XOR Crypto - Intro
  • About:

    Decode these two keys from Base64 and XOR them keys to get the flag!

    Be sure to do this as part of a script; you will need that code for the next two challenges.

  • Great job! You are l33t 😎
    Flag is incorrect. Try again!

amazing-rop
  • About:

    Beginner ROP challenge from pbCTF 2020

  • Connect:
    nc 4.tcp.ngrok.io 16875
  • Great job! You are l33t 😎
    Flag is incorrect. Try again!

picoGym RE, Part I: Need for Speed
  • About:

    Original Description

    The name of the game is speed. Are you quick enough to solve this problem and keep it above 50 mph?

    Advice

    Use Ghidra to look at the binary's main function and figure out what is happening. From there, you have options (which is common for RE problems):

    • Static RE: just read the disassembly/decompiler output until you can work out on paper/etc. what the answer is
    • Dynamic RE: use a debugger like GDB (or other options, like LD_PRELOAD) to manipulate the flow of execution in the program and side-step the booby-trap </ul></p>

  • Great job! You are l33t 😎
    Flag is incorrect. Try again!

picoGym RE, Part II: Reverse Cipher
  • About:

    Original Description

    We have recovered a binary and a text file. Can you reverse the flag?

    Advice

    Use Ghidra to understand the cipher algorithm. Then write a simple program (e.g., in Python) to reverse that algorithm and decipher the flag.

  • Great job! You are l33t 😎
    Flag is incorrect. Try again!

picoGym RE, Part III: Forky
  • About:

    Original Description

    In this program, identify the last integer value that is passed as parameter to the function doNothing().

    Advice

    Treat this as a pure-static RE problem. You need to understand the semantics of the Unix system call fork (and that processes can share memory, as they do in this case to have one single copy of the key veriable stored between all of them).

    The flag is in the format picoCTF{INTEGER_YOU_FOUND}. Be aware that INTEGER_YOU_FOUND can be negative. You will have to consider:

    • machine word sizes (e.g., 32-bit vs. 64-bit integers)
    • 2's complement binary encoding of signed numbers
    • multi-byte integer Endianness </ul></p>

  • Great job! You are l33t 😎
    Flag is incorrect. Try again!

picoGym RE, Part IV: Assembly #4
  • About:

    Original Description

    What will asm4("picoCTF_724a2") return? Submit the flag as a hexadecimal value (starting with '0x'). NOTE: Your submission for this question will NOT be in the normal [picoCtf] flag format.

    Advice

    You are given a disassembly dump of a function taking a C string and returning an integer; you need to figure out the integer returned for the string given above.

    No cheating with Ghidra this time! (Not strictly true; but if you get it into a form where Ghidra can help, you have it in a form where you don't really need Ghidra anymore...)

    The obvious solution is to manually decompile this assembly into C code that you can compile and run. Of course, this approach requires some understanding of

    • 32-bit x86 (a.k.a. i386 or i686) assembly language syntax and machine instruction semantics
    • the C calling convention (a.k.a. ABI) for GCC/Linux (i.e., how the compiler and system libraries use registers, the stack, etc.) </ul> A great resource for exploring these (in the C -> assembly direction) is Godbolt's Compiler Explorer. </p>

      There's also the "cheating" way, which get's us back to my first comment about getting it into a form usable with Ghidra. Question to ponder: can you just "assemble" this source code back into an ELF binary module that could be loaded by Ghidra? If not, why not? What then?

  • Great job! You are l33t 😎
    Flag is incorrect. Try again!

picoGym RE, Part V: B1ll_Gat35
  • About:

    Original Description

    Can you reverse this Windows Binary?

    Advice

    This is not quite a classic RE challenge that simply validates a flag you have to enter, but it's close.

    The flag format is PICOCTF{xxxxx}

    This binary does not make for a pleasant experience in Ghidra if you aren't used to the quirks of Microsoft's C/C++ toolchain. The original picoCtf hints recommending using a Windows VM and Windows debugging tools like OllyDbg are worth considering.

    But it can be run and even debugged on a Linux system using Wine's winedbg toolchain. Given a little persistence and cleverness in Ghidra finding critical points inside the program, the Wine debugger is sufficient for you to side-step the obstacles and get a flag printed out.

  • Great job! You are l33t 😎
    Flag is incorrect. Try again!

Treasure Hunting
  • About:

    Description

    Hmm, do pirates really think they can hide a treasure without us knowing? Find the treasure and prove they are wrong

    This is basic web challenges. Only some level of poking is needed. Access the website here: link

    Flag format: hackpack{...}

  • Connect:
    http://f06e7ae2850b.ngrok.io/
  • Great job! You are l33t 😎
    Flag is incorrect. Try again!

Traveler
  • About:

    Description

    Visit our pages to see our awesomeness! Look for the 'flag' file"

    Flag format: hackpack{...}

  • Connect:
    http://f6c513837e34.ngrok.io/
  • Great job! You are l33t 😎
    Flag is incorrect. Try again!

Custom-ui
  • About:

    Description

    How often do you visit the website just to bounce back because of bad design? Now we developed a new feature, which gives you ability to change the design!

    Flag format: hackpack{...}

  • Connect:
    http://7c17007ea2bf.ngrok.io/
  • Great job! You are l33t 😎
    Flag is incorrect. Try again!

Juice Shop
  • About:

    Description

    This is the most advanced vulnerable application on the web! How many vulnerabilities can you find?

  • Connect:
    http://c5e3ab53b447.ngrok.io/
  • Hints
    Click to expand
    • There's probably some well-written guides out there.

Malware Workshop
  • About:

    DO NOT RUN OUTSIDE A VIRTUAL MACHINE

    This file will record all keystrokes and save them to C:/ProgramData/Log. It will not send any information anywhere else.

    We have found the following malware on our top secret server. We also intercepted the following file that the malware tried to send out. Can you see what info they tried to steal?

  • Great job! You are l33t 😎
    Flag is incorrect. Try again!

Is this the real exe or just a fantac++
  • About:

    This executable seems to be loading another executable into memory. Can you solve this?

  • Great job! You are l33t 😎
    Flag is incorrect. Try again!

logon
  • About:

    Description

    Can you log in as admin?

    Flag format: picoCTF{...}

  • Connect:
    https://jupiter.challenges.picoctf.org/problem/44573/
  • Great job! You are l33t 😎
    Flag is incorrect. Try again!

Irish Name Repo 3
  • About:

    Description

    Can you get logged in as the administrator? It's not as simple as it looks...

    UPDATE: The flag will have a random token string at the end. To submit the flag in a way that we can check, remove the last portion (separated by _) and submit.

    Flag format: picoCTF{...}

  • Connect:
    https://jupiter.challenges.picoctf.org/problem/29132/
  • Great job! You are l33t 😎
    Flag is incorrect. Try again!

JaWT
  • About:

    Description

    Have you heard of JWT?

    Flag format: picoCTF{...}

  • Connect:
    https://jupiter.challenges.picoctf.org/problem/61864/
  • Great job! You are l33t 😎
    Flag is incorrect. Try again!

Writing Snort IDS rules
  • About:

    This challenge is centered around analyzing pcaps from malware running in a virtual machine and writing rules to detect the malicious traffic via Snort, a network intrusion detection system (IDS). </br>

    The talk on 4/9/2021 will discuss how to use Wireshark to inspect PCAPs and provide an overiew of how to write Snort rules, but the ultimate goal of this challenge is for anyone interested to be able to write a Snort rule that detects real malware and then have the Snort rule added into the official Snort community ruleset.

    The currently available challenge problems are:


    To coordinate working on the challenge problems, either post in the GitHub issue or in the Discord. Working together is allowed, and more problems can be posted if needed.


Steganography 101
  • About:

    Enjoy the meme while you warm up a stego skill you’ll be using a lot in this challenge set. (Updated file link)

  • Great job! You are l33t 😎
    Flag is incorrect. Try again!

Neat Concept
  • About:

    You wouldn’t take an unencrypted message at face value, would you?

  • Great job! You are l33t 😎
    Flag is incorrect. Try again!

Diffraction
  • About:

    Have you ever looked through diffraction lenses? What do they do?

  • Great job! You are l33t 😎
    Flag is incorrect. Try again!

XOR Crypto - Easy-ish
  • About:

    This ciphertext has been XOR encrypted with a single length key.

    For example, if the key was f, each byte of the plaintext would be XORed with f.

    The cipher text is also in Base64, which you’ll need to decode before XORing

  • Great job! You are l33t 😎
    Flag is incorrect. Try again!

XOR Crypto - Medium
  • About:

    This ciphertext has been XOR encrypted with key of unknown length.

    For instance, if the key was wot, the first byte of the plaintext would be XORed with w, the second with o, the third with t, and then it would loop around to XOR the fourth character with w

    The cipher text is also in Base64, which you’ll need to decode before XORing

  • Great job! You are l33t 😎
    Flag is incorrect. Try again!