Monday, August 13, 2012

Cyberlympics 2012 Round 1 summary and solutions

Couple months ago my colleagues and I decided to participate in the Cyberlympics competition. First round was on the 9th of August, and it supposed to be about Forensics. In reality, this exercises were more like the ones you may find on challenge sites, so we were a bit confused, but I think we did well.

We got one password protected zip file and 15 minutes before the competition started, we received the password (btw, ~40 minutes before the competition started, we received North America's email too...). The first 5 challenge was encoding, second 5 was about encryption, then 2 steganography challenge and finally, 2 challenges where we had to recover files.

Below there's a quick summary of the solutions:

DECODE_ME01.txt:
Base-64 encoded message. Piece of cake.

DECODE_ME02.txt:
Uuencoded message. Easy.

DECODE_ME03.txt:
Leetspeech. My colleague actually just looked at it and typed in the solution.

DECODE_ME04.txt:
Morse code. Srsly? :P

DECODE_ME05.txt:
It was a string in hex. Easy, it's just way too easy.

DECRYPT_ME01.txt:
Caesar cypher. Super Easy.

DECRYPT_ME02.txt:
Atbash cypher. Easy.

DECRYPT_ME03.txt:
Substitution cypher. Easy too.

DECRYPT_ME04.txt:
Substitution cypher again.

DECRYPT_ME05.txt:
Vigenere cypher. Easy.

DISCOVER_ME01:
This was the only one we couldn't solve. It was a bmp image with some message hidden in it. We tried a lot of programs, transformations, methods. We probably even found the cover media on the Internet, so we tried AND, OR, XOR, ADD, SUB, ect. but no luck. Whoever got this challenge, pls send me the solution, cause it's annoying me.

DISCOVER_ME02:
OK, this one was really twisted, and I have no idea how my teammates managed to solve, but it was like this: A JPEG image was given. We extracted the RGB values and took the last bits, then converted them into ASCII. From this, we got a message, pointing us to Openstego, so we downloaded Openstego and extracted the embedded QR code with LSB method. The QR code finally had the key. OK, I admit, this one was not that easy...

RECOVER_ME01:
We had a bunch of files, two of them was obviously a header of the same JPEG image, and there were also two smaller files  that we identified as the end of the JPEG image. We started concatenating the files together, and checked if the result was a bigger chunk of the JPEG then the previous one. If it was, we kept on doing this until we had the full image. Since the chunks were duplicated, we only had to find one of the matching ones in one row.

RECOVER_ME02:
Same thing. We had a bunch of files, one of them was obviously a header of a JPEG image. There were also chunks of a text file, which had the same line "THIS IS THE WRONG FILE!!!!!", so we ignored this.

And that was all! Frankly, I've expected a little more, and I really hope that it was only a warm-up round before the fun begins.

4 comments :

  1. thanks for posting Answers. I was looking for it,I am for india,we preparing for next level :) how are you guys planning ?

    Harry

    ReplyDelete
  2. Well, we still don't have the results for Europe. :( But if it will be like the first round, it might be something like: lvl 1: password is in the javascript code, lvl 2 password is in the javascript code but somewhat obfuscated...etc. :P

    Anyways, are you guys in the *.*NULL team? :)

    ReplyDelete
  3. thanks for immediate reply,Yes, we are*.*null from India.

    second level is quite different, VPN's, attacking targets with backtrack5. hope you have received email from cyberlympics?

    btw, please share you email address, so that we can chat some times:) you have my email on blogger page.

    ReplyDelete
  4. Yeah, I know that 2nd round is thought VPN. I was just kiddin’ with the javascript stuff, cause I was a bit disappointed after the “Forensics” level. But at least we were not the only ones feeling like this: https://twitter.com/_fixme/status/233693821031030784

    Doesn’t matter. I hope that the pentest part will be more fun :)

    ReplyDelete