Open in app

Sign in

Write

Sign in

‘Cyber Apocalypse — 19/23 April

f0reth1nker
5 min readApr 25, 2021

HackTheBox & CryptoHack recently hosted a brilliant CTF, Cyber Apocalypse. As this was my first CTF, I was going into this fairly blind, which was exciting in it’s own regard.

Due to real world commitments, our 3 man team was reduced to 2 then to just myself, however, was still an enjoyable (While sometimes frustrating) experience. Rather than doing 5 separate write ups for every challenge that was completed, I will compile them all up together.

The background to the CTF was an ‘alien invasion’ theme, so every challenge was then related around this. The CTF comprised of the following categories;

Web, Pwn, Crypto, Reversing, Forensics, Hardware and Misc.

Crypto & web will be the categories I’ll be writing up on in this article, and just a quick note; this is now okay to do as the event has now finished. The flag handle was CHTB{ ** } for all challenges.

Web; Challenge 1; Inspector Gadget.

This challenge was super simple, reading the description for the challenge was enough for me to understand where the contents of the flag were.

The complete flag: CHTB{1nsp3ct1on_c4n_r3ve4l_us3full_1nf0rm4tion}

When inspecting the elements of the web page, you’d navigate through all the tools available to you (i.e debugger, style editor etc) the contents of the flag were simply hidden within the header of 3 different sections, all I had to do were piece them together.

Next, we’ll move onto Crypto, this was by far the most rewarding category for me, having an interest in cryptography in general and the inner workings around it. I have to say, these were great challenges, which gave me a huge feeling of accomplishment when that plain-text flag became visible. The 3 challenges we completed were;

  • Nintendo Base64 (as name suggests; base64)
  • Phase Stream 1 & 2 (Xor)

The first challenge, ranked easy, was ‘Nintendo Base64’, so straight away you’re given the encryption method, however the encrypted plain-text was stored in ‘ascii art’ of sorts.

‘encoding not equal to encryption’

So, the most logical thing seemed to be, take enc string and decode it, however it wouldn’t have worked in the format it was in, so the next step was to convert the contents of the ‘output.txt’ file into a continuous string. Which was achieved by doing the below, which removes all spaces etc and puts it back into a format we can then use to decrypt.

Now that we had the string, I head over to ‘CyberChef’, which is an incredible tool released by GCHQ, the string was encoded multiple times in base64 format, so all it took was was to decrypt it until the flag became visible.

CHTB{3nc0d1ng_n0t_3qu41_t0_3ncrypt10n}

For the next two challenges, the encryption method used was Xor (ExclusiveOr). This was a challenge for me, however, this was very similar to a challenge on HTB platform ‘xorxorxor’.

So, the challenge was straight forward, you’re told it’s xor encryption with 5-byte key.

We know the encryption method (xor) and we know the flag format ( CHTB{ )

All you need is the key… and it does help knowing the plaintext.

Plain text (encrypted with key) gives cipher-text (decrypted using key) gives plain text.

So, I’ll go ahead and explain all this above. (if you’re new to Xor, then i’ll do my best to explain how this was solved in a way that makes sense.)

we’re given the encoded flag:

  • 2e313f2702184c5a0b1e321205550e03261b094d5c171f56011904

Now, within the description, we’re told it has been encrypted using a repeated 5-byte key… couple this information with the hint: ‘whats the flag format?’ so what do we know so far?

  • encoded flag (encoded string)
  • cipher method (XOR)
  • we know it’s been encrypted with a 5-byte key
  • we also know the flag format; CHTB{ which is 5-bytes longKey?

We can also see the flag’s in a hex format, so the next step to solving this challenge was as follows (also in the image above);

  • Convert ‘CHTB{‘ to HEX = 43483f2702. (5–byte)
  • we then XOR (using CyberChef) the new hex string that we just made against the first 5-bytes of the enc flag.
  • this gives us the key, 6d 79 6b 65 79 (MYKEY)
  • We then take the encoded string along with our key which then gives us the flag.
CHTB{u51ng_kn0wn_p141nt3xt}

PhaseStream2, the second challenge, follows the XOR theme. However throwing a bit of a curve ball at us, this time the flags been hidden within 9999 random lines of data and they’ve also decided to do it with a single-byte key.. Ideal.

However, Ollie found a great tool; xortool.

Using Xortool, we were able to brute force the ‘output.txt’ file, which told us most probable key lengths, which is fine, but we already knew this information (it’s given to us in the description)

However, importantly, it then output’s all of these brute forced attempts into ‘*.out’ files, about 200+ of them. However, we know the flag format (CHTB), so the next thing we did was capturing the file that had the string CHTB within it using:

cat *.out | grep -a “CHTB”

the xortool_out dir, which holds all the brute forced attempts

There we have it, the flag “CHTB{n33dl3_1n_4_h4yst4ck}, aptly named.

So, there we have it, 5 challenges, which still somehow landed me in 1,200 place out of 4,000+ so not too bad for a first attempt.

This was a great experience, I now know where the gaps in my knowledge lie which is great and also it’s given me the opportunity to practice things I’d already done before (xor).

Thanks for reading,

Forethinker.

Example of post CTF Certificate
Hackthebox
Cyberapocalypse
Crypto Hack
Ctf
Ctf Writeup

--

--

f0reth1nker

Written by f0reth1nker

2 Followers

Cyber Security Enthusiast | Aspiring Red team proffesional |

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams