Newark Academy CTF (NACTF) 2021 — Challenge Writeups

This post contains writeups for some challenges in this CTF.

1. Juliet’s Note

It is the first cryptography challenge in the CTF. They have given the message which we have to decode to find the flag.

It is a simple integer to character to match. I coded a small python code to find the flag. I avoided the brackets and added them later.

Flag for Juliet’s Note

2. Secret Ingredient

This is the first challenge in Forensics category. They gave us a file which is text file with the extension of “.txt”.

I used file to check the headers.

It seems like it is not a text file but it is image file with ‘.jpeg’ extension. So copied the file to jpeg format.

Later I opened the image file and I got the flag.

Flag for Secret Ingredient

3. PowerAmulet

This is a Forensics challenge. They gave a jpg image file. When we open it we can see a picture of ocean. I tried exiftool with this image and found nothing.

Then I tried binwalk to find whether any file is zipped with this image and it was a success. So I extracted the files.

binwalk -e ocean.jpg

Going deep into the extracted folders, there is the flag.txt file which contains the flag.

Flag for PwoerAmulet

4. When in Rome…

The given clue is Rome. So it will be caesar cipher. They gave encoded text, we have decode it. I used dcode to decode it.

The flag is nactf{*****_jul*us_ca**r}.

5. Bases

They gave the base64 encoded text, we just decode it. I used cyberchef and got the flag.

Flag for Bases

6. Hashes

This challenge is based on MD5 hash. We have to find the string which hashed into given MD5 hash. I used online decryptor to find the string.

Flag for Hashes

7. Veteran’s Day

In the description of the challenge they have give clue that it is ‘Vigenere’ which tells us that it is vigenere cipher. So we have to decode it and get the flag. The key is ‘AMERICA’ because he loves it.

Flag for Veteran’s Day

8. The Warning

The given ‘warning.txt’ file is having nothing while opened it.

I checked the file using binwalk , but no any zipped files. So I used hexdump to check the hexdecimal values. I found suspicious things. It had multiple entries of 20 and 9.

Then I took out those values and coded a python script to turn them into binary.

Output:

01110100011010000011001101100011001101000111001001110010001100000111010001110011001100010110111001110100011010000011001101100011011000010110011000110011011101000011001101110010001100010110000100110100011100100011001101110000001100000011000101110011001100000110111000110000011101010111001100111001001110000011000101110101011001000011100100110011011010000011100100110001001100100110100000110011011001010011100000111001

Then I converted this binary to string which gave the flag.

Flag for The Warning

Wrap it with nactf{}.

It was fun playing the CTF. It had challenge from easy level to hard level. Hope you learnt new things.

Read my other writeups.

Website: https://vishnuram1999.github.io/

Follow me in Medium for more other writeups.

Vishnuram Rajkumar – Medium

Newark Academy CTF (NACTF) 2021 — Challenge Writeups was originally published in InfoSec Write-ups on Medium, where people are continuing the conversation by highlighting and responding to this story.