Solving MISC Challenges in Capture The Flag Competitions

1. Basic Flag Format

Most flags in CTF competitions follow the format flag{xxxxx}. This first challenge introduces the fundamental concept of finding hidden flags within challenges.

The solution for this challenge is: flag{th1s_!s_a_d4m0_4la9}

2. PDF Hidden Information

When a PDF file claims there's nothing beneath it, always check for embedded files or links.

To solve this challenge, right-click on the attachment and open it in a new tab. The hidden flag can be revealed by selecting and copying the blue text block that appears in the middle of the image.

3. Encryption Challenge: ROT13 and Base64

This challenge presents a text encoded in a Buddhist language format. Using an online "Zen with Buddha" decryption tool, the text is converted to: MzkuM3gvMUAwnzuvn3cgozMlMTuvqzAenRchMUAeqzWenzEmLJW9

The next step is to apply ROT13 decoding, which shifts each letter 13 positions in the alphabet. This results in: ZmxhZ3tiZHNjamhia3ptbmZyZGhidmNraWpuZHNrdmJramRzYWJ9

Finally, Base64 decoding reveals the flag: base64decode

4. QR Code Extraction from GIF

This challenge involves a GIF file containing a QR code that scans across the screen.

To extract the QR code, use a GIF frame extraction tool to separate the frames. The QR code appears in one of the frames. The challenge requires adding position markers to the QR code using image editing software before it can be scanned to reveal the flag.

5. JAR File Decompilation

This challenge presents a JAR file containing a simple game where the player must survive for 60 seconds.

To find the flag, decompile the JAR file using a tool like JD-GUI. Search for the flag within the decompiled code. If the flag appears as garbled text, apply Base64 decoding to reveal the actual flag.

An alternative approach involves modifying the game assets: extract the JAR file, resize the "green hat" image to make it smaller, repackage the JAR file, and run it again. The smaller image makes the game easier to complete.

6. Binary to ASCII Conversion

This challenge provides a ZIP file containing multiple black and white square images.

The solution involves treating the black and white squares as binary digits (0 for white, 1 for black). Convert these binary values to ASCII characters to reveal the flag. Online converters or custom scripts can be used for this conversion.

7. Hexadecimal Decoding

This challenge presents a hexadecimal encoded message: c8e9aca0c6f2e5f3e8c4efe7a1a0d4e8e5a0e6ece1e7a0e9f3baa0e8eafae3f9e4eafae2eae4e3eaebfaebe3f5e7e9f3e4e3e8eaf9eaf3e2e4e6f2

The solution involves converting each pair of hexadecimal digits to their decimal equivalent and then to ASCII characters. Here's a Python implementation:

def hex_to_ascii(hex_string):
    ascii_string = ""
    for i in range(0, len(hex_string), 2):
        hex_pair = hex_string[i:i+2]
        decimal_value = int(hex_pair, 16)
        ascii_string += chr(decimal_value - 128)  # Adjust for ASCII range
    return ascii_string

flag_data = "c8e9aca0c6f2e5f3e8c4efe7a1a0d4e8e5a0e6ece1e7a0e9f3baa0e8eafae3f9e4eafae2eae4e3eaebfaebe3f5e7e9f3e4e3e8eaf9eaf3e2e4e6f2"
print(hex_to_ascii(flag_data))

8. Linux Filesystem Exploration

This challenge provides a Linux filesystem image that needs to be mounted and explored.

To solve this challenge:

1. Mount the filesystem image: mount /path/to/image /mnt
2. Navigate to the mounted directory: cd /mnt
3. Search for flag files: find | grep flag
4. Examine the flag file: cat ./path/to/flag.txt
5. If the flag is Base64 encoded, decode it to reveal the actual flag

9. Hidden Text in PDF and Morse Code

This challenge presents a PDF file with hidden information.

To solve this challenge:

1. Open the PDF in a web browser
2. Inspect the page elements to find hidden text
3. Copy all page content to a text editor
4. Identify the pattern of characters (A and B)
5. Convert the pattern to Morse code (A for ., B for -)
6. Decode the Morse code to reveal the flag

10. Hidden Images in RAR Files

This challenge involves a RAR file with a hidden image that requires multiple extraction steps.

To solve this challenge:

1. Use a hex editor to modify the RAR file header (change 7A to 74)
2. Change the file extension to .gif
3. Extract frames from the GIF file
4. Use StegSolve to analyze the extracted frames
5. Combine the frames to reveal a QR code
6. Add position markers to the QR code
7. Scan the QR code to reveal the flag

11. Base64 Steganography

This challenge involves Base64 steganography, where hidden messages are encoded within Base64 strings.

To solve this challenge, specialized tools or custom scripts are needed to extract the hidden information from the Base64 encoded file.

12. File Extraction from Network Captures

This challenge involves extracting files from a network packet capture (.pcapng file).

To solve this challenge:

1. Open the capture file in Wireshark
2. Search for specific file types or the flag string
3. Extract relevant TCP streams
4. Use a hex editor to isolate file data (between file markers like FFD8 for JPEG)
5. Save the extracted data as files
6. If files are password protected, use tools like foremost to extract them
7. Use any discovered passwords to access protected content