Rulesページ下部にフラグが記載されています。g00d b0y
Now prove you were a good kid and show you learned the most basic lesson in CTFs!!
Id: g00d_b0y
Total solves: 142
Score: 84
Categories: Bonus
フラグは、
CTF-BR{RTFM_1s_4_g00d_3xpr3ss10n_v3.0}です。
Rulesページ下部にフラグが記載されています。g00d b0y
Now prove you were a good kid and show you learned the most basic lesson in CTFs!!
Id: g00d_b0y
Total solves: 142
Score: 84
Categories: Bonus
CTF-BR{RTFM_1s_4_g00d_3xpr3ss10n_v3.0}です。
ncコマンドで提示されたサーバに接続します。接続するとメニューが表示されます。1と2が選択できます。3を入力すると切断されます。1を選択するとなにやら情報が表示されます。2を選択するとASCIIコードらしき数値が表示されますが、ASCIIコードの範囲である127を超えた数値も表示されていますので、そのままASCIIコードになっている訳ではないようです。Differential Privacy
Is it possible to have privacy on these days? The Rebelious Fingers do not think so. Get the flag.
Server: nc 200.136.213.143 9999
Id: differential_privacy
Total solves: 54
Score: 191
Categories: Crypto
$ nc 200.136.213.143 9999Hello, chose an option:[1] Info[2] Query the flag (in ASCII)[3] Quit1You can query the flag, but the characters are private (indistinguishable).Differential privacy mechanism: LaplaceSensitivity: ||125 - 45|| = 80Epsilon: 6.5Hello, chose an option:[1] Info[2] Query the flag (in ASCII)[3] Quit2[81, 90, 59, 47, 106, 63, 125, 71, 78, 104, 96, 101, 101, 124, 106, 118, 80, 100, 103, 118, 101, 62, 109, 110, 103, 132, 98, 147, 97, 130, 94, 120, 69, 52, 117, 120, 116]
$ nc 200.136.213.143 9999Hello, chose an option:[1] Info[2] Query the flag (in ASCII)[3] Quit1You can query the flag, but the characters are private (indistinguishable).Differential privacy mechanism: LaplaceSensitivity: ||125 - 45|| = 80Epsilon: 6.5Hello, chose an option:[1] Info[2] Query the flag (in ASCII)[3] Quit2[62, 62, 79, 56, 57, 89, 124, 75, 100, 90, 127, 95, 96, 118, 140, 142, 106, 67, 123, 103, 112, 93, 119, 78, 107, 86, 142, 114, 110, 115, 89, 110, 132, 106, 108, 112, 119]
# -*- coding:utf-8 -*-# Server connection example file for Python 2import socketimport sys###########################def solve(l, n):for i in range(len(l)):sum[i] = sum[i] + int(l[i])c0 = round(sum[0] *1.0/n - ord('C'))c1 = round(sum[1] *1.0/n - ord('T'))c2 = round(sum[2] *1.0/n - ord('F'))c3 = round(sum[3] *1.0/n - ord('-'))c4 = round(sum[4] *1.0/n - ord('B'))c5 = round(sum[5] *1.0/n - ord('R'))c6 = round(sum[6] *1.0/n - ord('{'))c36 = round(sum[36]*1.0/n - ord('}'))ave = int(round((c0 + c1 + c2 + c3 + c4 + c5 + c6 + c36) / 8))f = sumf = map(lambda c:chr(int(round(c*1.0/n)-ave)), f)a = ''.join(f)print(a)if a.startswith('CTF-BR{'):return areturn ''sum = [0 for i in range(37)]n = 0while True:host = '200.136.213.143'if len(sys.argv) > 1:host = sys.argv[1]port = 9999if len(sys.argv) > 2:host = int(sys.argv[2])client = socket.socket(socket.AF_INET, socket.SOCK_STREAM)client.connect((host, port))client_file = client.makefile('b')while True:s = client_file.readline().strip()print(s)if '[3] Quit' in s:breakn = n + 1client_file.write("2\n")client_file.flush()s = client_file.readline().strip()print(s)l = s[1:-1].split(',')ans = solve(l, n)while True:s = client_file.readline().strip()print(s)if '[3] Quit' in s:breakclient_file.write("3\n")client_file.flush()if ans != "":breakprint(ans)
$ python aaa.pyHello, chose an option:[1] Info[2] Query the flag (in ASCII)[3] Quit[66, 91, 45, 49, 53, 91, 119, 106, 102, 83, 68, 97, 100, 109, 135, 92, 109, 61, 107, 101, 132, 96, 121, 108, 102, 101, 100, 108, 93, 113, 92, 61, 119, 108, 101, 82, 99]Ha37;a}plYJgjs?bsCqk?frlkjrcwbC}rkXiHello, chose an option:[1] Info[2] Query the flag (in ASCII)[3] QuitHello, chose an option:[1] Info[2] Query the flag (in ASCII)[3] Quit[68, 84, 56, 46, 50, 74, 141, 79, 107, 100, 109, 88, 108, 118, 117, 103, 89, 100, 76, 109, 166, 69, 104, 106, 135, 105, 84, 113, 102, 120, 100, 124, 109, 125, 123, 103, 153]EZ526U?_k^[_jt?deS^k?Usmyi^qdwb_twr_?Hello, chose an option:[1] Info[2] Query the flag (in ASCII)[3] QuitHello, chose an option:[1] Info[2] Query the flag (in ASCII)[3] Quit[69, 71, 57, 45, 55, 105, 95, 70, 97, 110, 119, 114, 103, 137, 108, 109, 90, 101, 96, 122, 130, 107, 101, 109, 97, 129, 98, 114, 120, 106, 77, 113, 109, 124, 114, 69, 146]FT717\xWhdefj{zgbY_q?]onqr`rks\erysW?Hello, chose an option:[1] Info[2] Query the flag (in ASCII)[3] QuitHello, chose an option:[1] Info[2] Query the flag (in ASCII)[3] Quit[60, 92, 57, 52, 64, 74, 170, 57, 119, 119, 139, 114, 103, 87, 139, 91, 72, 109, 81, 127, 127, 98, 111, 98, 94, 130, 117, 117, 92, 110, 100, 113, 113, 85, 102, 102, 111]CV719W?Okhnhir~d[^[t?^njluergq]hrpoZ?Hello, chose an option:[1] Info[2] Query the flag (in ASCII)[3] QuitHello, chose an option:[1] Info[2] Query the flag (in ASCII)[3] Quit[63, 91, 77, 45, 85, 85, 128, 91, 98, 107, 114, 81, 112, 129, 119, 95, 97, 104, 126, 108, 130, 103, 115, 99, 129, 106, 98, 116, 116, 126, 101, 110, 125, 106, 107, 107, 126]AV:/=V?Qihncit|b[_aq?_nhorcris^hsnm]Hello, chose an option:[1] Info[2] Query the flag (in ASCII)[3] QuitHello, chose an option:[1] Info[2] Query the flag (in ASCII)[3] Quit[64, 82, 86, 35, 57, 72, 111, 64, 83, 112, 103, 109, 101, 133, 121, 141, 96, 96, 104, 108, 137, 79, 121, 95, 93, 119, 94, 139, 98, 115, 62, 105, 120, 58, 130, 94, 112]BV@.>U?Ofjnfjx|j]`cr?]qhmtdwitZiufr^~(略)Hello, chose an option:[1] Info[2] Query the flag (in ASCII)[3] QuitHello, chose an option:[1] Info[2] Query the flag (in ASCII)[3] Quit[92, 67, 75, 51, 58, 119, 121, 116, 138, 58, 93, 80, 86, 120, 116, 116, 89, 103, 105, 104, 96, 104, 109, 113, 112, 118, 96, 135, 124, 86, 114, 100, 100, 104, 119, 116, 123]CTF-BR{I_am_just_filtering_uhe_noise}Hello, chose an option:[1] Info[2] Query the flag (in ASCII)[3] QuitCTF-BR{I_am_just_filtering_uhe_noise}
CTF-BR{I_am_just_filtering_the_noise}です。
問題に提示されたリンクをクリックすると下図のページが表示されます。Eluware 1 (Forensics)
There's a nasty malware infecting our visitors. We were unable to find out where it's coming from and what it's doing. Do us a solid and find that out!
You will see a red square saying 'Pwned' when the malware runs.
Start
rqtWBTPbJ8cXgYSXです。