Sunday, March 30, 2014

RuCTF Quals 2014 - Stegano 400 writeup

We have an one hour pixel video with 10800 frames (3 frame per second). Each frame contain a 8x8 grid of colored squares.
I didn't solved this task during the game, and today after a huge number of unsuccessful attempts, I finally solved it. No LSB, MSB as I thought.
I've even found that squares with indexes [0,0], [4,0], [0,4] and [4,4] are filled with more solid color, but alas...
The solution of this task is to stare at video and notice that some of the squares with white background sometimes contain some text and images.
So you can see, that the flag is: V1de0_mast3r.
Here is an assembled flag frame:

Saturday, March 22, 2014

Spring has come

Spring has come. It's time to dig out the umbrellas.
Весна пришла - самое время откапывать зонтики

Friday, March 21, 2014

A version of team name

Today I invented a variant of a name for Kazakh CTF team: hackorda (kz: hack horde), ak (kz: ақ) = white, reference to white hats :)
A variant of writing (using the letter қ from Kazakh alphabet).
Logos of the hack0rda team.

Sunday, March 16, 2014

Magic Numbers crackme solution

I've decided to solve some crackme and randomly selected a crackme named magic. I've downloaded this one from a good crackmes collection here. This is my first solution write up for crackme, so don't judge strictly :)
In this crackme needed to find a correct combination of 16 "magic numbers" (serial). So firstly it's needed to understand checking algorithm.
Checking algorithm is the next:
1) The serial must contain all numbers in the range [0..F] and these numbers must be unique.
2) Numbers must satisfy the following conditions:
x1 + x2 + x3 + x4 = x5 + x6 + x7 + x8 = x9 + x10 + x11 + x12 = x13 + x14 + x15 + x16 =
x1 + x5 + x9 + x13 = x2 + x6 + x10 + x14 = x3 + x7 + x11 + x15 = x4 + x8 + x12 + x16 =
x1 + x6 + x11 + x16 =
x4 + x7 + x10 + x13
After understanding the magic numbers checking algorithm, I've coded a program to find some appropriate combinations.
Success!
By the way "About" button doing nothing until you have created a file "Info.txt" with the some about data.
Here is about dialog with my info:
That's all.