERvIG5vdCBoYWNrIGFueXRoaW5nIHlvdSByZWx5IG9uCgotIFJlc3BlY3QgdGhlIHJpZ2h0cyBvZiBvdGhlcnMKCi0gS25vdyB0aGUgbGF3LCB0aGUgcG9zc2libGUgcmlzaywgYW5kIHRoZSBjb25zZXF1ZW5jZXMgZm9yIGJyZWFraW5nIGl0CgotIEZpbmQgYSBzYWZlIHBsYXlncm91bmQKCmxldmVsNzp3aGl0ZS1oYXRzLWhhdmUtdmFsdWVzLWFuZC1ydWxlcwo=
level6@son-of-honor:~$ cat level7.txt | base64 -d
RULES

The Internet is a small place. Word gets around, fast.

Follow these rules at all times:

- Only hack things you own

- Do not hack anything you rely on

- Respect the rights of others

- Know the law, the possible risk, and the consequences for breaking it

- Find a safe playground

level7:white-hats-have-values-and-rules

white-hats-have-values-and-rules

Bash 8 (BashNinjas/Bash Games 200)

$ ssh -p 3333 level7@157.230.73.80
###############################################################
#                   Welcome to my game                        # 
#         Check out https://neverlanctf.com for info          #
#               Make sure you read the rules                  #
#         https://neverlanctf.com/docs/code-of-conduct        #
###############################################################
level7@157.230.73.80's password: 

                                                                       ╗     
██████╗  █████╗ ███████╗██╗  ██╗███╗   ██╗██╗███╗   ██╗     ██╗ █████╗   ███████╗  
██╔══██╗██╔══██╗██╔════╝██║  ██║████╗  ██║██║████╗  ██║     ██║██╔══██╗  ██╔════╝  
██████╔╝███████║███████╗███████║██╔██╗ ██║██║██╔██╗ ██║     ██║███████║  ███████╗  
██╔══██╗██╔══██║╚════██║██╔══██║██║╚██╗██║██║██║╚██╗██║██   ██║██╔══██║  ╚════██║  
██████╔╝██║  ██║███████║██║  ██║██║ ╚████║██║██║ ╚████║╚█████╔╝██║  ██║  ███████║  
╚═════╝ ╚═╝  ╚═╝╚══════╝╚═╝  ╚═╝╚═╝  ╚═══╝╚═╝╚═╝  ╚═══╝ ╚════╝ ╚═╝  ╚═╝  ╚══════╝  
                                                                                   
   ██████╗  █████╗ ███████╗██╗  ██╗     ██████╗  █████╗ ███╗   ███╗███████╗        
   ██╔══██╗██╔══██╗██╔════╝██║  ██║    ██╔════╝ ██╔══██╗████╗ ████║██╔════╝        
   ██████╔╝███████║███████╗███████║    ██║  ███╗███████║██╔████╔██║█████╗          
   ██╔══██╗██╔══██║╚════██║██╔══██║    ██║   ██║██╔══██║██║╚██╔╝██║██╔══╝          
   ██████╔╝██║  ██║███████║██║  ██║    ╚██████╔╝██║  ██║██║ ╚═╝ ██║███████╗        
   ╚═════╝ ╚═╝  ╚═╝╚══════╝╚═╝  ╚═╝     ╚═════╝ ╚═╝  ╚═╝╚═╝     ╚═╝╚══════╝        
                                                                                   
═════════════════════════════════════════════════════════════════════════════════
           ____ ____ _  _    ____ ____    _  _ ____ _  _ ____ ____ 
           [__  |  | |\ |    |  | |___    |__| |  | |\ | |  | |__/ 
           ___] |__| | \|    |__| |       |  | |__| | \| |__| |  \ 

Level: level7

Instructions
═════════════════════════════════════════════════════════════════════════════════
This is almost the same thing as the last level, just gotta do one more step.
level7@son-of-honor:~$ ls
level8.txt
level7@son-of-honor:~$ cat level8.txt 
H4sIAInhvVoAA+1YXW/cthLts37FwC95yK6ziWs7t4BRpO3D9QXSBqhxgwvkhZJmJXYpUuCHt/r3PUNqN3biOEWR4LaAJoC1S47ImTNnPjaDsnrLIbrT+Hv85uvIZrO5+PZbkuflxXl+bl6U7yKXLy4v6PnZi/PLs4vN+cUZbZ6fn73YfEObr2TPPUkhKg9TBr3juGd1y/5BPahtt4+cU3yh4/MfIvS4XF296b1qdnRtm9Orq6p6SOm/zqSB6RfLK7oOITFdruhNrw3TGbktPd9U1dX6i/6rbnqmrTPG7bXtaK8C7b2OkS2F3vloJlLbyJ4GfPAeBD89PX3Yesi7Z+/kvB+dDY1m27BYrejfcJz9s3fPPvniB1JPn9V8+vSpXPWabXQeXx574e3skbP0H2WT8hO9XNHzf728+OJwHq14ZV3sgZuzTJ2L1KjU9ZGia9W0Ih2fBFLGkEOaEBRpVCP7cEp0csNsVce+epXx5pa0BaTDmCQOP3oNivzaKNsqc7KikwIuHZVLuH5Qdkc3asChiOuJBO1g2U9qsLTTrVwGCKcnnrMpyiBz78T2hxSp1S1NLq3EBDzFVM+8HjUjtmOYmt4Z14EatgWe5xt4Fbnprau90nZVcXZP7XADGed2VHOvoSse88RB+CGf++zE9zCuXEj5xb2zrTx6FatBtVDTA0Xd7FZ5Dbz1Dc4IPbBrZXNeH9SEE2+ZBmfasvP90a1rUgOsKTeuCPwp7N47b9q7OL3WCJ1GmMoW7MTRNXfaIkd07CnAe2fwCl0/GSgMysccTGVxcYjwrRLfCg8E8BU2cWDj1SheT8BKNT2lQLVD9Gjgj+KUBAEoaQHkMwETKxCn35LVzsPprqfDczZVdACL0WCKBTDRFRPAPOLfR4OYVQA1h2SrQSSg0wNxMK53e1H33KZGormFVVE7K2cWK1HYEVkdhcM/uxW9DqfVrwOAQjETItknUWrKfgZ7l98UgukoZmO1ZyUROPmIqlB9412tapSjxoF98z2PokGZMgpXhEbSbCrJl6/dOpiMvWZOKyy+VbBDUeAGrJsjpUPVzLghFxxClPl1jTppo9iNdo+9rXwcwHIhywBw8XHO8ZqR+IHpugqN5302nNKIt3528biry+mCkHjxAREO8ounLbMJOQlViWA9fVoZLthdyLRQhZ6kQviE8r37MymkH0hEEbNkcvRq0ID9xyQtEXqFIIA3GSZgBzZN1KmBP1dnXpV6YAUFZPIofklSIXIOXHTjgarqmKPkU8j2AQmHuprzbOyl1hqd/+yyqQ68mlXgCqm21Y1E5ZaRxCtZYsNN9M7qhsZkJBShCmA9uRShAL5vU4dk8G7IWQECraNb4wHOCnsYcUCvyy4HuSgW22unfCunZaq9B+zkphBLCAzFmWbgFYAFsWo2znb3kuCadhZZIwVgEg/nEMgCMNuWlLa5YA4cxUrUQTtXXrPL2FVlVQpj2UGq+aNX4EeH1M+VrFwmJRix+kSkbybBPo30AezllIeifXdm+B/OrmFo7icgJO35Q2VZglM1yxgyOmfXW+G6Atu3ziFxY1UqmuBmoU19smiZUJLyheqmdgVdHKJjbjMDUqbUcHFO6o6BEcHosTpQZC8xGD2vURElVYX9UeE0w0FY/Pa9Va0btFWxZGBQqDERhHK+0p11vizL7WpUeKBnFViQwPtiRK+QWQ4BKzyeC/FcmJJ0GGPWleyNadQGh9dJ7HehHKL8TPPWuzE7uFfSfjLjscqBfbyD+oF2AnrpZ4jzAaOyMPfiQ0oU97EQ0O2aXkoiVzWrFKeDaq1Sm3HJ1Y+klOWBD3ffamkTBoWqndBbgE+eL9EOkFmYdoRCudfkitpIiZH60mofBX50SJ3LKiZSKT0+WYF09G6r0ZZkqKHOpBhdSeS2kqg2QqIkHVZLeEwJWm5triSN+PSIZmDeVWWCkjww3HZ/5rXs39G5sEMQGgxGflUd1sAVNEvwO2L6Oyx6NrrTTvq/VuHxe6qcNkkbYT/I16DCDDV8F/U95kX88fPXIflWZhvBMWZ0QBUWkqVQ5ajmZngImhQdmS9Kx5KYCEnc3mJwdWiFE/Kk5KjE/I5J71Oaw+owWB32gczrKX/LU1QmPcjRJK9dAAz396vD/m+p7TLr2Y343YOYZ4LkcSmoaSYlGhtqHDro+808XpbW8tC9wDu3QDk7T7R3ku9QFCTn5voIFDotEyQLSe+NFffGx9mcnFqYYIbj/wKUOicFF9/GWce2+la3SZlVJdlcIp3nItFJYa658wyPL6uPiuNf+GFk4JF5+d0wrUG8tVd2DTDW5+u8Htaqc9X/+9fzIossssgiiyyyyCKLLLLIIossssgiiyyyyCKL/D3lD/IUcHIAKAAA
level7@son-of-honor:~$ cat level8.txt | base64 -d > dec
level7@son-of-honor:~$ file dec
dec: gzip compressed data, last modified: Fri Mar 30 07:04:41 2018, from Unix
level7@son-of-honor:~$ gzip -dc dec
manifesto.txt000644 000765 000024 00000007276 13257360563 015320 0ustar00miketweaverstaff000000 000000                                ==Phrack Inc.==

                    Volume One, Issue 7, Phile 3 of 10

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
The following was written shortly after my arrest...

                       \/\The Conscience of a Hacker/\/

                                      by

                               +++The Mentor+++

                          Written on January 8, 1986
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

        Another one got caught today, it's all over the papers.  "Teenager
Arrested in Computer Crime Scandal", "Hacker Arrested after Bank Tampering"...
        Damn kids.  They're all alike.

        But did you, in your three-piece psychology and 1950's technobrain,
ever take a look behind the eyes of the hacker?  Did you ever wonder what
made him tick, what forces shaped him, what may have molded him?
        I am a hacker, enter my world...
        Mine is a world that begins with school... I'm smarter than most of
the other kids, this crap they teach us bores me...
        Damn underachiever.  They're all alike.

        I'm in junior high or high school.  I've listened to teachers explain
for the fifteenth time how to reduce a fraction.  I understand it.  "No, Ms.
Smith, I didn't show my work.  I did it in my head..."
        Damn kid.  Probably copied it.  They're all alike.

        I made a discovery today.  I found a computer.  Wait a second, this is
cool.  It does what I want it to.  If it makes a mistake, it's because I
screwed it up.  Not because it doesn't like me...
                Or feels threatened by me...
                Or thinks I'm a smart ass...
                Or doesn't like teaching and shouldn't be here...
        Damn kid.  All he does is play games.  They're all alike.

        And then it happened... a door opened to a world... rushing through
the phone line like heroin through an addict's veins, an electronic pulse is
sent out, a refuge from the day-to-day incompetencies is sought... a board is
found.
        "This is it... this is where I belong..."
        I know everyone here... even if I've never met them, never talked to
them, may never hear from them again... I know you all...
        Damn kid.  Tying up the phone line again.  They're all alike...

        You bet your ass we're all alike... we've been spoon-fed baby food at
school when we hungered for steak... the bits of meat that you did let slip
through were pre-chewed and tasteless.  We've been dominated by sadists, or
ignored by the apathetic.  The few that had something to teach found us will-
ing pupils, but those few are like drops of water in the desert.

        This is our world now... the world of the electron and the switch, the
beauty of the baud.  We make use of a service already existing without paying
for what could be dirt-cheap if it wasn't run by profiteering gluttons, and
you call us criminals.  We explore... and you call us criminals.  We seek
after knowledge... and you call us criminals.  We exist without skin color,
without nationality, without religious bias... and you call us criminals.
You build atomic bombs, you wage wars, you murder, cheat, and lie to us
and try to make us believe it's for our own good, yet we're the criminals.

        Yes, I am a criminal.  My crime is that of curiosity.  My crime is
that of judging people by what they say and think, not what they look like.
My crime is that of outsmarting you, something that you will never forgive me
for.

        I am a hacker, and this is my manifesto.  You may stop this individual,
but you can't stop us all... after all, we're all alike.

                               +++The Mentor+++

level8:my-wit-ran-out-5-levels-ago

my-wit-ran-out-5-levels-ago

Bash 9 (BashNinjas/Bash Games 225)

$ ssh -p 3333 level8@157.230.73.80
###############################################################
#                   Welcome to my game                        # 
#         Check out https://neverlanctf.com for info          #
#               Make sure you read the rules                  #
#         https://neverlanctf.com/docs/code-of-conduct        #
###############################################################
level8@157.230.73.80's password: 

                                                                       ╗     
██████╗  █████╗ ███████╗██╗  ██╗███╗   ██╗██╗███╗   ██╗     ██╗ █████╗   ███████╗  
██╔══██╗██╔══██╗██╔════╝██║  ██║████╗  ██║██║████╗  ██║     ██║██╔══██╗  ██╔════╝  
██████╔╝███████║███████╗███████║██╔██╗ ██║██║██╔██╗ ██║     ██║███████║  ███████╗  
██╔══██╗██╔══██║╚════██║██╔══██║██║╚██╗██║██║██║╚██╗██║██   ██║██╔══██║  ╚════██║  
██████╔╝██║  ██║███████║██║  ██║██║ ╚████║██║██║ ╚████║╚█████╔╝██║  ██║  ███████║  
╚═════╝ ╚═╝  ╚═╝╚══════╝╚═╝  ╚═╝╚═╝  ╚═══╝╚═╝╚═╝  ╚═══╝ ╚════╝ ╚═╝  ╚═╝  ╚══════╝  
                                                                                   
   ██████╗  █████╗ ███████╗██╗  ██╗     ██████╗  █████╗ ███╗   ███╗███████╗        
   ██╔══██╗██╔══██╗██╔════╝██║  ██║    ██╔════╝ ██╔══██╗████╗ ████║██╔════╝        
   ██████╔╝███████║███████╗███████║    ██║  ███╗███████║██╔████╔██║█████╗          
   ██╔══██╗██╔══██║╚════██║██╔══██║    ██║   ██║██╔══██║██║╚██╔╝██║██╔══╝          
   ██████╔╝██║  ██║███████║██║  ██║    ╚██████╔╝██║  ██║██║ ╚═╝ ██║███████╗        
   ╚═════╝ ╚═╝  ╚═╝╚══════╝╚═╝  ╚═╝     ╚═════╝ ╚═╝  ╚═╝╚═╝     ╚═╝╚══════╝        
                                                                                   
═════════════════════════════════════════════════════════════════════════════════
           ____ ____ _  _    ____ ____    _  _ ____ _  _ ____ ____ 
           [__  |  | |\ |    |  | |___    |__| |  | |\ | |  | |__/ 
           ___] |__| | \|    |__| |       |  | |__| | \| |__| |  \ 

Level: level8

Instructions
═════════════════════════════════════════════════════════════════════════════════
Your goal here is to decrypt `level9.enc`. There's a clue around here somewhere.
level8@son-of-honor:~$ ls
level9.enc
level8@son-of-honor:~$ cat level9.enc 
U2FsdGVkX1/RjLebmJbThsz7hNuLEJnRevchxfV4RTonlVjXvbUHFMHnitt/TJSt
level8@son-of-honor:~$ cat level9.enc | base64 -d
Salted__ь����ӆ���ۋ��z�!��xE:'�X׽�����L��level8@son-of-honor:~$
level8@son-of-honor:~$ cat .clue
aes-256-cbc encryption password: level9please
level8@son-of-honor:~$ cat level9.enc | openssl enc -d -aes-256-cbc -base64
enter aes-256-cbc decryption password:
level9:please-someone-help

please-someone-help

Sanity Check 1 (Sanity 1)

Slackの#ctfチャネルのところにフラグが書いてある。

evlz{I_pledge_to_play_fair_and_I_promise_to_not_attack_the_infrastructure}ctf

Sanity Check 2 (Sanity 50)

QRコードを読み取ると、以下のURLが出てきた。

https://www31.zippyshare.com/v/09nlhIKo/file.html

そこのリンクにあるflag.zipをダウンロードしたが、パスワードがかかっている。

$ fcrackzip -u -D -p dict/rockyou.txt flag.zip 


PASSWORD FOUND!!!!: pw == !!!0mc3t
$ unzip flag.zip
Archive:  flag.zip
[flag.zip] flag.txt password: 
  inflating: flag.txt
$ cat flag.txt
652076206c207a207b207320302075206e2064205f20302066205f206d2075203520692063207d206320742066
$ cat flag.txt | xxd -r -p
e v l z { s 0 u n d _ 0 f _ m u 5 i c } c t f

evlz{s0und_0f_mu5ic}ctf

Imago (Forensics 150)

TweakPNGで見ると、IHDRのCRCがおかしい。
高さを変えてみると、フラグ部分が表示された。

evlz{who_cares_about_metadata_I_just_do_binwalk}ctf

Don't Blink (Misc 100)

giamでGIFアニメの各フレームを分割する。
分割した各画像を合成する。

from PIL import Image

DIR = 'frames/'

input_img = Image.open(DIR + 'persistant_01.gif').convert('RGB')
pixels = list(input_img.getdata())

for i in range(2, 58):
    file = DIR + 'persistant_%02d.gif' % i
    tmp_img = Image.open(file).convert('RGB')
    tmp_pixels = tmp_img.getdata()
    for j in range(len(tmp_pixels)):
        if tmp_pixels[j] != (255, 255, 255):
            pixels[j] = tmp_pixels[j]

output_img = Image.new('RGB', (500, 500), (255, 255, 255))

idx = 0
for y in range(500):
    for x in range(500):
        output_img.putpixel((x, y), pixels[idx])
        idx += 1

output_img.save('flag.gif')

evlz{catch_me}ctf

Welcome (RECON)

Rulesのページにフラグが書いてある。

F#{w3lc0m3_gUyS!!!!!FIr35h#L_ctF_@)!(}

Biggars (CRYPTO)

e, N, Cが与えられている。明らかにRSA暗号。
Nが非常に大きいため、e乗根をとって復号してみようとしたが、ダメだった。
試しにnを小さい素数で割っていくと多くの素数が出てくる。
Multi-Prime RSAの問題のようなので、その復号方式で復号する。

from Crypto.Util.number import *
import gmpy

def chinese_remainder(n, a):
    sum = 0
    prod = reduce(lambda a, b: a*b, n)

    for n_i, a_i in zip(n, a):
        p = prod / n_i
        sum += a_i * gmpy.invert(p, n_i) * p
    return sum % prod

with open('RkFLRUZMQUc.txt', 'r') as f:
    lines = f.readlines()

e = int(lines[0].strip().split(' = ')[1])
N = int(lines[1].strip().split(' = ')[1])
C = int(lines[2].strip().split(' = ')[1])

primes = []
for i in range(1, 300):
    if isPrime(i):
        primes.append(i)

divisors = {}
n = N
i = 0
while True:
    if n % primes[i] != 0:
        i += 1
    else:
        if primes[i] in divisors:
            divisors[primes[i]] += 1
        else:
            divisors[primes[i]] = 1
        n = n / primes[i]
    if i == len(primes):
        break

n_ary = []
a_ary = []
for p in divisors:
    k = divisors[p]
    pk = p ** k
    phi = pk * (p-1)/p
    d = gmpy.invert(e, phi)
    mk = pow(C, d, pk)
    n_ary.append(pk)
    a_ary.append(mk)

m = chinese_remainder(n_ary, a_ary)
flag = long_to_bytes(m)
print flag

F#{b1g_m0d_1s_unbr34k4bl3_4m_1_r1gh7?}