RSS
 

Archive for the ‘Hackvent 2016’ Category

HACKvent 2016: Day 1

05 Dec 2016
CTF: Hackvent 2016
Link to challenge: http://hackvent.hacking-lab.com
Date Completed: 5 December 2016

Challenge

 

Solution

We confirm that each link does indeed lead to the same destination URL. I can notice a redirection (301 permanent) occurring with each link thanks to a nifty HTTP logging plugin I have for Chrome called Live HTTP Headers. You could also use various online services to check the redirection(s) occurring for each of the 3 links. For example, you could use: redirectcheck.com

We see the following sequences of redirection for each link:

Link 1

http://ow.ly/unCT306N19f

http://bit.do/HV16-t8Kd

https://upload.wikimedia.org/wikipedia/commons/thumb/7/7c/Intocht_van_Sinterklaas_in_Schiedam_2009_%284102602499%29_%282%29.jpg/220px-Intocht_van_Sinterklaas_in_Schiedam_2009_%284102602499%29_%282%29.jpg

Link 2

http://ow.ly/xW3h306N18f

http://bit.do/38aY-QxL5

https://upload.wikimedia.org/wikipedia/commons/thumb/7/7c/Intocht_van_Sinterklaas_in_Schiedam_2009_%284102602499%29_%282%29.jpg/220px-Intocht_van_Sinterklaas_in_Schiedam_2009_%284102602499%29_%282%29.jpg

Link 3

http://ow.ly/3wfc306N10K

http://bit.do/bn4K-c6Lw

https://upload.wikimedia.org/wikipedia/commons/thumb/7/7c/Intocht_van_Sinterklaas_in_Schiedam_2009_%284102602499%29_%282%29.jpg/220px-Intocht_van_Sinterklaas_in_Schiedam_2009_%284102602499%29_%282%29.jpg

 

We notice the string HV16 in the bit.do link for Link 1 and that there is 4 characters, then a hyphen, and then another 4 characters in the short URL for each link. This gives me the idea that the text after each bit.do link can be combined to create the nugget. We join these strings together, adding a hyphen in between each of the 3 strings, to obtain our flag!

 

Flag:  HV16-t8Kd-38aY-QxL5-bn4K-c6Lw

 
No Comments

Posted in Hackvent 2016

 

HACKvent 2016: Day 5

05 Dec 2016
CTF: Hackvent 2016
Link to challenge: http://hackvent.hacking-lab.com
Date Completed: 5 December 2016

Challenge

everybitisimportant

 

Solution

This seems like a series of boolean logical operators. As the hint tell use to use 32 bits, we will solve this problem with a quick C++ program so we can guarantee the data type used is 32 bits. Furthermore, we will try both signed and unsigned variants, it turns out that we need to use signed integers for this problem.

We come up with C++ code (splitting up the operations into 3 steps):

We run the program and the the printed result is:

I enter this into the ball-o-matic and get the daily QR code and daily flag!

Day 5 Solution Ball

 

Flag:  HV16-2wGq-wOX3-T2oe-n8si-hZ0A

 
No Comments

Posted in Hackvent 2016