Posts Categories Tags About Contact Me
https://www.ppeinecke.de/custom_assets/images/pascal_portrait.webp

Pascal's Blog

/featuredImages/picoCTF_logo.png

picoCTF - Forensics - Lookey Here

 published on  included in forensics picoctf
Forensics - Lookey here - writeup description Attackers have hidden information in a very large mass of data in the past, maybe they are still doing it. Download the data here. writeup looking at the content of the txt file I can see a lot of random text… 1 2 3 4 5 6 7 8 9 10 11 12 head anthem.flag.txt ANTHEM by Ayn Rand CONTENTS PART ONE PART TWO By simply grepping out picoCTF I could find the flag
/featuredImages/picoCTF_logo.png

picoCTF - Forensics - File types

 published on  included in forensics picoctf
Forensics - File types - writeup description This file was found among some files marked confidential but my pdf reader cannot read it, maybe yours can. You can download the file from here. writeup Let’s download the file! 1 wget https://artifacts.picoctf.net/c/329/Flag.pdf lets see what file we got here… 1 file Flag.pdf 1 Flag.pdf: shell archive text Looks like this is a shell archive file (.shar) lets rename the file to a proper file extension first.
/featuredImages/picoCTF_logo.png

picoCTF - Forensics - Enhance!

 published on  included in forensics picoctf
Forensics - Enhance! - writeup description Download this featuredImage file and find the flag. Download featuredImage file writeup Ok so I downloaded the featuredImage file drawing.flag.svg Checking with the file command what that actually is: 1 2 file drawing.flag.svg drawing.flag.svg: SVG Scalable Vector Graphics featuredImage looks like it is actually a svg file. Lets try to open it using feh e.g. 1 2 3 feh drawing.flag.svg feh WARNING: drawing.flag.svg - Does not look like an featuredImage (magic bytes missing) feh tells me that the magic bytes are missing.
/featuredImages/picoCTF_logo.png

picoCTF - Forensics - Eavesdrop

 published on  included in forensics picoctf
Forensics - Eavesdrop - writeup description Download this packet capture and find the flag. Download packet capture writeup Let’s first download this file: https://artifacts.picoctf.net/c/364/capture.flag.pcap 1 2 3 4 5 6 7 8 9 10 11 12 wget https://artifacts.picoctf.net/c/364/capture.flag.pcap --2022-03-17 18:29:49-- https://artifacts.picoctf.net/c/364/capture.flag.pcap Resolving artifacts.picoctf.net (artifacts.picoctf.net)... 108.157.4.16, 108.157.4.118, 108.157.4.13, ... Connecting to artifacts.picoctf.net (artifacts.picoctf.net)|108.157.4.16|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 7518 (7.3K) [application/octet-stream] Saving to: 'capture.flag.pcap' capture.flag.pcap 100%[=======================================>] 7.34K --.
/featuredImages/picoCTF_logo.png

picoCTF - Crypto - Morse Code

 published on  included in crypto picoctf
Cryptography - morse-code - writeup description Morse code is well known. Can you decrypt this? Download the file here. Wrap your answer with picoCTF{}, put underscores in place of pauses, and use all lowercase. writeup Opening the file in ghex or sonic visualizer did not help After reading the following article I decided to try to open it using audacity. https://dropn0w.medium.com/do-the-loop-downunderctf-2021-5d8ee86c0f2b Next I tried to interpret the waves as morse code.
/featuredImages/picoCTF_logo.png

picoCTF - Cryptography - credstuff

 published on  included in crypto picoctf
Cryptography - credstuff - writeup description We found a leak of a blackmarket website’s login credentials. Can you find the password of the user cultiris and successfully decrypt it? Download the leak here. The first user in usernames.txt corresponds to the first password in passwords.txt. The second user corresponds to the second password, and so on. writeup let’s write a python program that finds the corresponding password for the user ‘cultiris’