The overall intent for Shakti CTF is for beginners, learn what is a CTF and get women interested in the topic. Therefore, the “easy” 50 points challenges are really very very easy, and 100-point challenges are still *really easy (far easier than baby challenges at Hack.Lu CTF ;-). Everybody has to start one day ;P so I’m okay with this rating as long as it remains consistent. Globally, this was the case, with the exception of a few challenges under/over rated.

Wheels n Whales Category: Web “I’ve heard that Whales and Wheels are the new hot thing. So a buddy of mine build a website where you can get your own. I think he hid an easter egg somewhere, but I can’t get to it, can you help me?” There is a website that goes to http://chal.cybersecurityrumble.de:7780/ A file is provided: web.py 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 import yaml from flask import redirect, Flask, render_template, request, abort from flask import url_for, send_from_directory, make_response, Response import flag app = Flask(__name__) EASTER_WHALE = {"name": "TheBestWhaleIsAWhaleEveryOneLikes", "image_num": 2, "weight": 34} @app.

Hashfun “I guess there is no way to recover the flag” and a Python program is provided: 1 2 3 4 5 6 7 8 9 10 from secret import FLAG def hashfun(msg): digest = [] for i in range(len(msg) - 4): digest.append(ord(msg[i]) ^ ord(msg[i + 4])) return digest print(hashfun(FLAG)) # [10, 30, 31, 62, 27, 9, 4, 0, 1, 1, 4, 4, 7, 13, 8, 12, 21, 28, 12, 6, 60] Understanding the algorithm So this is an alleged hash function.