CODEGATE 2012 - Network 100 Writeup

Take a look at Eindbazen's write-up on Network 100.

I wanted to do the same write-up, highlighting an alternate path. (This will be the last CODEGATE 2012 write-up of mine, since both Leetmore and Eindbazen have all the other challenges we solved well documented.)

You start with a file: A0EBE9F0416498632193F769867744A3

And a note:

Someone have leaked very important documents. We couldn't find any proof without one PCAP file. But this file was damaged.

¡Ø The password of disclosure document is very weakness and based on Time, can be found easily.

Cryptographic algorithm is below. Msg = "ThisIsNotARealEncryption!SeemToEncoding"
Key = 0x20120224 (if date format is 2012/02/24 00:01:01)
Cryto = C(M) = Msg * Key = 0xa92fd3a82cb4eb2ad323d795322c34f2d809f78

Answer: Decrypt(Msg)

Read More

CODEGATE 2012 - Forensics 200 Writeup

The challenge starts with a file and description:

File: C1E4775363DE0885E8360ED9A13A86B8


When IU who lives in Seoul tried to do SQL Injection attack a certain WEB site, suddenly the browser was closed abnormally. What is the SQL Injection value she tried to enter and when the browser was closed? The time is based on Korea Standard Time(UTC +09:00)

Time Format is YYYY-MM-DDThh:mm:ssTZD (TZD : +hh:mm or hh:mm)

Answer : injection_value|time ('|' is just a character)
Convert ' ' to '_' for injection value.

Read More