UTC-CTF 2019 Write-ups

This year they hosted an abbreviated CTF (a teaser), but next year they might bring a full-fledged CTF. They have a wide range of difficulty of challenges, from easy to hard.

Strings

We were provided with below challenge’s description and a file.

strings

It is an executable file. According to name of the challenge, it suggested that this challenge should be solved by strings command.

Based on the output above, the flag for this challenge is utc{that_waz_ezpz}

Corey’s core dump 1

We were provided with below challenge’s description and a file.

core

There is another executable file. We tried run strings command as usual.

Based on the output above, the flag for this challenge is utc{im_a_passw0rd}

ezip

We were provided with below challenge’s description and 2 files.

cat.png

flag.zip

We were given a PNG image file and a zip file with password protected. Our assumption is that password should be somewhere in PNG image file.

We found zip password in image meta data using exiftool.

We unzipped the zip and got a text file. Based on the output above the flag for this challenge is utc{ex1f_ru135_4ll_7h3_w4y}

Optics 1

We were provided with below challenge’s description and an image file.

challenge1.png

We tried to open the image, but it seemed like it is broken. We checked it with hexeditor.

Image signature looked wrong as it showed “LOL“. We changed it to “PNG“, and we got an image of QR code.

We scanned the QR code and got the flag for this challenge which is utc{dang_you_know_qr_decoding_and_shit}

Optics 2

challenge_2.zip

We were given a zip with 441 images inside. Those images seemed like fractures of QR code. With 441 images, we can arrange it 21×21.

After arranged those image to get a complete QR code, we scanned it and got the flag as utc{merge_and_merge_until_you_decode_it}

Curve it up

We were provided with below challenge’s description and a file.

curve.txt

They as use to find the value of n. In order to solve this challenge, we used SageMath to run the below code.

N = 58738485967040967283590643918006240808790184776077323544750172596357004242953
A = 76727570604275129576071347306603709762219034167050511215297136720584179974657

P = (1499223386326383661524589770996693829399568387777849887556841520506306635197, 18509752623395560148909577815970815579696746171847377654079329916213349431951)
Q = (29269524564002256949792104801311755011410313401000538744897527268133583311507, 29103379885505292913479681472487667587485926778997205945316050421132313574991)

#The flag is utfc{n}

B = (P[1]**2-P[0]**3-A*P[0])%N

F = FiniteField(N)
E = EllipticCurve(F,[A,B])
P = E.point(P)
Q = E.point(Q)
factors, exponents = zip(*factor(E.order()))
primes = [factors[i] ^ exponents[i] for i in range(len(factors))][:-2]
dlogs = []
for fac in primes:
    t = int(P.order()) / int(fac)
    dlog = discrete_log(t*Q,t*P,operation="+")
    dlogs += [dlog]
    print("factor: "+str(fac)+", Discrete Log: "+str(dlog)) #calculates discrete logarithm for each prime order

l = crt(dlogs,primes)
print(l)

Based on the output above, the flag for this challenge is utc{314159}

You may also like...

2 Responses

  1. Feliz says:

    how to do optics2 can you explain in detail ?
    command to used to combine the 440 images.

    • KHroot says:

      Actually, there were 441 images, so we wrote a python code to create a html page arranging the image into 21×21. You may refer to this URL for code sample.

Leave a Reply

%d bloggers like this: