BabyPWN CTF 2022 Walkthrough
BabyPWN CTF is a competition organized by Innovative Computer Engineering Students’ Society — i-CES on 2nd December 2022 at Western Regional Campus, Pokhara. The event lasted for 3 hours. During the event, we team sudo (Arpan Paudel and me) were able to secure 2nd position.
In this challenge we were given a combination of 2 hash separated by a underscore. We used hashid to identify the 2 hashes (md5,sha1) and decrypted using hashcat.
Looking at the file flag.txt, it looked like base64 encoding so, we tried decoding it but got in vain. So, first we tried decoding via base32 as suggested by the hint given from question and decoded through base64 that gave flag for the challenge.
Reading the title of the challenge, we can know that it is related caesar cipher. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions down the alphabet.
For this challenge we used an online tool https://www.dcode.fr/caesar-cipher and used English alphabets (from A to Z) with shift of 3 and bruteforced all the 26 combinations. This gave us flag for the challenge.
Hint : pudke ko last password pudke001 ahele number between 700 to 750
Looking through the hint for the challenge we created a wordlist for “pudke” to bruteforce the password protected zip file. First, we converted the zip file into hash using zip2john and later bruteforced the password using john which gave the flag for the challenge.
Looking through the hint for the challenge we created a wordlist for password protected docx file using the password hint to bruteforce the password protected docx file. First, we converted the docx file into hash using office2john and later bruteforced the password using john which gave the flag for the challenge.
Password Hint: Password : Content of favMovieList.txt + number between 880 to 920 + $
First we opened the pcap file in wireshark and applied filter http. Following the TCP Stream of the HTTP GET request on /anotherpage.php gives flag for the challenge on response.
After analyzing the pcap file in wireshark, we applied http filter and checked for interesting packets. All of the packets contained a common live host “aaratimahato.com.np”.
Few POST requests contained messages sent to the host “aaratimahato.com.np”.
We checked all the requests and sent all messages that were sent earlier to the host and one of the reply contained the password and a file “archived.cpt”.
After decrypting the file archived.cpt we got a file named “archived” which was bzip2 compressed file. Decompressing the file gave us flag for the challenge.
This was probably the easiest challenge of the event. Viewing the source-code of the website revealed the flag for the challenge.
First of all, we extracted the application using apktool and searched for the flag format recursively. This gave the flag for this challenge.
After downloading the challenge file we looked the file format of the file and saw comment that looked like some encoding. We kept the encoded text on CyberChef and found that it was base58 encoding and got flag for the challenge.
In this challenge, we were given a file output.png. We went to the website https://stylesuxx.github.io/steganography/ and uploaded the file and decoded which gave the flag for this challenge.
In this challenge, we were given a photo of building next to the event place.
Going through the hint of question we can see “First Date House” in the title which can’t be the campus itself xD. We googled for cinema halls near Lamachaur and got “Himaz Cinema”. Appending the flag format gave us flag [i-CES{Himaz_Cinema}] for the challenge.
Though, we weren’t able to complete all the challenges in the given time-frame. All challenges were awesome. If you have any query regarding the challenge feel free to ping us.
![[THM] : Badbyte Walkthrough](https://miro.medium.com/v2/resize:fit:679/1*v6EhuCQYdZsjYIrZ4TlgGQ.png)
