Cepheus CTF 23 Writeup
Cepheus CTF was one of the first Capture the Flag (CTF) tournaments we took part in. This competition was hosted by IIT Goa and saw more than 20 teams compete to score the most points before the timer ran out. Despite the fierce competition, we managed to bag first place. This post contains some of the more interesting questions we solved for this CTF.
These were some of the interesting questions :
- Phonic anomaly: (50)
Your team has received an email containing an audio file. They were not able to understand what it was so they sent the file to you as you have a thorough understanding of audio files. You need to find the message that is hidden in this file and help your team.
Flag: CTF{Ph3i_f4mily_is_in_d4ng3r}
Files: ph31ns.wav
Solution:
Tool used : audacity and coagula
This is a basic question related to audio forensics. Open the wav in audacity and check the spectrogram. You will find the flag but a bit jumbled, Clearly analyze it to get the flag.
- Hide and seek (50)
You have recently captured an enemy base. While searching for data on the servers present there, UAVIS senses your presence there, so it hides the information present on that server in the form of QR’s and scatters them.
Find the correct QR codes and get the flag.
File used : f1nd_m3.zip
Flag: CTF{U4V1S_h4s_v3ry_f3w_5uppl13s_l3f7}
*Solution: Here, in this question you have a zip file which contains many folders and each folder contains scattered images of a single qr code. To find the flag you can use the help of any editor or it can also be done in linux by using this command: $command -append .png output.png Where output.png is the new image formed by combining all the images in that folder. Doing this for every file in the zip folder we will find two qr’s which leads to the correct formation of the flag.
- Identity crisis (100)
Your secret agent in the enemy base, robot16, has salient information which can turn the tide of the war in your favour, but robot16 is unable to translate it due to some internal issues. However, it also brought a file with it. Find out what information it brought before it is too late. File name : robot.zip
Flag:CTF{r0b0t16_1d3nti7y_r3v3al3d}
Solution: A file named “op3nm3_f1r5t.pdf” is given, so let’s open it. Here it is says to rotate the given words with the help of robot, as our robot is named as robot16, so let us rotate the given words using rot16 decrypter, then we get the word “c4rful” Using this word if you open the next pdf you will find nothing, but if you search the same word in robot_16.zip file, you will find a text file, if you clearly observe the text file you will find a website link and a password. Using this both along with the given image, you will get a decrypted text which is of hexadecimal form, if you convert this into normal text you will get the flag.
- The rebel alliance (150)
Your team has planned to attack the Pinnacle Tower. But there is one problem, as it is a tower the security there is very high.So, your team has planned to create a diversion by shutting off the main server of the base, which can be done by entering the correct passcode in the server. Now, the spies have sent you a file, “PINNACLE” which contains a code. Examine and run the code properly and get the password. It seems more like a movie plot “ THE STAR WARS”
Flag: CTF{HAVEANICERIDE}
Files: THESTARWARS.py
Solution: The function is a modified version of Caesar Cipher. You’ve to create a decryption function The hint for key is the number of days Cepheus will last = 5
- The imitation game (50)
Attention! You receive information from your allies that there is a code which if decrypted will be helpful in winning the war. You also get to know that these types of code were famously used in ancient human world wars that occurred much decades before. If you have it in you that it takes to be an Alan Turning of this war, then break the code :
CVKLGNCBORXSUOOVIQYCHIEBZHYBXWTYZPGVERHWIMWWCRNPTMUZ
Ans- The fruits of victory are tumbling into your mouth too quickly
Flag - CTF{The_fruits_of_victory_are_tumbling_into_your_mouth_too_quickly}
Solution: Cipher==Enigma machine
- Analysis (50)
Go to the website given below. There is some clue regarding the enemies’ weaknesses, which is scattered and hidden in different locations. Find this clue and help your team gain leverage.
FLAG: CTF{1_4m_3v3rywh3r3_bu7_1n_p13c3s}
Solution: Three parts of the flag are hidden in three files of the webpage: the html, style.css, and custom.js. Since they are numbered (1/3), (2/3), and (3/3), they can be found using ctrl + f to search for the number instead of searching through all the files (alternate method) wget the entire page and grep “CTF” through all files
- Tough as vibranium (50)
You are preparing to launch an attack on an enemy base. Meanwhile, your commander has sent you some instructions as a secret message with “from the lands of vibranium” written. Decrypt the code and move forward.
Ans-Show them who we are Flag:
CTF{Show_them_who_we_are}
Solution: Cipher==Wakanda alphabet
- Pinpoint (50)
While monitoring Phein’s networks, our reconnaissance team was able to retrieve information that the enemies’ strength is low, so they had requested assistance from UAVIS and sent the location of their secret hideout. They sent their location in the form of an image, which only UAVIS could figure out. The reconnaissance team reported the information to us. With their help, your team was able to recover the image but could not pinpoint the location. Now, you have been asked to trace the location so our team can get there and wipe out the rest of the enemies.
Flag: CTF{NW10_3NR}
Solution: Get the number from the image, search it on the internet. You will get an address - Winkworth kensal and Queens park. The flag is the address’s pin code as hinted in the question’s title.
