HyggeHalcyon
GithubLinkedIn
  • πŸ•ŠοΈwhoami
  • 🚩CTFs
    • 2025
      • ARKAVIDIA Quals
      • TECHOMFEST Quals
    • 2024
      • BackdoorCTF
      • World Wide CTF
      • 7th Cyber Mimic Defense
      • TSA Cyber Champion
      • Cyber Jawara International
      • National Cyber Week Quals
      • COMPFEST 16 Finals
      • HackToday Finals
      • UIUCTF
      • TBTL CTF
      • BSidesSF CTF
      • UMD CTF
      • UMassCTF
      • b01lers CTF
      • AmateursCTF
      • UNbreakable International - Team Phase
    • 2023
      • HackToday CTF Quals
        • Vnote
        • TahuBulat
        • Rangkaian Digital
      • Tenable CTF
        • Skiddyana Pwnz and the Loom of Fate
        • Braggart
      • CiGITS
        • afafafaf
        • popping around shell
        • well_known
      • TJCTF
        • flip out
        • shelly
        • groppling-hook
        • formatter
        • teenage-game
      • SanDiegoCTF
        • money printer
        • turtle shell
      • DeadSec CTF
        • one punch
      • FindIT CTF Quals
        • Debugging Spiders
        • Everything Machine
        • Furr(y)verse
        • Bypass the Py
        • Joy Sketching in the Matrix
        • Detective Handal
        • I Like Matrix
        • CRYptograPI
        • Date Night
        • Web-Find IT
        • Mental Health Check
        • NCS Cipher
        • Discovered
  • πŸ”NOTES
    • FSOP
      • Structures
      • GDB
      • Arbitrary Read/Write
      • Vtable Hijack
    • Heap Feng Shui
      • Libc Leak
    • Kernel Space
      • Privilege Escalation
      • Objects
      • Escaping Seccomp
    • V8
      • Documentation
      • TurboFan
      • SandBox (Ubercage)
  • πŸ“šResources
    • Cyber Security
      • General
      • Red Teaming
        • CheatSheet
        • Payload Database
        • Quality of Life
      • Binary Exploitation
        • Return Oriented Programming
        • File Structure Oriented Programming
        • Heap Exploitation
        • Linux Kernel Exploitation
        • Windows Exploitation
        • V8 Browser
      • Reverse Engineering
        • Windows Executable
        • Malware Analysis
        • Tools
      • Web Exploitation
      • Malware Development
      • Detection Engineering
      • Blockchain / Web3
      • Cryptography
    • Software Engineering
  • πŸ“‹Planning
    • Quick Notes
Powered by GitBook
On this page
  • Problem
  • Solution
  • Flag
  1. CTFs
  2. 2023
  3. FindIT CTF Quals

Discovered

Problem

Description

Bob finds a pdf file. He is sure there is important content in it but the pdf file is locked. Can you help him? (Bracket the flag with FindITCTF{})

Solution

We're given a PDF with password protected. Let's extract the hash and crack the password using John The Ripper

$ pdf2john secret.pdf > hash
$ cat hash

secret.pdf:$pdf$44128*-1060116fce8559bd3fcc84ba72dbad5638fcc2032c71748896b9831a45b01a477b9970c980000000000000000000000000000000032*167b0cd8e21bbd37be65e1df44df6a7043f29c342635c1754fa81bc7fc029f7b

Next, we need to cut out the secret.pdf bit so it would look like this

$pdf$44128*-1060116fce8559bd3fcc84ba72dbad5638fcc2032c71748896b9831a45b01a477b9970c980000000000000000000000000000000032*167b0cd8e21bbd37be65e1df44df6a7043f29c342635c1754fa81bc7fc029f7b

With that done, we can start to crack the hash using john, we'll use the standard rockyou wordlist

$ john --wordlist=/usr/share/wordlists/rockyou.txt hash
$ john --show hash

?:LimitedEdition

1 password hash cracked, 0 left

Now we have retrieved the password, we can take a look of what's inside of the pdf file

in case anyone wants to copy the emotes

πŸ˜πŸ‘΄πŸ€” _ πŸ‘½πŸ˜ _ πŸ€―πŸ€‘πŸ‘΄πŸ€”_πŸ₯ΆπŸ” πŸ˜”πŸ₯΅πŸ€―πŸ€– _ πŸ‘΄πŸ˜πŸ€₯πŸ₯± _ 😐🀯🀯🀀 _ πŸ€”πŸ‘΄ _ πŸ€πŸ” πŸ˜πŸ€€ _ πŸ€”πŸ₯΅πŸ€―_πŸ˜”πŸ‘½πŸ€”πŸ€”πŸ€―πŸ€–πŸ˜

Flag

FindITCTF{not_an_emot_cipher_only_need_to_find_the_pattern}

PreviousNCS CipherNextFSOP

Last updated 1 year ago

Looks like we're presented with a emote cipher. After an intensive look up and bunch of wrong tool on the internet, we eventually stumbled upon this tool . There we can supply the emotes and it'll do the job for us

🚩
https://codepen.io/NostraDavid/pen/JjGBmxd
pdf contents