writeup

Meta - Easy The flag is hidden in the exif tag artist. This can be read using the strings or exif command. The flag is nland{w32_h47_un5_v322473n_m374d473n}. Quick response - Easy The flag is hidden in the text file. quick_response.txt QR code stands for quick response code. That is what the challenge aims for. The text file contains unicode characters that will form a QR code with the right line wrap. Find an editor or a terminal that allows you to adjust the line wrap and play a bit around until you are left with a scannable QR code....

Strings - Easy The flag is hidden somewhere in this binary. strings The challenge is straightforward if you already know what strings is. It is a program that display printable strings in files. We can execute strings on our binary strings and we can find the flag in the output. $ strings strings /lib64/ld-linux-x86-64.so.2 __cxa_finalize __libc_start_main puts libc.so.6 GLIBC_2.2.5 GLIBC_2.34 _ITM_deregisterTMCloneTable __gmon_start__ _ITM_registerTMCloneTable PTE1 u+UH nland{f0H und_y0u}H Try to get the flag!...

Password Guessing - Easy Can you guess the secret password? It changes every time you start the program. There is no chance you get it right. Try your luck! PS: You definitly need the password to get the flag. There is no way around. You can test your solution locally. Connect to the server once it works to retrieve to flag: nc summit.informatik.sexy 8083 password_guessing.c We will start off by looking at the provided source code....

Finders keepers - Easy Can you find the missing person? Flag format nland{<first name>_<last name>} in all lowercase An efficient way to find the origin of images on the Internet is Google Images. We upload the image and find out the person it Hugh Herr. The flag is nland{hugh_herr}. Time Machine - Easy A few weeks ago I accidentally inserted a flag while updating the website, but then immediately fixed the error....

Sanity Check - Easy If you were here from the start, it’s hard to miss the flag. :) Neuland CTF started off with the opening and an introduction. During the introduction we showed what the flags look like and how to submit them. The flag was used for demonstration. The flag is nland{w3lc0m3_70_n3ul4nd_c7f}. Wardriving - Easy We’ve got to secure our perimeter. Evil lurks everywhere, even in our own office (W003)....

Based meme - Easy Can you help me retrieve this awsome meme? based_meme.txt The task description tells us that we should retrieve a meme from an email that somehow got corrupted. As the name of the challenge implies, the meme is Base64 encoded in the body of the email. Base64 is used to encode binary data like images in HTML emails into ASCII characters. The email body can be fixed in the following way:...

Bitwise operator - Easy The key to happiness is love. `bo`juc:7?m:?Q6?9y?;=Q>~=<:9><s. The headline already implies that it is a bitwise encryption. The description gives the next hint that the key is love. With this information, the most likely cipher is XOR. With the CyberChef XOR function the string can be decrypted. The flag is nland{m491c41_817w153_0p324702}. Black box - Medium My friend gave me a black box to communicate. On the side of the black box is a translucent opening behind which a LED flashes....

On the 2nd of April, Neuland held it’s first own CTF in the Technische Hochschule Ingolstadt. About 40 participants spent the following 8 hours solving challenges and making new friends. To round off the event, we wrote a blog post detailing the solutions to the challenges. If you want to try them yourself, here is the link to the corresponding GitHub repository. Have fun! Cryptography RSA - Easy Can you read my secret message?...

The challenge input consists of a single .pyc file, which is a bytecode for a program run with python 3.8. There are existing tools to decompile .pyc back to .py such as decompyle3 or uncompyle6, but unfortunately both of these tools and some others we tested fail to decompile the given pyc file. The two mentioned ones print the JIT opcodes in human readable format and print Parse error at or near 'None' instruction at offset -1...

dont-use-client-side The website prompts us with a “Secure Logon” that has to be verified with valid credentials in order to proceed. If we take a look at the source code, we can see how the verify function works. function verify() { checkpass = document.getElementById("pass").value; split = 4; if (checkpass.substring(0, split) == 'pico') { if (checkpass.substring(split*6, split*7) == '723c') { if (checkpass.substring(split, split*2) == 'CTF{') { if (checkpass.substring(split*4, split*5) == 'ts_p') { if (checkpass....