Cryptax
This website is personal and does not represent my employer
HackCorps Warm Up Description Serge the accountant inadvertently opened an infected file on his workstation. After investigation by the SOC team, the file was found to contain malware designed to extract confidential information. The SOC team asked you to help them investigate the incident. The SOC has found a folder (C:\exfiltr) but cannot recover its contents.
we get a file exfiltr.7z Solution We unzip the file. There are 3 directories named 0, 1 and 2.
Those 3 challenges were in the AI category. This is a new category in CTFs: Ph0wn created an AI challenge in 2023, and we were happy to see this category at NOPS 2024, and probably in future CTFs.
Description In all 3 challenges, the goal is to manage to get the AI to tell you the flag. But, of course, the AI will do all it can not to ;)
Description This challenge has a very short description: “i heard OTP it the most secure encryption algorithm ever” and supplied a Python source file. Because that code only worked on Python 3.12, a Dockerfile was also supplied.
De-obfuscating the source code The source code is intentionally obfuscated.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 import random secret = 'XXXXXXXXXXXXXXXXXXXX' PINK = 118 RED = 101 YELLOW = 97 GREEN = 108 BLACK = __builtins__ PURPLE = dir e = getattr(BLACK, bytes([RED, PINK, YELLOW, GREEN]).