├── LICENSE ├── README.md ├── challenge-01-source-code ├── challenge.yml ├── src │ └── app │ │ ├── assets │ │ ├── css │ │ │ └── style.css │ │ └── js │ │ │ └── script.js │ │ └── index.html └── writeup │ ├── README.md │ ├── image-1-website.png │ ├── image-2-source-code.png │ ├── image-3-source-code.png │ ├── image-4-source-code.png │ └── image-5-source-code.png ├── challenge-02-lost-password ├── challenge.yml ├── dist │ └── rev_lost_password.zip ├── src │ ├── lost.c │ └── lost.exe └── writeup │ ├── README.md │ ├── ab-vars.png │ ├── correct-pin.png │ ├── decrypt.png │ ├── enc-flag.png │ └── main.png ├── challenge-03-vigenere-cipher ├── Makefile ├── challenge.yml ├── dist │ └── crypto_vigenere.zip ├── src │ ├── ciphertext.txt │ ├── message.txt │ ├── script.py │ └── words.txt └── writeup │ ├── README.md │ ├── ciphertext.txt │ ├── solve.py │ └── words.txt ├── challenge-04-sql-limited-company ├── challenge.yml ├── src │ ├── app │ │ ├── assets │ │ │ ├── css │ │ │ │ └── style.css │ │ │ ├── database.encrypted.db │ │ │ ├── js │ │ │ │ └── script.js │ │ │ └── vendor │ │ │ │ └── sqljs │ │ │ │ └── sql.js │ │ ├── index.html │ │ └── service-worker.js │ └── generate-database │ │ ├── admin_pass.txt │ │ ├── database.db │ │ ├── database.encrypted.db │ │ ├── flag.txt │ │ ├── generate_db.py │ │ └── key.txt └── writeup │ ├── README.md │ ├── image-1-website.png │ ├── image-2-login.png │ ├── image-3-login.png │ ├── image-4-sql-injection.png │ ├── image-5-sql-injection.png │ └── image-6-sql-injection.png ├── challenge-05-qr-and-codes ├── Makefile ├── challenge.yml ├── dist │ └── misc_qr_and_codes.zip ├── src │ ├── flag.txt │ ├── generate.py │ ├── qrcode.png │ └── requirements.txt └── writeup │ ├── README.md │ ├── hex-to-ascii-decoding.png │ ├── morse-decoding.png │ ├── qr-code-decoding.png │ └── qrcode.png ├── challenge-06-packet-flow-investigation ├── challenge.yml ├── dist │ └── forensics_packet_flow_investigation.zip └── writeup │ ├── README.md │ ├── step-1-wireshark.png │ ├── step-10-flag.png │ ├── step-2-export_process.png │ ├── step-3-unzip.png │ ├── step-4-hexedit.png │ ├── step-5-headers_zip.png │ ├── step-6-solve.png │ ├── step-7-pass.png │ ├── step-8-zip2john.png │ └── step-9-john.png ├── challenge-07-tic-tac-toe ├── challenge.yml ├── dist │ └── app │ │ ├── assets │ │ ├── css │ │ │ └── style.css │ │ └── js │ │ │ └── script.js │ │ └── index.html ├── src │ ├── app │ │ ├── assets │ │ │ ├── css │ │ │ │ └── style.css │ │ │ └── js │ │ │ │ ├── script.js │ │ │ │ └── script.source.js │ │ └── index.html │ └── info.md └── writeup │ ├── README.md │ ├── developer-tools-breakpoint.png │ ├── developer-tools-find-alert.png │ ├── developer-tools.png │ ├── game-lost.png │ ├── game-won-2.png │ ├── game-won.png │ └── obfuscated-javascript.png ├── challenge-08-encrypted-password ├── Makefile ├── challenge.yml ├── dist │ └── rev_encrypted_password.zip ├── src │ ├── flag.txt │ ├── generate.py │ ├── source.c │ └── template.c └── writeup │ ├── README.md │ ├── ghidra-encrypto-password.png │ ├── ghidra-main.png │ └── ghidra.png ├── challenge-09-sound-messages ├── challenge.yml ├── dist │ └── misc_sound_message.zip ├── notes.txt └── writeup │ ├── README.md │ ├── attack.png │ └── solve.png ├── challenge-10-wifi-evidence ├── challenge.yml ├── dist │ └── forensics_wifi_evidence.zip ├── src │ ├── app │ │ ├── app.js │ │ ├── index.html │ │ ├── package.json │ │ └── static │ │ │ ├── chat.css │ │ │ ├── chat.js │ │ │ └── sjcl.js │ └── info.txt └── writeup │ ├── 1-wireshark-view-of-packets.png │ ├── 10-wireshark-websocket.png │ ├── 11-replayed-messages.png │ ├── 2-crack-wifi-password-1.png │ ├── 3-crack-wifi-password-2.png │ ├── 4-wireshark-wpa-keys.png │ ├── 5-traffic-to-a-secure-app-website.png │ ├── 6-exporting-website-files.png │ ├── 8-recovered-website-files.png │ ├── 9-recovered-website.png │ ├── README.md │ └── files │ ├── chat.css │ ├── chat.js │ ├── chat.original.js │ ├── index.html │ └── sjcl.js ├── challenge-11-weak-locks ├── challenge.yml ├── dist │ └── crypto_weak_locks.zip ├── src │ ├── data.txt │ ├── pubkey.pem │ └── script.py └── writeup │ ├── README.md │ ├── data.txt │ ├── pubkey.pem │ └── solve.py ├── challenge-12-ransomware ├── Makefile ├── challenge.yml ├── dist │ └── crypto_ransomware.zip ├── src │ ├── deep_web_results.txt.enc │ ├── dont_open_me.txt.enc │ ├── extremely_important.txt.enc │ ├── fake_flag!1!!!1.txt.enc │ ├── fbi_open_up.txt.enc │ ├── flag.png.enc │ ├── flag.txt │ ├── plain │ │ ├── deep_web_results.txt │ │ ├── dont_open_me.txt │ │ ├── extremely_important.txt │ │ ├── fake_flag!1!!!1.txt │ │ ├── fbi_open_up.txt │ │ ├── flag.png │ │ ├── please_dont.txt │ │ ├── random.txt │ │ ├── readme.txt │ │ ├── really_important.txt │ │ ├── secret_flag.txt │ │ ├── top_secret.txt │ │ ├── transactions.txt │ │ └── very_important.txt │ ├── please_dont.txt.enc │ ├── random.txt.enc │ ├── readme.txt.enc │ ├── really_important.txt.enc │ ├── secret_flag.txt.enc │ ├── top_secret.txt.enc │ ├── transactions.txt.enc │ ├── very_important.txt.enc │ └── zencrypt.py └── writeup │ ├── README.md │ ├── deep_web_results.txt.enc │ ├── dont_open_me.txt.enc │ ├── extremely_important.txt.enc │ ├── fake_flag!1!!!1.txt.enc │ ├── fbi_open_up.txt.enc │ ├── flag.png │ ├── flag.png.enc │ ├── please_dont.txt.enc │ ├── random.txt.enc │ ├── readme.txt.enc │ ├── really_important.txt.enc │ ├── secret_flag.txt.enc │ ├── top_secret.txt.enc │ ├── transactions.txt.enc │ ├── very_important.txt.enc │ └── zsolve.py ├── challenge-demo-01-web-cooking ├── Makefile ├── challenge.yml ├── dist │ └── docker-challenge.tar ├── src │ ├── Dockerfile │ ├── flag.txt │ └── html │ │ ├── cheesecake.php │ │ ├── cookies.php │ │ ├── include │ │ └── webcookies.php │ │ ├── index.php │ │ └── tiramisu.php └── writeup │ ├── README.md │ ├── cookie-recipe-blocked.png │ ├── cookie-recipe-unblocked.png │ ├── cookies-developer-tools-edited.png │ └── cookies-developer-tools.png ├── challenge-demo-02-the-bar-at-caesar-street ├── challenge.yml ├── dist │ └── crypto_pass_word_check.zip └── writeup │ ├── README.md │ └── decoder.png ├── challenge-demo-03-corrupted-image ├── challenge.yml ├── dist │ └── misc_corrupted_image.zip └── writeup │ ├── README.md │ ├── corrupted-image-hex.png │ └── corrupted-image.png ├── challenge-demo-04-weird-shapes ├── challenge.yml ├── dist │ └── forensics_weird_shapes.zip └── writeup │ ├── README.md │ └── document-properties.png ├── challenge-extra-01-what-the-hash ├── challenge.yml ├── dist │ └── hashes.zip ├── src │ ├── hash1 │ ├── hash2 │ ├── hashes3 │ └── readme.txt └── writeup │ ├── README.md │ ├── hash_1 │ ├── hash │ ├── sha1_command.png │ └── sha1_cracked.png │ ├── hash_2 │ ├── Screenshot at 2022-10-21 14-14-36.png │ ├── Screenshot at 2022-10-21 14-15-01.png │ └── hash │ ├── hash_3 │ ├── command.png │ ├── hashes │ ├── readme.txt │ └── solve.png │ └── info.txt ├── challenge-extra-02-timemachine ├── challenge.yml └── writeup │ ├── README.md │ ├── wayback_machine_captures.png │ └── wayback_machine_leak.png ├── challenge-extra-03-mysterious-symbols ├── Makefile ├── challenge.yml ├── dist │ └── misc_mysterious_symbols.zip ├── src │ ├── flag.txt │ ├── generate.py │ ├── pigpen │ │ ├── A.png │ │ ├── B.png │ │ ├── C.png │ │ ├── D.png │ │ ├── E.png │ │ ├── F.png │ │ ├── G.png │ │ ├── H.png │ │ ├── I.png │ │ ├── J.png │ │ ├── K.png │ │ ├── L.png │ │ ├── M.png │ │ ├── N.png │ │ ├── O.png │ │ ├── P.png │ │ ├── Q.png │ │ ├── R.png │ │ ├── S.png │ │ ├── T.png │ │ ├── U.png │ │ ├── V.png │ │ ├── W.png │ │ ├── X.png │ │ ├── Y.png │ │ ├── Z.png │ │ ├── pigpen-symbols.xcf │ │ ├── {.png │ │ └── }.png │ ├── requirements.txt │ └── symbols.png └── writeup │ ├── README.md │ ├── pigpen │ ├── A.png │ ├── B.png │ ├── C.png │ ├── D.png │ ├── E.png │ ├── F.png │ ├── G.png │ ├── H.png │ ├── I.png │ ├── J.png │ ├── K.png │ ├── L.png │ ├── M.png │ ├── N.png │ ├── O.png │ ├── P.png │ ├── Q.png │ ├── R.png │ ├── S.png │ ├── T.png │ ├── U.png │ ├── V.png │ ├── W.png │ ├── X.png │ ├── Y.png │ ├── Z.png │ ├── {.png │ └── }.png │ └── symbols.png ├── challenge-extra-04-code-of-bytes ├── Makefile ├── challenge.yml ├── dist │ └── rev_codeofbytes.zip ├── src │ ├── code.py │ ├── code.pyc │ ├── code.template.py │ ├── flag.txt │ ├── generate.py │ ├── requirements.txt │ └── run.py └── writeup │ ├── README.md │ ├── code.pyc │ └── run.py ├── challenge-extra-05-pboard ├── Makefile ├── challenge.yml ├── dist │ └── misc_pboard.zip ├── src │ ├── board-files │ │ ├── customers_data.csv │ │ ├── flag.txt │ │ └── latest-version.json │ ├── cjson │ │ ├── CHANGELOG.md │ │ ├── CMakeLists.txt │ │ ├── CONTRIBUTORS.md │ │ ├── LICENSE │ │ ├── Makefile │ │ ├── README.md │ │ ├── appveyor.yml │ │ ├── cJSON.c │ │ ├── cJSON.h │ │ ├── cJSON_Utils.c │ │ ├── cJSON_Utils.h │ │ ├── library_config │ │ │ ├── cJSONConfig.cmake.in │ │ │ ├── cJSONConfigVersion.cmake.in │ │ │ ├── libcjson.pc.in │ │ │ ├── libcjson_utils.pc.in │ │ │ └── uninstall.cmake │ │ ├── test.c │ │ └── valgrind.supp │ ├── info.txt │ ├── updater │ └── updater.c └── writeup │ ├── README.md │ ├── trello-board-1.png │ ├── trello-board-2.png │ └── trello-customer-files.png ├── challenges-images ├── README.md ├── challenge_01.png ├── challenge_02.png ├── challenge_03.png ├── challenge_04.png ├── challenge_05.png ├── challenge_06.png ├── challenge_07.png ├── challenge_08.png ├── challenge_09.png ├── challenge_10.png ├── challenge_11.png ├── challenge_12.png ├── challenge_alternative_01.png ├── challenge_alternative_02.png ├── challenge_alternative_03.png ├── challenge_demo_01.png ├── challenge_demo_02.png ├── challenge_demo_03.png ├── challenge_demo_04.png ├── challenge_extra_01.png ├── challenge_extra_02.png ├── challenge_extra_03.png ├── challenge_extra_04.png └── challenge_extra_05.png └── images ├── hellenic-cyber-security-team.png ├── pwn-the-scoreboard.png ├── university-of-piraeus-ssl.png └── πανελλήνιος-μαθητικός-διαγωνισμός-κυβερνοασφάλειας-πμδκ.png /challenge-01-source-code/challenge.yml: -------------------------------------------------------------------------------- 1 | # This file represents the base specification of your challenge. It is used by 2 | # other tools to install and deploy your challenge. 3 | 4 | # Required sections 5 | name: "Πηγαίος Κώδικας" 6 | author: "Athanasios Vasileios Grammatopoulos " 7 | homepage: "https://ssl.ds.unipi.gr/" 8 | category: Παγκόσμιος Ιστός 9 | description: "![monitor-code](/files/a1f0b1c7da921632883536ca5931cb72/challenge_01.png)\n\nΚάποιος μου είπε πως αυτή η ιστοσελίδα περιέχει ένα κρυμμένο μήνυμα…\nΜπορείς να το βρεις;" 10 | value: 600 11 | type: dynamic 12 | 13 | # The extra field provides additional fields for data during the install/sync commands/ 14 | # Fields in extra can be used to supply additional information for other challenge types 15 | # For example the follow extra field is for dynamic challenges. To use these following 16 | # extra fields, set the type to "dynamic" and uncomment the "extra" section below 17 | extra: 18 | initial: 600 19 | decay: 20 20 | minimum: 200 21 | 22 | # connection_info is used to provide a link, hostname, or instructions on how to connect to a challenge 23 | connection_info: https://gramthanos.github.io/pmdk-2023-challenge-source-code/ 24 | 25 | # Flags specify answers that your challenge use. You should generally provide at least one. 26 | # Can be removed if unused 27 | # Accepts strings or dictionaries of CTFd API data 28 | flags: 29 | # A static case sensitive flag 30 | - FLAG{0e29eceae8739e18f256f689b1b8ec1a798311ddc77e5ebf425e535c8b822fbc} 31 | # The flag is in 3 parts 32 | # FLAG{0e29eceae8739e18f2 part 1 in HTML 33 | # 56f689b1b8ec1a798311ddc part 2 in CSS 34 | # 77e5ebf425e535c8b822fbc} part 3 in javascript 35 | 36 | # Topics are used to help tell what techniques/information a challenge involves 37 | # They are generally only visible to admins 38 | # Accepts strings 39 | topics: 40 | - Εισαγωγικές γνώσεις δομής ιστοσελίδων. 41 | - Εισαγωγικές γνώσεις εργαλείων για προγραμματιστές σε περιηγητές διαδικτύου. 42 | - Κατανόηση έννοιας πηγαίου κώδικα. 43 | 44 | 45 | # Tags are used to provide additional public tagging to a challenge 46 | # Can be removed if unused 47 | # Accepts strings 48 | tags: 49 | - Εύκολη 50 | - Παγκόσμιος Ιστός 51 | - Web 52 | 53 | # Provide paths to files from the same directory that this file is in 54 | # Accepts strings 55 | files: 56 | #- no files 57 | 58 | # Hints are used to give players a way to buy or have suggestions. They are not 59 | # required but can be nice. 60 | # Can be removed if unused 61 | # Accepts dictionaries or strings 62 | hints: 63 | #- { 64 | # content: "Thi is affected by corrupted magic power!", 65 | # cost: 0 66 | #} 67 | 68 | # The state of the challenge. 69 | # If the field is omitted, the challenge is visible by default. 70 | # If provided, the field can take one of two values: hidden, visible. 71 | state: hidden 72 | 73 | # Specifies what version of the challenge specification was used. 74 | # Subject to change until ctfcli v1.0.0 75 | version: "0.1" 76 | -------------------------------------------------------------------------------- /challenge-01-source-code/src/app/assets/css/style.css: -------------------------------------------------------------------------------- 1 | html, 2 | body { 3 | height: 100%; 4 | padding: 0; 5 | margin: 0; 6 | } 7 | 8 | body { 9 | overflow: hidden; 10 | background: #000; 11 | } 12 | 13 | #canvas { 14 | position: absolute; 15 | top: 0; 16 | bottom: 0; 17 | left: 0; 18 | right: 0; 19 | } 20 | 21 | /* 22 | Flag Part 2: 56f689b1b8ec1a798311ddc 23 | */ 24 | -------------------------------------------------------------------------------- /challenge-01-source-code/src/app/assets/js/script.js: -------------------------------------------------------------------------------- 1 | (() => { 2 | const canvas = document.getElementById("canvas"); 3 | const ctx = canvas.getContext("2d"); 4 | 5 | let w, h, p; 6 | const resize = () => { 7 | w = canvas.width = innerWidth; 8 | h = canvas.height = innerHeight; 9 | p = Array(Math.ceil(w / 10)).fill(0); 10 | }; 11 | window.addEventListener("resize", resize); 12 | resize(); 13 | 14 | const random = (items) => items[Math.floor(Math.random() * items.length)]; 15 | 16 | const draw = () => { 17 | ctx.fillStyle = "rgba(0,0,0,.05)"; 18 | ctx.fillRect(0, 0, w, h); 19 | ctx.fillStyle = "#0f0"; 20 | 21 | for (let i = 0; i < p.length; i++) { 22 | let v = p[i]; 23 | ctx.fillText(random("0123456789ABCDEF"), i * 10, v); 24 | p[i] = v >= h || v >= 10000 * Math.random() ? 0 : v + 10; 25 | } 26 | }; 27 | 28 | for (var i = 100; i >= 0; i--) { 29 | draw(); 30 | } 31 | 32 | // Flag Part 3: 77e5ebf425e535c8b822fbc} 33 | 34 | let interval = setInterval(draw, 1000 / 30); 35 | })(); 36 | -------------------------------------------------------------------------------- /challenge-01-source-code/src/app/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | Source Code 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | -------------------------------------------------------------------------------- /challenge-01-source-code/writeup/image-1-website.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-01-source-code/writeup/image-1-website.png -------------------------------------------------------------------------------- /challenge-01-source-code/writeup/image-2-source-code.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-01-source-code/writeup/image-2-source-code.png -------------------------------------------------------------------------------- /challenge-01-source-code/writeup/image-3-source-code.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-01-source-code/writeup/image-3-source-code.png -------------------------------------------------------------------------------- /challenge-01-source-code/writeup/image-4-source-code.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-01-source-code/writeup/image-4-source-code.png -------------------------------------------------------------------------------- /challenge-01-source-code/writeup/image-5-source-code.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-01-source-code/writeup/image-5-source-code.png -------------------------------------------------------------------------------- /challenge-02-lost-password/challenge.yml: -------------------------------------------------------------------------------- 1 | # This file represents the base specification of your challenge. It is used by 2 | # other tools to install and deploy your challenge. 3 | 4 | # Required sections 5 | name: "Χαμένο Συνθηματικό" 6 | author: "sem1tonos " 7 | homepage: "https://ssl.ds.unipi.gr/" 8 | category: Αντίστροφη Μηχανική 9 | description: "![locked-box](/files/f7afa49de1fa3ea1bcb23864615b9850/challenge_02.png)\n\nΠροσπαθώ να τρέξω αυτήν την εφαρμογή αλλά έχω ξεχάσει το συνθηματικό της…\nΜπορείς να με βοηθήσεις;" 10 | value: 600 11 | type: dynamic 12 | 13 | # The extra field provides additional fields for data during the install/sync commands/ 14 | # Fields in extra can be used to supply additional information for other challenge types 15 | # For example the follow extra field is for dynamic challenges. To use these following 16 | # extra fields, set the type to "dynamic" and uncomment the "extra" section below 17 | extra: 18 | initial: 600 19 | decay: 20 20 | minimum: 200 21 | 22 | flags: 23 | # A static case sensitive flag 24 | - FLAG{4dab94ba92108cd36e212256b548697b} 25 | 26 | # Topics are used to help tell what techniques/information a challenge involves 27 | # They are generally only visible to admins 28 | # Accepts strings 29 | topics: 30 | - Εισαγωγικές γνώσεις αντίστροφής μηχανικής. 31 | - Find the PIN. 32 | 33 | # Tags are used to provide additional public tagging to a challenge 34 | # Can be removed if unused 35 | # Accepts strings 36 | tags: 37 | - Εύκολη 38 | - Αντίστροφη Μηχανική 39 | - Reverse Engineering 40 | 41 | # Provide paths to files from the same directory that this file is in 42 | # Accepts strings 43 | files: 44 | - dist/rev_lost_password.zip 45 | 46 | # The state of the challenge. 47 | # If the field is omitted, the challenge is visible by default. 48 | # If provided, the field can take one of two values: hidden, visible. 49 | state: hidden 50 | 51 | # Specifies what version of the challenge specification was used. 52 | # Subject to change until ctfcli v1.0.0 53 | version: "0.1" 54 | -------------------------------------------------------------------------------- /challenge-02-lost-password/dist/rev_lost_password.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-02-lost-password/dist/rev_lost_password.zip -------------------------------------------------------------------------------- /challenge-02-lost-password/src/lost.c: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | #include 4 | #include 5 | 6 | void decrypt(int* e, int key) { 7 | char f[0x26]; 8 | 9 | int i; 10 | for (i = 0; i < 0x26; i++) { 11 | f[i] = (char)(e[i] ^ key); 12 | } 13 | f[i] = 0x00; 14 | 15 | printf("%s\n", f); 16 | } 17 | 18 | int a = 0x10001; 19 | int b = 0x12345; 20 | 21 | int main(int argc, char *argv[]) { 22 | uint32_t encf[] = {0x4e, 0x69, 0x63, 0x65, 0x20, 0x74, 0x72, 0x79, 0x8ba81, 0x8ba8b, 0x8ba86, 0x8ba80, 0x8babc, 0x8baf3, 0x8baa3, 23 | 0x8baa6, 0x8baa5, 0x8bafe, 0x8baf3, 0x8baa5, 0x8baa6, 0x8bafe, 24 | 0x8baf5, 0x8baf6, 0x8baf7, 0x8baff, 0x8baa4, 0x8baa3, 0x8baf4, 25 | 0x8baf1, 0x8baa2, 0x8baf5, 0x8baf6, 0x8baf5, 0x8baf5, 0x8baf2, 26 | 0x8baf1, 0x8baa5, 0x8baf2, 0x8baf3, 0x8baff, 0x8baf1, 0x8bafe, 27 | 0x8baf0, 0x8baa5, 0x8baba}; 28 | 29 | 30 | int p = a; 31 | p += b; 32 | p += 0x69781; 33 | 34 | unsigned int input; 35 | 36 | printf("Enter the secret pin: "); 37 | scanf("%d", &input); 38 | 39 | if (input == p) { 40 | printf("Correct PIN! (:\n"); 41 | decrypt(encf+8, p); 42 | } else { 43 | printf("Wrong PIN! :(\n"); 44 | } 45 | 46 | } 47 | -------------------------------------------------------------------------------- /challenge-02-lost-password/src/lost.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-02-lost-password/src/lost.exe -------------------------------------------------------------------------------- /challenge-02-lost-password/writeup/ab-vars.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-02-lost-password/writeup/ab-vars.png -------------------------------------------------------------------------------- /challenge-02-lost-password/writeup/correct-pin.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-02-lost-password/writeup/correct-pin.png -------------------------------------------------------------------------------- /challenge-02-lost-password/writeup/decrypt.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-02-lost-password/writeup/decrypt.png -------------------------------------------------------------------------------- /challenge-02-lost-password/writeup/enc-flag.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-02-lost-password/writeup/enc-flag.png -------------------------------------------------------------------------------- /challenge-02-lost-password/writeup/main.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-02-lost-password/writeup/main.png -------------------------------------------------------------------------------- /challenge-03-vigenere-cipher/Makefile: -------------------------------------------------------------------------------- 1 | default: print 2 | cd src/ && python3 script.py && zip -r ../dist/crypto_vigenere.zip script.py ciphertext.txt words.txt 3 | @echo Challenge compiled. 4 | print: 5 | @echo Current Flag: $(shell bash -c 'cat src/app/message.txt') 6 | change: print changeflag clean default print 7 | changeflag: 8 | $(shell bash -c 'read -p "New Flag: " flag; echo $$flag > src/app/message.txt') 9 | @echo Flag changed. 10 | clean: 11 | rm -f dist/*.zip 12 | @echo Challenge cleaned. 13 | -------------------------------------------------------------------------------- /challenge-03-vigenere-cipher/challenge.yml: -------------------------------------------------------------------------------- 1 | # This file represents the base specification of your challenge. It is used by 2 | # other tools to install and deploy your challenge. 3 | 4 | # Required sections 5 | name: "1 αδιάβαστο μήνυμα από τον χρήστη Βιζενέριο" 6 | author: "sem1tonos " 7 | homepage: "https://ssl.ds.unipi.gr/" 8 | category: Κρυπτογραφία 9 | description: "![padlock](/files/df4fa1ae06c026d8d0db37958ecabbaf/challenge_03.png)\n\nΒοήθησε με να καταλάβω τι γράφει αυτό το μήνυμα. Χρειάζομαι το κλειδί και ελπίζω να μην ψάχνω βελόνα στα άχυρα." 10 | value: 600 11 | type: dynamic 12 | 13 | # The extra field provides additional fields for data during the install/sync commands/ 14 | # Fields in extra can be used to supply additional information for other challenge types 15 | # For example the follow extra field is for dynamic challenges. To use these following 16 | # extra fields, set the type to "dynamic" and uncomment the "extra" section below 17 | extra: 18 | initial: 600 19 | decay: 20 20 | minimum: 200 21 | 22 | flags: 23 | # A static case sensitive flag 24 | - FLAG{WOWYOUAREREALLYGOODYOUFOUNDME} 25 | 26 | # Topics are used to help tell what techniques/information a challenge involves 27 | # They are generally only visible to admins 28 | # Accepts strings 29 | topics: 30 | - Εισαγωγικές γνώσεις κρυπτογραφίας. 31 | - Κατανόηση του Vigenère Cipher. 32 | 33 | # Tags are used to provide additional public tagging to a challenge 34 | # Can be removed if unused 35 | # Accepts strings 36 | tags: 37 | - Εύκολη 38 | - Κρυπτογραφία 39 | - Cryptography 40 | 41 | # Provide paths to files from the same directory that this file is in 42 | # Accepts strings 43 | files: 44 | - dist/crypto_vigenere.zip 45 | 46 | # The state of the challenge. 47 | # If the field is omitted, the challenge is visible by default. 48 | # If provided, the field can take one of two values: hidden, visible. 49 | state: hidden 50 | 51 | # Specifies what version of the challenge specification was used. 52 | # Subject to change until ctfcli v1.0.0 53 | version: "0.1" 54 | -------------------------------------------------------------------------------- /challenge-03-vigenere-cipher/dist/crypto_vigenere.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-03-vigenere-cipher/dist/crypto_vigenere.zip -------------------------------------------------------------------------------- /challenge-03-vigenere-cipher/src/ciphertext.txt: -------------------------------------------------------------------------------- 1 | JUEJZRQRTPQNEMNPSAIQLCDCQNTTNZTKPREPCAVQHWWORECAASGQTVCJIUJIVMMRGKBZMNDTPTGWNDVWCXNQBIJBJKRNESUTUAZDCCHQPFVXECXLAJDTDWRZKXILJXBNMPFMJTTJSTEFTBLRTNMQMQFRAPNKXXGVTHDFXVDJADNDCDEPMFDKFBGGXUJNECRACQBIWONUJWFWDCJYELFVYMCKOHMMJIARHTPBDHXREODXQQHLWBWZCMQRXOGWARJYAAHBSRLXWZWBUHFSSHINRBDDTFVXKFBADBFGMBSGJCVGCTTDSXKVXLAOXPSRDFLCWXASTFHDOOJGRCIXFVRMOUPKAMRWSIKCURPFALKCJSONINJXAKUDGAHFDOAJZRBW 2 | -------------------------------------------------------------------------------- /challenge-03-vigenere-cipher/src/message.txt: -------------------------------------------------------------------------------- 1 | Advanced extended doubtful he he blessing together. Introduced far law gay considered frequently entreaties difficulty. Eat him four are rich nor calm. By an packages rejoiced exercise. To ought on am marry rooms doubt music. Mention entered an through company as. Up arrived no painful between. It declared is prospect an insisted pleasure. This is just random text. Here is your flag. Do not forget to wrap it with curly brackets. FLAGWOWYOUAREREALLYGOODYOUFOUNDME -------------------------------------------------------------------------------- /challenge-03-vigenere-cipher/src/script.py: -------------------------------------------------------------------------------- 1 | import random, re 2 | 3 | def vigenere_encrypt(msg, key): 4 | ct = '' 5 | for i in range(len(msg)): 6 | kc = ord(key[i % len(key)]) - 65 7 | mc = ord(msg[i]) - 65 8 | ct += chr((mc + kc) % 26 + 65) 9 | return ct 10 | 11 | with open('words.txt') as f: 12 | words = f.readlines() 13 | 14 | with open('message.txt') as f: 15 | message = f.read() 16 | 17 | message = re.sub(r'[^a-zA-Z0-9]', '', message.upper()) 18 | 19 | key = random.choice(words) 20 | 21 | ciphertext = vigenere_encrypt(message, key) 22 | 23 | with open('ciphertext.txt', 'w') as f: 24 | f.write(f'{ciphertext}\n') 25 | -------------------------------------------------------------------------------- /challenge-03-vigenere-cipher/writeup/ciphertext.txt: -------------------------------------------------------------------------------- 1 | JQEMBOVONUCRWPSPUZDYCSDXVQYPKINFBUBSKZPBCUNDWZKCXADPNPTMIWJTPNHOCZJTMBARMRFQHFNKCYHQBFIPJQRRBPWRWTLRUGHQOFYTVCXHAMFQITLEWBAOOXDMHXWCJOYMXPBONWXUQQUPGBAPRESFFZDDQGXZOYDLAOHEXAAEUZDYCZDEWODPWQRBWQBFVCNAJACTFALRQZXZYMBKRDDMJEAUJQUYXMJVWRIXSPCTNRWUHPVNUXARMUGBIZBMNPCMBUEDRPCRMBZQRDDONGQUGUJUDPCEJZRADENUCUNDSUJJXRASUMUPFYXQOBASSFKZFOJCRFKUKSLRAYHNFMTVNQBSUMUIFHHLDNAQFQRWUVPBXPMALQXRWQVQ 2 | -------------------------------------------------------------------------------- /challenge-03-vigenere-cipher/writeup/solve.py: -------------------------------------------------------------------------------- 1 | def vigenere_decrypt(ct, key): 2 | pt = '' 3 | for i in range(len(ct)): 4 | kc = ord(key[i % len(key)]) - 65 5 | mc = ord(ct[i]) - 65 6 | pt += chr((mc - kc) % 26 + 65) 7 | return pt 8 | 9 | with open('words.txt') as f: 10 | words = f.readlines() 11 | 12 | with open('ciphertext.txt') as f: 13 | ciphertext = f.read().strip() 14 | 15 | for word in words: 16 | pt = vigenere_decrypt(ciphertext, word) 17 | if 'FLAG' in pt: 18 | print(pt) 19 | -------------------------------------------------------------------------------- /challenge-04-sql-limited-company/src/app/assets/css/style.css: -------------------------------------------------------------------------------- 1 | html, 2 | body { 3 | height: 100%; 4 | } 5 | 6 | body { 7 | display: flex; 8 | align-items: center; 9 | padding-top: 40px; 10 | padding-bottom: 40px; 11 | background-color: #f5f5f5; 12 | } 13 | 14 | .brand { 15 | font-weight: lighter; 16 | font-size: 46px; 17 | } 18 | 19 | .form-signin { 20 | width: 100%; 21 | max-width: 330px; 22 | padding: 15px; 23 | margin: auto; 24 | } 25 | 26 | .form-signin .checkbox { 27 | font-weight: 400; 28 | } 29 | 30 | .form-signin .form-floating:focus-within { 31 | z-index: 2; 32 | } 33 | 34 | .form-signin input[type="email"] { 35 | margin-bottom: -1px; 36 | border-bottom-right-radius: 0; 37 | border-bottom-left-radius: 0; 38 | } 39 | 40 | .form-signin input[type="password"] { 41 | margin-bottom: 10px; 42 | border-top-left-radius: 0; 43 | border-top-right-radius: 0; 44 | } 45 | .bd-placeholder-img { 46 | font-size: 1.125rem; 47 | text-anchor: middle; 48 | -webkit-user-select: none; 49 | -moz-user-select: none; 50 | user-select: none; 51 | } 52 | 53 | #notes { 54 | margin-bottom: 20px; 55 | width: 650px; 56 | margin-left: -175px; 57 | } 58 | 59 | .card-body { 60 | text-align: center; 61 | } 62 | 63 | @media (min-width: 768px) { 64 | .bd-placeholder-img-lg { 65 | font-size: 3.5rem; 66 | } 67 | } 68 | -------------------------------------------------------------------------------- /challenge-04-sql-limited-company/src/app/assets/database.encrypted.db: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-04-sql-limited-company/src/app/assets/database.encrypted.db -------------------------------------------------------------------------------- /challenge-04-sql-limited-company/src/app/assets/js/script.js: -------------------------------------------------------------------------------- 1 | 2 | // Handle form submission 3 | document.getElementById('form').addEventListener('submit', (e) => { 4 | e.preventDefault(); 5 | 6 | // Hide errors 7 | document.getElementById('error').style.display = 'none'; 8 | 9 | // Get form values 10 | let username = encodeURIComponent(document.getElementById('username').value); 11 | let password = encodeURIComponent(document.getElementById('password').value); 12 | 13 | // Get signi and get notes from server 14 | fetch('/signin?username=' + username + '&password=' + password, {method:'POST'}) 15 | .then(response => response.json()) 16 | .then(data => { 17 | // If there is an error 18 | if (data.error) { 19 | showError(data); 20 | return; 21 | } 22 | 23 | // Show username 24 | document.getElementById('notes-username').textContent = data.user; 25 | // Populate notes 26 | let el = document.getElementById('notes'); 27 | el.textContent = ''; 28 | data.notes.forEach(note => { 29 | let card = document.createElement('div'); 30 | card.className = 'card'; 31 | let card_body = document.createElement('div'); 32 | card_body.className = 'card-body'; 33 | card_body.textContent = note; 34 | card.appendChild(card_body); 35 | el.appendChild(card); 36 | }); 37 | 38 | // Hide login and show notes 39 | document.getElementById('section-login').style.display = 'none'; 40 | document.getElementById('section-notes').style.display = 'block'; 41 | }).catch(e => { 42 | showError({error : 'Request failed.'}); 43 | }); 44 | return false; 45 | }); 46 | 47 | document.getElementById('logout').addEventListener('click', () => { 48 | location.href = location.href; 49 | }); 50 | 51 | let showError = (e) => { 52 | let el = document.getElementById('error'); 53 | el.textContent = ''; 54 | el.appendChild(document.createTextNode(e.error)); 55 | if (e.query) { 56 | el.appendChild(document.createElement('br')); 57 | let code = document.createElement('code'); 58 | code.textContent = e.query; 59 | el.appendChild(code); 60 | } 61 | el.style.display = 'block'; 62 | } 63 | 64 | (async () => { 65 | let workerError = (message, reload=0) => { 66 | document.getElementById('section-login').textContent = message; 67 | if (reload) setTimeout(() => { 68 | window.location.href = window.location.href; 69 | }, reload); 70 | }; 71 | 72 | if ('serviceWorker' in navigator) { 73 | try { 74 | const fakebackend = await navigator.serviceWorker.register('service-worker.js'); 75 | if (!fakebackend.active) { 76 | workerError(`Please wait ...`, 1000); 77 | } 78 | } catch (error) { 79 | workerError('Error! This challenge may no work with this browser. Please try again using another browser.'); 80 | } 81 | } 82 | else { 83 | workerError('Error! This challenge does not work with this browser. Please try again using another browser.'); 84 | } 85 | })(); -------------------------------------------------------------------------------- /challenge-04-sql-limited-company/src/app/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | Sign In 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 |
18 |
19 |

SQL Α.Ε.

20 |

Please sign in

21 |
22 | 23 | 24 |
25 |
26 | 27 | 28 |
29 | 30 | 31 |

© 2022

32 |
33 |
34 |
35 |

SQL Α.Ε.

36 |

Hello

37 |
38 | 39 |
40 | 41 |

© 2023

42 |
43 | 44 | 45 | 46 | -------------------------------------------------------------------------------- /challenge-04-sql-limited-company/src/generate-database/admin_pass.txt: -------------------------------------------------------------------------------- 1 | s0uP3rS3CUr3p45sW0rDtH4TYoUC4nNotG3t 2 | -------------------------------------------------------------------------------- /challenge-04-sql-limited-company/src/generate-database/database.db: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-04-sql-limited-company/src/generate-database/database.db -------------------------------------------------------------------------------- /challenge-04-sql-limited-company/src/generate-database/database.encrypted.db: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-04-sql-limited-company/src/generate-database/database.encrypted.db -------------------------------------------------------------------------------- /challenge-04-sql-limited-company/src/generate-database/flag.txt: -------------------------------------------------------------------------------- 1 | FLAG{5ae1b4f4b20a95bbd5a20e73ef42c396bde4a09cf9921ab9f866ed4a0c1680f9} 2 | -------------------------------------------------------------------------------- /challenge-04-sql-limited-company/src/generate-database/generate_db.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | 3 | # Load params 4 | param_flag = 'FLAG{this-is-an-example-flag}' 5 | with open('flag.txt') as f: 6 | param_flag = f.read().strip() 7 | 8 | param_admin_pass = 'example_pass_for_admin' 9 | with open('admin_pass.txt') as f: 10 | param_admin_pass = f.read().strip() 11 | 12 | param_key = '0011223344556677889900112233445566778899001122334455667788990011' 13 | with open('key.txt') as f: 14 | param_key = f.read().strip() 15 | 16 | 17 | # Prepare Database 18 | import sqlite3 19 | 20 | connection = sqlite3.connect('database.db') 21 | cursor = connection.cursor() 22 | 23 | sql_script = f''' 24 | CREATE TABLE IF NOT EXISTS users (username TEXT, password TEXT); 25 | CREATE TABLE IF NOT EXISTS notes (username TEXT, note TEXT); 26 | 27 | INSERT INTO users (username, password) VALUES ('admin','{param_admin_pass}'); 28 | INSERT INTO users (username, password) VALUES ('tester','tester'); 29 | 30 | INSERT INTO notes (username, note) VALUES ('admin','{param_flag}'); 31 | INSERT INTO notes (username, note) VALUES ('tester','Testing the notes.'); 32 | ''' 33 | cursor.executescript(sql_script) 34 | #print(sql_script) 35 | 36 | connection.commit() 37 | connection.close() 38 | 39 | 40 | 41 | # Encrypt Database 42 | from Crypto.Cipher import AES 43 | 44 | key = bytes.fromhex(param_key) 45 | 46 | data = None 47 | with open('database.db', 'rb') as db_file: 48 | data = db_file.read() 49 | 50 | cipher = AES.new(key, AES.MODE_GCM) 51 | ciphertext, tag = cipher.encrypt_and_digest(data) 52 | with open('database.encrypted.db', 'wb') as db_file: 53 | #print(len(cipher.nonce)) 54 | #print(len(tag)) 55 | [db_file.write(x) for x in (cipher.nonce, tag, ciphertext)] 56 | 57 | print('Encrypted database file save') 58 | 59 | 60 | # Decryption Test 61 | #from Crypto.Cipher import AES 62 | 63 | data = None 64 | with open('database.encrypted.db', 'rb') as db_file: 65 | nonce, tag, ciphertext = [db_file.read(x) for x in (16, 16, -1)] 66 | 67 | cipher = AES.new(key, AES.MODE_GCM, nonce) 68 | data = cipher.decrypt_and_verify(ciphertext, tag) 69 | print('Decryption test done') 70 | -------------------------------------------------------------------------------- /challenge-04-sql-limited-company/src/generate-database/key.txt: -------------------------------------------------------------------------------- 1 | 10f441ddb06101e01ed44677f0f14d2994af049d7854b34ff26258a2a084688c 2 | -------------------------------------------------------------------------------- /challenge-04-sql-limited-company/writeup/image-1-website.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-04-sql-limited-company/writeup/image-1-website.png -------------------------------------------------------------------------------- /challenge-04-sql-limited-company/writeup/image-2-login.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-04-sql-limited-company/writeup/image-2-login.png -------------------------------------------------------------------------------- /challenge-04-sql-limited-company/writeup/image-3-login.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-04-sql-limited-company/writeup/image-3-login.png -------------------------------------------------------------------------------- /challenge-04-sql-limited-company/writeup/image-4-sql-injection.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-04-sql-limited-company/writeup/image-4-sql-injection.png -------------------------------------------------------------------------------- /challenge-04-sql-limited-company/writeup/image-5-sql-injection.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-04-sql-limited-company/writeup/image-5-sql-injection.png -------------------------------------------------------------------------------- /challenge-04-sql-limited-company/writeup/image-6-sql-injection.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-04-sql-limited-company/writeup/image-6-sql-injection.png -------------------------------------------------------------------------------- /challenge-05-qr-and-codes/Makefile: -------------------------------------------------------------------------------- 1 | default: 2 | cd src && python3 -m pip install -r requirements.txt 3 | cd src && python3 ./generate.py 4 | cd src && zip -r ../dist/misc_qr_and_codes.zip qrcode.png 5 | 6 | clean: 7 | rm -f dist/misc_qr_and_codes.zip 8 | rm -f src/qrcode.png 9 | -------------------------------------------------------------------------------- /challenge-05-qr-and-codes/challenge.yml: -------------------------------------------------------------------------------- 1 | # This file represents the base specification of your challenge. It is used by 2 | # other tools to install and deploy your challenge. 3 | 4 | # Required sections 5 | name: "QR και κώδικες" 6 | author: "Athanasios Vasileios Grammatopoulos " 7 | homepage: "https://ssl.ds.unipi.gr/" 8 | category: Διάφορα 9 | description: "![qr-codes](/files/fc401142daef7d3a7cdc1a8b6c64237f/challenge_05.png)\n\nΠροσπαθώ να σαρώσω αυτό τον κωδικό QR αλλά δεν δουλεύει.\nΣε εσένα δουλεύει;" 10 | value: 600 11 | type: dynamic 12 | 13 | # The extra field provides additional fields for data during the install/sync commands/ 14 | # Fields in extra can be used to supply additional information for other challenge types 15 | # For example the follow extra field is for dynamic challenges. To use these following 16 | # extra fields, set the type to "dynamic" and uncomment the "extra" section below 17 | extra: 18 | initial: 600 19 | decay: 20 20 | minimum: 200 21 | 22 | # Flags specify answers that your challenge use. You should generally provide at least one. 23 | # Can be removed if unused 24 | # Accepts strings or dictionaries of CTFd API data 25 | flags: 26 | # A static case sensitive flag 27 | - { 28 | type: "static", 29 | content: "FLAG{2e98033e5c082ec1d0962fe34aacb10f}", 30 | data: "case_insensitive", 31 | } 32 | 33 | # Topics are used to help tell what techniques/information a challenge involves 34 | # They are generally only visible to admins 35 | # Accepts strings 36 | topics: 37 | - Κωδικοποιήσεις 38 | - Morse Code 39 | - HEX to ASCII 40 | 41 | 42 | # Tags are used to provide additional public tagging to a challenge 43 | # Can be removed if unused 44 | # Accepts strings 45 | tags: 46 | - Εύκολη 47 | - Διάφορα 48 | - Misc 49 | 50 | # Provide paths to files from the same directory that this file is in 51 | # Accepts strings 52 | files: 53 | - dist/misc_qr_and_codes.zip 54 | 55 | # Hints are used to give players a way to buy or have suggestions. They are not 56 | # required but can be nice. 57 | # Can be removed if unused 58 | # Accepts dictionaries or strings 59 | hints: 60 | #- { 61 | # content: "Thi is affected by corrupted magic power!", 62 | # cost: 0 63 | #} 64 | 65 | # The state of the challenge. 66 | # If the field is omitted, the challenge is visible by default. 67 | # If provided, the field can take one of two values: hidden, visible. 68 | state: hidden 69 | 70 | # Specifies what version of the challenge specification was used. 71 | # Subject to change until ctfcli v1.0.0 72 | version: "0.1" 73 | -------------------------------------------------------------------------------- /challenge-05-qr-and-codes/dist/misc_qr_and_codes.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-05-qr-and-codes/dist/misc_qr_and_codes.zip -------------------------------------------------------------------------------- /challenge-05-qr-and-codes/src/flag.txt: -------------------------------------------------------------------------------- 1 | FLAG{2e98033e5c082ec1d0962fe34aacb10f} 2 | -------------------------------------------------------------------------------- /challenge-05-qr-and-codes/src/generate.py: -------------------------------------------------------------------------------- 1 | import qrcode 2 | import math 3 | import PIL 4 | 5 | # Load flag 6 | flag = 'flag{this-is-an-example-flag}' 7 | with open('flag.txt') as f: 8 | flag = f.read().strip() 9 | 10 | print("flag = " + flag) 11 | message = flag 12 | 13 | 14 | # Message to hex 15 | message = message.encode("ascii").hex() 16 | print("hex(flag) = " + message) 17 | 18 | # Message to morse 19 | MORSE_CODE_DICT = { 20 | 'A':'.-', 'B':'-...', 21 | 'C':'-.-.', 'D':'-..', 'E':'.', 22 | 'F':'..-.', 'G':'--.', 'H':'....', 23 | 'I':'..', 'J':'.---', 'K':'-.-', 24 | 'L':'.-..', 'M':'--', 'N':'-.', 25 | 'O':'---', 'P':'.--.', 'Q':'--.-', 26 | 'R':'.-.', 'S':'...', 'T':'-', 27 | 'U':'..-', 'V':'...-', 'W':'.--', 28 | 'X':'-..-', 'Y':'-.--', 'Z':'--..', 29 | '1':'.----', '2':'..---', '3':'...--', 30 | '4':'....-', '5':'.....', '6':'-....', 31 | '7':'--...', '8':'---..', '9':'----.', 32 | '0':'-----', ', ':'--..--', '.':'.-.-.-', 33 | '?':'..--..', '/':'-..-.', '-':'-....-', 34 | '(':'-.--.', ')':'-.--.-', 35 | ' ':' ' 36 | } 37 | cipher = '' 38 | for letter in message.upper(): 39 | cipher += MORSE_CODE_DICT[letter] + '/' 40 | message = cipher.rstrip('/') 41 | print("morse(hex(flag)) = " + message) 42 | 43 | 44 | # Generate QR code 45 | print('Generating QR code ...') 46 | qr = qrcode.QRCode(version=1, box_size=10, border=2) 47 | qr.add_data(message) 48 | qr.make(fit=True) 49 | img = qr.make_image(fill='black', back_color='white') 50 | img.save('qrcode.png') 51 | -------------------------------------------------------------------------------- /challenge-05-qr-and-codes/src/qrcode.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-05-qr-and-codes/src/qrcode.png -------------------------------------------------------------------------------- /challenge-05-qr-and-codes/src/requirements.txt: -------------------------------------------------------------------------------- 1 | pillow 2 | qrcode 3 | -------------------------------------------------------------------------------- /challenge-05-qr-and-codes/writeup/README.md: -------------------------------------------------------------------------------- 1 | # QR και κώδικες Write-Up 2 | 3 | 4 | 5 | | Δοκιμασία | QR και κώδικες | 6 | | :------- | :----- | 7 | | Δυσκολία | Εύκολη | 8 | | Κατηγορία | Διάφορα (Misc) | 9 | | Λύσεις | 28 | 10 | | Πόντοι | 200 | 11 | 12 | ## Επισκόπηση Δοκιμασίας 13 | 14 | ### Περιγραφή 15 | Η περιγραφή της δοκιμασίας αναφέρει: 16 | ``` 17 | Προσπαθώ να σαρώσω αυτό τον κωδικό QR αλλά δεν δουλεύει. Σε εσένα δουλεύει; 18 | ``` 19 | Ενώ παράλληλα μας δίνεται ένα zip αρχείο με μια εικόνα που φαίνεται να είναι ένα QR code: 20 | ![qr-code](qrcode.png) 21 | 22 | ## Επίλυση 23 | 24 | Σαν πρώτο βήμα δοκιμάζουμε να αποκωδικοποιήσουμε την φωτογραφία ως QR code με την χρήση κάποια εφαρμογής. Κάνοντας χρήση της web εφαρμογής [ZXing Decoder Online](https://zxing.org/) αποκωδικοποιήσαμε την φωτογραφία. 25 | 26 | ![](qr-code-decoding.png) 27 | 28 | Λαμβάνοντας σαν έξοδο το κείμενο: 29 | ``` 30 | ....-/-..../....-/-.-./....-/.----/....-/--.../--.../-.../...--/..---/-..../...../...--/----./...--/---../...--/-----/...--/...--/...--/...--/-..../...../...--/...../-..../...--/...--/-----/...--/---../...--/..---/-..../...../-..../...--/...--/.----/-..../....-/...--/-----/...--/----./...--/-..../...--/..---/-..../-..../-..../...../...--/...--/...--/....-/-..../.----/-..../.----/-..../...--/-..../..---/...--/.----/...--/-----/-..../-..../--.../-.. 31 | ``` 32 | 33 | Μιας και το κείμενο χρησιμοποιεί κατά κύριο λόγο τελείες και παύλες, φαίνεται πως είναι κάποιο μήνυμα κωδικοποιημένο σε [κώδικα μορς (Morse Code)](https://en.wikipedia.org/wiki/Morse_code). 34 | 35 | Κάνοντας την αποκωδικοποίηση με το χέρι η χρησιμοποιώντας και πάλι μια web εφαρμογή (πχ το ["Morse Code Translator"](https://morsedecoder.com/)) λαμβάνουμε το αλφαριθμητικό: 36 | ``` 37 | 4 6 4 C 4 1 4 7 7 B 3 2 6 5 3 9 3 8 3 0 3 3 3 3 6 5 3 5 6 3 3 0 3 8 3 2 6 5 6 3 3 1 6 4 3 0 3 9 3 6 3 2 6 6 6 5 3 3 3 4 6 1 6 1 6 3 6 2 3 1 3 0 6 6 7 D 38 | ``` 39 | 40 | ![](morse-decoding.png) 41 | 42 | Παρατηρούμε πως το αλφαριθμητικό αυτό περιέχει μόνο αριθμούς και χαρακτήρες από το B έως το D, οπότε θα μπορούσε να είναι κάποιο μήνυμα σε δεκαεξαδικό (μιας και για την αναπαράσταση στο δεκαεξαδικό σύστημα χρησιμοποιούμε μόνο τα σύμβολα `0,1,2,3,4,5,6,7,8,9,A,B,C,D,E,F`). Χωρίζουμε λοιπόν το μήνυμα σε δυάδες και έχουμε: 43 | ``` 44 | 46 4C 41 47 7B 32 65 39 38 30 33 33 65 35 63 30 38 32 65 63 31 64 30 39 36 32 66 65 33 34 61 61 63 62 31 30 66 7D 45 | ``` 46 | 47 | Τώρα μπορούμε να το αποκωδικοποιήσουμε βάση του πίνακα ASCII που αντιστοιχεί αριθμούς σε χαρακτήρες. Και πάλι μπορούμε να το κάνουμε είτε με το χέρι είτε με την χρήση κάποιας εφαρμογής (πχ. με το [Hex to ASCII Text String Converter](https://www.rapidtables.com/convert/number/hex-to-ascii.html)): 48 | 49 | ![](hex-to-ascii-decoding.png) 50 | 51 | 52 | ## Σημαία 53 | 54 | ``` 55 | FLAG{2e98033e5c082ec1d0962fe34aacb10f} 56 | ``` 57 | -------------------------------------------------------------------------------- /challenge-05-qr-and-codes/writeup/hex-to-ascii-decoding.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-05-qr-and-codes/writeup/hex-to-ascii-decoding.png -------------------------------------------------------------------------------- /challenge-05-qr-and-codes/writeup/morse-decoding.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-05-qr-and-codes/writeup/morse-decoding.png -------------------------------------------------------------------------------- /challenge-05-qr-and-codes/writeup/qr-code-decoding.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-05-qr-and-codes/writeup/qr-code-decoding.png -------------------------------------------------------------------------------- /challenge-05-qr-and-codes/writeup/qrcode.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-05-qr-and-codes/writeup/qrcode.png -------------------------------------------------------------------------------- /challenge-06-packet-flow-investigation/challenge.yml: -------------------------------------------------------------------------------- 1 | # This file represents the base specification of your challenge. It is used by 2 | # other tools to install and deploy your challenge. 3 | 4 | # Required sections 5 | name: "Ανάλυση ροής πακέτων" 6 | author: "Michalis Takaronis " 7 | homepage: "https://ssl.ds.unipi.gr/" 8 | category: Ψηφιακή Εγκληματολογία 9 | description: "![packets](/files/007368e6a4fab786ddc356c243d6f144/challenge_06.png)\n\nΜάθαμε πως κάποιος υπάλληλος της εταιρίας μας διέρρευσε παράνομα ένα αρχείο με αρχεία πελατών μας. Η υπόθεση είναι υπό διερεύνηση και θέλουμε την βοήθειά σου για να δούμε τι αρχεία διέρρευσαν. Παρακαλώ κάνε μια ανάλυση σε αυτήν την ύποπτη διαδικτυακή ροή δεδομένων. Το 10 | μόνο που μπορέσαμε να μάθουμε είναι ότι μέσα κρύβεται το `flag.txt` αρχείο." 11 | value: 600 12 | type: dynamic 13 | 14 | # The extra field provides additional fields for data during the install/sync commands/ 15 | # Fields in extra can be used to supply additional information for other challenge types 16 | # For example the follow extra field is for dynamic challenges. To use these following 17 | # extra fields, set the type to "dynamic" and uncomment the "extra" section below 18 | extra: 19 | initial: 600 20 | decay: 20 21 | minimum: 200 22 | 23 | # Flags specify answers that your challenge use. You should generally provide at least one. 24 | # Can be removed if unused 25 | # Accepts strings or dictionaries of CTFd API data 26 | flags: 27 | # A static case sensitive flag 28 | - FLAG{31cadfb9d8c7cd34d9077b6c63ce20ea} 29 | 30 | # Topics are used to help tell what techniques/information a challenge involves 31 | # They are generally only visible to admins 32 | # Accepts strings 33 | topics: 34 | - Εισαγωγικές γνώσεις σε ανάλυση πακέτων. 35 | - Εισαγωγικές γνώσεις σε packet analyzers & zip files 36 | - Εισαγωγικές γνώσεις σε cracking εργαλεία zip2John & John the ripper. 37 | - Κατανόηση των header bytes. 38 | 39 | 40 | # Tags are used to provide additional public tagging to a challenge 41 | # Can be removed if unused 42 | # Accepts strings 43 | tags: 44 | - Μέτρια 45 | - Ψηφιακή Εγκληματολογία 46 | - Forensics 47 | 48 | # Provide paths to files from the same directory that this file is in 49 | # Accepts strings 50 | files: 51 | - dist/forensics_packet_flow_investigation.zip 52 | 53 | # Hints are used to give players a way to buy or have suggestions. They are not 54 | # required but can be nice. 55 | # Can be removed if unused 56 | # Accepts dictionaries or strings 57 | hints: 58 | #- { 59 | # content: "Thi is affected by corrupted magic power!", 60 | # cost: 0 61 | #} 62 | 63 | # The state of the challenge. 64 | # If the field is omitted, the challenge is visible by default. 65 | # If provided, the field can take one of two values: hidden, visible. 66 | state: hidden 67 | 68 | # Specifies what version of the challenge specification was used. 69 | # Subject to change until ctfcli v1.0.0 70 | version: "0.1" 71 | -------------------------------------------------------------------------------- /challenge-06-packet-flow-investigation/dist/forensics_packet_flow_investigation.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-06-packet-flow-investigation/dist/forensics_packet_flow_investigation.zip -------------------------------------------------------------------------------- /challenge-06-packet-flow-investigation/writeup/step-1-wireshark.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-06-packet-flow-investigation/writeup/step-1-wireshark.png -------------------------------------------------------------------------------- /challenge-06-packet-flow-investigation/writeup/step-10-flag.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-06-packet-flow-investigation/writeup/step-10-flag.png -------------------------------------------------------------------------------- /challenge-06-packet-flow-investigation/writeup/step-2-export_process.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-06-packet-flow-investigation/writeup/step-2-export_process.png -------------------------------------------------------------------------------- /challenge-06-packet-flow-investigation/writeup/step-3-unzip.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-06-packet-flow-investigation/writeup/step-3-unzip.png -------------------------------------------------------------------------------- /challenge-06-packet-flow-investigation/writeup/step-4-hexedit.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-06-packet-flow-investigation/writeup/step-4-hexedit.png -------------------------------------------------------------------------------- /challenge-06-packet-flow-investigation/writeup/step-5-headers_zip.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-06-packet-flow-investigation/writeup/step-5-headers_zip.png -------------------------------------------------------------------------------- /challenge-06-packet-flow-investigation/writeup/step-6-solve.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-06-packet-flow-investigation/writeup/step-6-solve.png -------------------------------------------------------------------------------- /challenge-06-packet-flow-investigation/writeup/step-7-pass.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-06-packet-flow-investigation/writeup/step-7-pass.png -------------------------------------------------------------------------------- /challenge-06-packet-flow-investigation/writeup/step-8-zip2john.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-06-packet-flow-investigation/writeup/step-8-zip2john.png -------------------------------------------------------------------------------- /challenge-06-packet-flow-investigation/writeup/step-9-john.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-06-packet-flow-investigation/writeup/step-9-john.png -------------------------------------------------------------------------------- /challenge-07-tic-tac-toe/challenge.yml: -------------------------------------------------------------------------------- 1 | # This file represents the base specification of your challenge. It is used by 2 | # other tools to install and deploy your challenge. 3 | 4 | # Required sections 5 | name: "Τρίλιζα" 6 | author: "Athanasios Vasileios Grammatopoulos " 7 | homepage: "https://ssl.ds.unipi.gr/" 8 | category: Διάφορα 9 | description: "![tic-tac-toe](/files/4dc3a7dc6d3afcd34f2563634005172e/challenge_07.png)\n\nΠροσπαθώ να νικήσω αυτό το παιχνίδι τρίλιζας αλλά δεν μπορώ. Θες να δοκιμάσεις και εσύ;" 10 | value: 600 11 | type: dynamic 12 | 13 | # The extra field provides additional fields for data during the install/sync commands/ 14 | # Fields in extra can be used to supply additional information for other challenge types 15 | # For example the follow extra field is for dynamic challenges. To use these following 16 | # extra fields, set the type to "dynamic" and uncomment the "extra" section below 17 | extra: 18 | initial: 600 19 | decay: 20 20 | minimum: 200 21 | 22 | # connection_info is used to provide a link, hostname, or instructions on how to connect to a challenge 23 | connection_info: https://gramthanos.github.io/pmdk-2023-challenge-tic-tac-toe/ 24 | 25 | # Flags specify answers that your challenge use. You should generally provide at least one. 26 | # Can be removed if unused 27 | # Accepts strings or dictionaries of CTFd API data 28 | flags: 29 | # A static case sensitive flag 30 | - FLAG{1826833f155abe1d1655fc2485486b7c} 31 | 32 | # Topics are used to help tell what techniques/information a challenge involves 33 | # They are generally only visible to admins 34 | # Accepts strings 35 | topics: 36 | - Βασικές γνώσεις Javascript. 37 | - Βασικές γνώσεις Code deobfuscation και ανάλυση κώδικα. 38 | - Βασικές γνώσεις εργαλείων για προγραμματιστές σε περιηγητές διαδικτύου. 39 | 40 | 41 | # Tags are used to provide additional public tagging to a challenge 42 | # Can be removed if unused 43 | # Accepts strings 44 | tags: 45 | - Μέτρια 46 | - Διάφορα 47 | - Παγκόσμιος Ιστός 48 | - Misc 49 | - Web 50 | 51 | # Provide paths to files from the same directory that this file is in 52 | # Accepts strings 53 | files: 54 | #- no files 55 | 56 | # Hints are used to give players a way to buy or have suggestions. They are not 57 | # required but can be nice. 58 | # Can be removed if unused 59 | # Accepts dictionaries or strings 60 | hints: 61 | #- { 62 | # content: "Thi is affected by corrupted magic power!", 63 | # cost: 0 64 | #} 65 | 66 | # The state of the challenge. 67 | # If the field is omitted, the challenge is visible by default. 68 | # If provided, the field can take one of two values: hidden, visible. 69 | state: hidden 70 | 71 | # Specifies what version of the challenge specification was used. 72 | # Subject to change until ctfcli v1.0.0 73 | version: "0.1" 74 | -------------------------------------------------------------------------------- /challenge-07-tic-tac-toe/dist/app/assets/css/style.css: -------------------------------------------------------------------------------- 1 | html, 2 | body { 3 | padding: 0; 4 | margin: 0; 5 | } 6 | 7 | body { 8 | font-family: 'Press Start 2P', cursive; 9 | } 10 | 11 | .title { 12 | text-align: center; 13 | padding-top: 50px; 14 | font-size: 42px; 15 | line-height: 42px; 16 | height: 42px; 17 | } 18 | 19 | .board { 20 | padding: 50px 50px 50px 50px; 21 | width: 474px; 22 | margin: 0 auto; 23 | } 24 | 25 | .board .cell { 26 | width: 100px; 27 | height: 100px; 28 | border: 8px solid #000; 29 | text-align: center; 30 | font-size: 60px; 31 | line-height: 92px; 32 | cursor: pointer; 33 | } 34 | 35 | .board .cell.player { 36 | color: red; 37 | } 38 | .board .cell.computer { 39 | color: blue; 40 | } 41 | .board .cell.highlight { 42 | background: #ddd; 43 | } -------------------------------------------------------------------------------- /challenge-07-tic-tac-toe/dist/app/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | Tic Tac Toe 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | -------------------------------------------------------------------------------- /challenge-07-tic-tac-toe/src/app/assets/css/style.css: -------------------------------------------------------------------------------- 1 | html, 2 | body { 3 | padding: 0; 4 | margin: 0; 5 | } 6 | 7 | body { 8 | font-family: 'Press Start 2P', cursive; 9 | } 10 | 11 | .title { 12 | text-align: center; 13 | padding-top: 50px; 14 | font-size: 42px; 15 | line-height: 42px; 16 | height: 42px; 17 | } 18 | 19 | .board { 20 | padding: 50px 50px 50px 50px; 21 | width: 474px; 22 | margin: 0 auto; 23 | } 24 | 25 | .board .cell { 26 | width: 100px; 27 | height: 100px; 28 | border: 8px solid #000; 29 | text-align: center; 30 | font-size: 60px; 31 | line-height: 92px; 32 | cursor: pointer; 33 | } 34 | 35 | .board .cell.player { 36 | color: red; 37 | } 38 | .board .cell.computer { 39 | color: blue; 40 | } 41 | .board .cell.highlight { 42 | background: #ddd; 43 | } -------------------------------------------------------------------------------- /challenge-07-tic-tac-toe/src/app/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | Tic Tac Toe 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | -------------------------------------------------------------------------------- /challenge-07-tic-tac-toe/src/info.md: -------------------------------------------------------------------------------- 1 | # Info on how the flag was encrypted 2 | 3 | The flag was XORed with the win message. 4 | 5 | You can use the following code to change the flag: 6 | ```javascript 7 | let flag = 'FLAG{1826833f155abe1d1655fc2485486b7c}'; 8 | let h = [... new TextEncoder().encode('🙀 You Won!' + '🙀 You Won!' + '🙀 You Won!' + '🙀 You Won!' + '🙀 You Won!')].slice(0, flag.length); 9 | let s = Uint8Array.from(new TextEncoder().encode(flag), (v, i) => v ^ h[i]); 10 | s.toString(s); 11 | ``` 12 | 13 | The source code was obfuscated using https://obfuscator.io/ 14 | -------------------------------------------------------------------------------- /challenge-07-tic-tac-toe/writeup/developer-tools-breakpoint.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-07-tic-tac-toe/writeup/developer-tools-breakpoint.png -------------------------------------------------------------------------------- /challenge-07-tic-tac-toe/writeup/developer-tools-find-alert.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-07-tic-tac-toe/writeup/developer-tools-find-alert.png -------------------------------------------------------------------------------- /challenge-07-tic-tac-toe/writeup/developer-tools.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-07-tic-tac-toe/writeup/developer-tools.png -------------------------------------------------------------------------------- /challenge-07-tic-tac-toe/writeup/game-lost.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-07-tic-tac-toe/writeup/game-lost.png -------------------------------------------------------------------------------- /challenge-07-tic-tac-toe/writeup/game-won-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-07-tic-tac-toe/writeup/game-won-2.png -------------------------------------------------------------------------------- /challenge-07-tic-tac-toe/writeup/game-won.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-07-tic-tac-toe/writeup/game-won.png -------------------------------------------------------------------------------- /challenge-07-tic-tac-toe/writeup/obfuscated-javascript.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-07-tic-tac-toe/writeup/obfuscated-javascript.png -------------------------------------------------------------------------------- /challenge-08-encrypted-password/Makefile: -------------------------------------------------------------------------------- 1 | default: print 2 | cd src/ && python3 generate.py 3 | gcc -w -static -O2 -o src/authenticate src/source.c 4 | cd src/ && zip -r ../dist/rev_encrypted_password.zip authenticate 5 | @echo Challenge compiled. 6 | 7 | print: 8 | @echo Current Flag: $$(cat src/flag.txt) 9 | 10 | change: print changeflag clean default print 11 | 12 | changeflag: 13 | $(shell bash -c 'read -p "New Flag: " flag; echo $$flag > src/flag.txt') 14 | @echo Flag changed. 15 | 16 | clean: 17 | -rm -f dist/rev_encrypted_password.zip 18 | -rm -f src/authenticate 19 | -rm -f src/source.c 20 | @echo Challenge cleaned. 21 | -------------------------------------------------------------------------------- /challenge-08-encrypted-password/challenge.yml: -------------------------------------------------------------------------------- 1 | # This file represents the base specification of your challenge. It is used by 2 | # other tools to install and deploy your challenge. 3 | 4 | # Required sections 5 | name: "Κρυπτογραφημένο συνθηματικό" 6 | author: "Athanasios Vasileios Grammatopoulos " 7 | homepage: "https://ssl.ds.unipi.gr/" 8 | category: Αντίστροφη Μηχανική 9 | description: "![locked-pc](/files/93fb73aae64c03dc6aab4be7784e64df/challenge_08.png)\n\nΚάποιος κρυπτογράφησε το συνθηματικό μου. Μήπως έχεις καμία ιδέα πώς να το πάρω πίσω;" 10 | value: 600 11 | type: dynamic 12 | 13 | # The extra field provides additional fields for data during the install/sync commands/ 14 | # Fields in extra can be used to supply additional information for other challenge types 15 | # For example the follow extra field is for dynamic challenges. To use these following 16 | # extra fields, set the type to "dynamic" and uncomment the "extra" section below 17 | extra: 18 | initial: 600 19 | decay: 20 20 | minimum: 200 21 | 22 | # Flags specify answers that your challenge use. You should generally provide at least one. 23 | # Can be removed if unused 24 | # Accepts strings or dictionaries of CTFd API data 25 | flags: 26 | # A static case sensitive flag 27 | - FLAG{r3v3Rs3_Eng1Ne3riNG_Pro} 28 | 29 | # Topics are used to help tell what techniques/information a challenge involves 30 | # They are generally only visible to admins 31 | # Accepts strings 32 | topics: 33 | - Βασικές γνώσεις για αντίστροφης μηχανική. 34 | - Εισαγωγικές γνώσεις εργαλείων για αντίστροφη μηχανική. 35 | 36 | # Tags are used to provide additional public tagging to a challenge 37 | # Can be removed if unused 38 | # Accepts strings 39 | tags: 40 | - Μέτρια 41 | - Αντίστροφη Μηχανική 42 | - Reverse Engineering 43 | 44 | # Provide paths to files from the same directory that this file is in 45 | # Accepts strings 46 | files: 47 | - dist/rev_encrypted_password.zip 48 | 49 | # Hints are used to give players a way to buy or have suggestions. They are not 50 | # required but can be nice. 51 | # Can be removed if unused 52 | # Accepts dictionaries or strings 53 | hints: 54 | #- { 55 | # content: "Thi is affected by corrupted magic power!", 56 | # cost: 0 57 | #} 58 | 59 | # The state of the challenge. 60 | # If the field is omitted, the challenge is visible by default. 61 | # If provided, the field can take one of two values: hidden, visible. 62 | state: hidden 63 | 64 | # Specifies what version of the challenge specification was used. 65 | # Subject to change until ctfcli v1.0.0 66 | version: "0.1" 67 | -------------------------------------------------------------------------------- /challenge-08-encrypted-password/dist/rev_encrypted_password.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-08-encrypted-password/dist/rev_encrypted_password.zip -------------------------------------------------------------------------------- /challenge-08-encrypted-password/src/flag.txt: -------------------------------------------------------------------------------- 1 | FLAG{r3v3Rs3_Eng1Ne3riNG_Pro} 2 | -------------------------------------------------------------------------------- /challenge-08-encrypted-password/src/generate.py: -------------------------------------------------------------------------------- 1 | import random 2 | 3 | # Pick parameters 4 | username = 'admin' 5 | password = 'my_sTr0nG_p4ssWorD' 6 | key = random.randint(2, 10) 7 | 8 | # Generate random password 9 | if not password: 10 | length = random.randint(16, 22) 11 | password = '' 12 | for x in range(length): 13 | password += chr(random.randint(33, 126 - key)) 14 | 15 | 16 | # Load flag from file 17 | with open('./flag.txt') as f: 18 | flag = f.read().strip() 19 | 20 | # Encode password 21 | enc_password = '' 22 | for i in range(len(password)): 23 | enc_password += chr(ord(password[i]) + (i % key)) 24 | 25 | # Encode flag 26 | enc_flag = [] 27 | flag_len = len(flag) 28 | i = 0 29 | while i < flag_len: 30 | for j in range(len(username)): 31 | if i >= flag_len: 32 | break; 33 | enc_flag.append(str(ord(flag[i]) ^ ord(username[j]))) 34 | i += 1 35 | 36 | for j in range(len(password)): 37 | if i >= flag_len: 38 | break; 39 | enc_flag.append(str(ord(flag[i]) ^ ord(password[j]))) 40 | i += 1 41 | 42 | enc_flag = '{' + ', '.join(enc_flag) + '}' 43 | 44 | with open('./source.c', 'w') as source: 45 | with open('./template.c', 'r') as template: 46 | source.write( 47 | template.read() 48 | .replace('%%ecrypted_flag%%', enc_flag) 49 | .replace('%%flag_len%%', str(len(flag))) 50 | .replace('%%username%%', username) 51 | .replace('%%enc_password%%', enc_password.replace("\\", "\\\\")) 52 | .replace('%%key%%', str(key)) 53 | ) 54 | 55 | print(f''' 56 | Generated source for: 57 | FLAG: {flag} 58 | USERNAME: {username} 59 | PASSWORD: {password} 60 | KEY: {str(key)} 61 | ''') 62 | -------------------------------------------------------------------------------- /challenge-08-encrypted-password/src/source.c: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | 4 | int flag_len = 29; 5 | char ecrypted_flag[] = {39, 40, 44, 46, 21, 31, 74, 41, 64, 6, 1, 3, 49, 2, 49, 23, 5, 61, 22, 100, 29, 27, 10, 38, 59, 61, 27, 1, 16}; 6 | 7 | void encrypt_password(int key, char *password, char *encrypted) { 8 | int len = strlen(password); 9 | for (int i = 0; i < len; ++i) { 10 | encrypted[i] = password[i] + (i % key); 11 | } 12 | encrypted[len - 1] = '\n'; 13 | } 14 | 15 | void print_flag(char *username, char * password) { 16 | int i = 0; 17 | do { 18 | for (int j = 0; j < strlen(username) - 1 && i < flag_len; ++j) { 19 | printf("%c", (ecrypted_flag[i] ^ username[j])); 20 | i++; 21 | } 22 | for (int j = 0; j < strlen(password) - 1 && i < flag_len; ++j) { 23 | printf("%c", (ecrypted_flag[i] ^ password[j])); 24 | i++; 25 | } 26 | } while (i < flag_len); 27 | printf("\n"); 28 | } 29 | 30 | int main(void) { 31 | char username[256]; 32 | char password[256]; 33 | 34 | printf("-= Please authenticate =-\n"); 35 | 36 | // Get username 37 | printf("username: "); 38 | fflush(stdout); 39 | fgets(username, 255, stdin); 40 | 41 | // Get password 42 | printf("password: "); 43 | fflush(stdout); 44 | fgets(password, 255, stdin); 45 | 46 | // If username is correct 47 | if (strcmp(username, "admin\n") != 0) { 48 | printf("Error! Unknown user.\n"); 49 | return 1; 50 | } 51 | 52 | // Check if password is correct 53 | char encrypted[256]; 54 | encrypt_password(5, password, encrypted); 55 | if (strcmp(encrypted, "mzavXr1pJcp5uv[osF\n") != 0) { 56 | printf("Error! Incorrect password.\n"); 57 | return 1; 58 | } 59 | 60 | printf("Successful authentication!\n"); 61 | printf("\n"); 62 | 63 | // Print flag 64 | print_flag(username, password); 65 | 66 | return 0; 67 | } 68 | -------------------------------------------------------------------------------- /challenge-08-encrypted-password/src/template.c: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | 4 | int flag_len = %%flag_len%%; 5 | char ecrypted_flag[] = %%ecrypted_flag%%; 6 | 7 | void encrypt_password(int key, char *password, char *encrypted) { 8 | int len = strlen(password); 9 | for (int i = 0; i < len; ++i) { 10 | encrypted[i] = password[i] + (i % key); 11 | } 12 | encrypted[len - 1] = '\n'; 13 | } 14 | 15 | void print_flag(char *username, char * password) { 16 | int i = 0; 17 | do { 18 | for (int j = 0; j < strlen(username) - 1 && i < flag_len; ++j) { 19 | printf("%c", (ecrypted_flag[i] ^ username[j])); 20 | i++; 21 | } 22 | for (int j = 0; j < strlen(password) - 1 && i < flag_len; ++j) { 23 | printf("%c", (ecrypted_flag[i] ^ password[j])); 24 | i++; 25 | } 26 | } while (i < flag_len); 27 | printf("\n"); 28 | } 29 | 30 | int main(void) { 31 | char username[256]; 32 | char password[256]; 33 | 34 | printf("-= Please authenticate =-\n"); 35 | 36 | // Get username 37 | printf("username: "); 38 | fflush(stdout); 39 | fgets(username, 255, stdin); 40 | 41 | // Get password 42 | printf("password: "); 43 | fflush(stdout); 44 | fgets(password, 255, stdin); 45 | 46 | // If username is correct 47 | if (strcmp(username, "%%username%%\n") != 0) { 48 | printf("Error! Unknown user.\n"); 49 | return 1; 50 | } 51 | 52 | // Check if password is correct 53 | char encrypted[256]; 54 | encrypt_password(%%key%%, password, encrypted); 55 | if (strcmp(encrypted, "%%enc_password%%\n") != 0) { 56 | printf("Error! Incorrect password.\n"); 57 | return 1; 58 | } 59 | 60 | printf("Successful authentication!\n"); 61 | printf("\n"); 62 | 63 | // Print flag 64 | print_flag(username, password); 65 | 66 | return 0; 67 | } 68 | -------------------------------------------------------------------------------- /challenge-08-encrypted-password/writeup/ghidra-encrypto-password.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-08-encrypted-password/writeup/ghidra-encrypto-password.png -------------------------------------------------------------------------------- /challenge-08-encrypted-password/writeup/ghidra-main.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-08-encrypted-password/writeup/ghidra-main.png -------------------------------------------------------------------------------- /challenge-08-encrypted-password/writeup/ghidra.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-08-encrypted-password/writeup/ghidra.png -------------------------------------------------------------------------------- /challenge-09-sound-messages/challenge.yml: -------------------------------------------------------------------------------- 1 | # This file represents the base specification of your challenge. It is used by 2 | # other tools to install and deploy your challenge. 3 | 4 | # Required sections 5 | name: "Ηχητικό Μήνυμα" 6 | author: "Michalis Takaronis " 7 | homepage: "https://ssl.ds.unipi.gr/" 8 | category: Διάφορα 9 | description: "![speaker](/files/fccd32c5a1643dadd2bee70b9ed718f4/challenge_09.png)\n\nΈλαβες ένα ηχητικό μήνυμα με περίεργους μονότονους ήχους. Μπορείς να αποκωδικοποιήσεις το μήνυμα;\n\nΓια να ολοκληρώσεις την δοκιμασία θα πρέπει να τοποθέτησεις το αποκρυπτογραφημένο μήνυμα μέσα στo `FLAG{ ... }` (π.χ. `FLAG{decrypted_message}`)" 10 | value: 600 11 | type: dynamic 12 | 13 | # The extra field provides additional fields for data during the install/sync commands/ 14 | # Fields in extra can be used to supply additional information for other challenge types 15 | # For example the follow extra field is for dynamic challenges. To use these following 16 | # extra fields, set the type to "dynamic" and uncomment the "extra" section below 17 | extra: 18 | initial: 600 19 | decay: 20 20 | minimum: 200 21 | 22 | # Flags specify answers that your challenge use. You should generally provide at least one. 23 | # Can be removed if unused 24 | # Accepts strings or dictionaries of CTFd API data 25 | flags: 26 | # A static case sensitive flag 27 | - { 28 | type: "static", 29 | content: "FLAG{M0RS3-C0D3-1S-B3TT3R-W1TH-X0R-0P3R4T1ONS}", 30 | data: "case_insensitive", 31 | } 32 | 33 | # Topics are used to help tell what techniques/information a challenge involves 34 | # They are generally only visible to admins 35 | # Accepts strings 36 | topics: 37 | - Βασικές γνώσεις ανάλυσης αρχείων ήχου. 38 | - Εισαγωγικές γνώσεις κωδικοποιήσεων. 39 | - Κατανόηση Κώδικα Μορς. 40 | - Κατανόηση του λογικού τελεστή XOR. 41 | 42 | # Tags are used to provide additional public tagging to a challenge 43 | # Can be removed if unused 44 | # Accepts strings 45 | tags: 46 | - Mέτρια 47 | - Διάφορα 48 | - Misc 49 | 50 | 51 | # Provide paths to files from the same directory that this file is in 52 | # Accepts strings 53 | files: 54 | - dist/misc_sound_message.zip 55 | 56 | # Hints are used to give players a way to buy or have suggestions. They are not 57 | # required but can be nice. 58 | # Can be removed if unused 59 | # Accepts dictionaries or strings 60 | hints: 61 | #- { 62 | # content: "Thi is affected by corrupted magic power!", 63 | # cost: 0 64 | #} 65 | 66 | # The state of the challenge. 67 | # If the field is omitted, the challenge is visible by default. 68 | # If provided, the field can take one of two values: hidden, visible. 69 | state: hidden 70 | 71 | # Specifies what version of the challenge specification was used. 72 | # Subject to change until ctfcli v1.0.0 73 | version: "0.1" 74 | -------------------------------------------------------------------------------- /challenge-09-sound-messages/dist/misc_sound_message.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-09-sound-messages/dist/misc_sound_message.zip -------------------------------------------------------------------------------- /challenge-09-sound-messages/notes.txt: -------------------------------------------------------------------------------- 1 | pt: FLAG{M0RS3_C0D3_1S_B3TT3R_W1TH_X0R_0P3R4T1ONS} 2 | 3 | Description FLAG{decrypted_message} 4 | 5 | 6 | key: 0x2 7 | 8 | 9 | xor : O2PQ1/A2F1/3Q/@1VV1P/U3VJ/Z2P/2R1P6V3MLQ 10 | 11 | 12 | morse: --- ..--- .--. --.- .---- -..-. .- ..--- ..-. .---- -..-. ...-- --.- -..-. .--.-. .---- ...- ...- .---- .--. -..-. ..- ...-- ...- .--- -..-. --.. ..--- .--. -..-. ..--- .-. .---- .--. -.... ...- ...-- -- .-.. --.- 13 | 14 | The user will be provided with 2 morce code files. The first one will contain the cipretext and the othe other one the attack the user have to perform. 15 | -------------------------------------------------------------------------------- /challenge-09-sound-messages/writeup/README.md: -------------------------------------------------------------------------------- 1 | # Ηχητικό Μήνυμα Write-Up 2 | 3 | 4 | 5 | | Δοκιμασία | Ηχητικό Μήνυμα | 6 | | :------- | :----- | 7 | | Δυσκολία | Mέτρια | 8 | | Κατηγορία | Διάφορα (Misc) | 9 | | Λύσεις | 23 | 10 | | Πόντοι | 200 | 11 | 12 | ## Περιγραφή Δοκιμασίας 13 | 14 | Η περιγραφή της δοκιμασίας αναφέρει: 15 | ``` 16 | Έλαβες ένα ηχητικό μήνυμα με περίεργους μονότονους ήχους. Μπορείς να αποκωδικοποιήσεις το μήνυμα; 17 | Για να ολοκληρώσεις την δοκιμασία θα πρέπει να τοποθέτησεις το αποκρυπτογραφημένο μήνυμα μέσα στo FLAG{ ... } (π.χ. FLAG{decrypted_message}) 18 | ``` 19 | 20 | Παράλληλα δίνετε ένα αρχείο `zip` το οποίο περιέχει 2 αρχεία ήχου τύπου `wav`. 21 | 22 | ## Επίλυση 23 | ### Ανάλυση αρχείου x.wav 24 | 25 | Το αρχείο `x.wav` φάινεται να περιέχει ήχους από τελείες και παύλες τις οποίες μπορούμε να τις αποκωδικοποιήσουμε σαν morse code. 26 | 27 | Αποκωδικοποιώντας το morse code μήνυμα του συγκριμένου αρχείου (με το χέρι, ή με χρήση εργαλείων σαν το [Morse Code Adaptive Audio Decoder](https://morsecode.world/international/decoder/audio-decoder-adaptive.html)) παίρνουμε το μήνυμα: 28 | ``` 29 | XORBRUTEFORCE 30 | ``` 31 | 32 | Μιας και το XOR brute force είναι ένα είδος επίθεσης, καταλαβαίνουμε πως αυτό μπορεί να είναι μια επίθεση που πρέπει να κάνουμε. 33 | 34 | ![](attack.png) 35 | 36 | ### Ανάλυση αρχείου cp.wav 37 | 38 | Αποκωδικοποιώντας το morse code μήνυμα του άλλου αρχείου (όπως και πριν), βρίσκουμε ένα κρυπτογράφημα. 39 | ``` 40 | O2PQ1/A2F1/3Q/@1VV1P/U3VJ/Z2P/2R1P6V3MLQ 41 | ``` 42 | 43 | Εκμεταλλευόμαστε την πληροφορία που πήραμε από το προηγούμενο μήνυμα, και εκτελούμε ένα XOR brute force. Η επίθεση μπορεί να με την χρήση [XOR Cipher](https://www.dcode.fr/xor-cipher). 44 | 45 | ![](solve.png) 46 | 47 | Κοιτώντας τα αποτελέσματα, παρατηρούμε πως για το κλειδί `02` το μήνυμα είναι: 48 | ``` 49 | M0RS3-C0D3-1S-B3TT3R-W1TH-X0R-0P3R4T1ONS 50 | ``` 51 | 52 | ## Σημαία 53 | 54 | ``` 55 | FLAG{M0RS3-C0D3-1S-B3TT3R-W1TH-X0R-0P3R4T1ONS} 56 | ``` -------------------------------------------------------------------------------- /challenge-09-sound-messages/writeup/attack.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-09-sound-messages/writeup/attack.png -------------------------------------------------------------------------------- /challenge-09-sound-messages/writeup/solve.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-09-sound-messages/writeup/solve.png -------------------------------------------------------------------------------- /challenge-10-wifi-evidence/challenge.yml: -------------------------------------------------------------------------------- 1 | # This file represents the base specification of your challenge. It is used by 2 | # other tools to install and deploy your challenge. 3 | 4 | # Required sections 5 | name: "WiFi πειστήρια" 6 | author: "Athanasios Vasileios Grammatopoulos " 7 | homepage: "https://ssl.ds.unipi.gr/" 8 | category: Ψηφιακή Εγκληματολογία 9 | description: "![access-point](/files/523365bf03113de39eae9fde37049dbd/challenge_10.png)\n\nΟι μυστικές υπηρεσίες παρακολουθούν εδώ και μήνες έναν ύποπτο για οικονομικά εγκλήματα. Για την συλλογής στοιχείων πάνω στην υπόθεση εκδόθηκε άδεια να παρακολουθούν τις ηλεκτρονικές επικοινωνίες του ύποπτου με σκοπό την αποκάλυψη πιθανών συνεργών του. Δουλειά σου σαν πράκτορας είναι να ελέγξεις τις διαδικτυακές κινήσεις του υπόπτου τις οποίες έκανε πάνω από το κλειστό WiFi δίκτυο του κρησφύγετού του." 10 | value: 600 11 | type: dynamic 12 | 13 | # The extra field provides additional fields for data during the install/sync commands/ 14 | # Fields in extra can be used to supply additional information for other challenge types 15 | # For example the follow extra field is for dynamic challenges. To use these following 16 | # extra fields, set the type to "dynamic" and uncomment the "extra" section below 17 | extra: 18 | initial: 600 19 | decay: 20 20 | minimum: 200 21 | 22 | # Flags specify answers that your challenge use. You should generally provide at least one. 23 | # Can be removed if unused 24 | # Accepts strings or dictionaries of CTFd API data 25 | flags: 26 | # A static case sensitive flag 27 | - FLAG{a0c88f089eb76614f13ec1796d9bb5a0bf4ff9894c00140737ff959265e97efe} 28 | 29 | # Topics are used to help tell what techniques/information a challenge involves 30 | # They are generally only visible to admins 31 | # Accepts strings 32 | topics: 33 | #- 34 | 35 | # Tags are used to provide additional public tagging to a challenge 36 | # Can be removed if unused 37 | # Accepts strings 38 | tags: 39 | - Δύσκολη 40 | - Ψηφιακή Εγκληματολογία 41 | - Forensics 42 | 43 | 44 | # Provide paths to files from the same directory that this file is in 45 | # Accepts strings 46 | files: 47 | - dist/forensics_wifi_evidence.zip 48 | 49 | # Hints are used to give players a way to buy or have suggestions. They are not 50 | # required but can be nice. 51 | # Can be removed if unused 52 | # Accepts dictionaries or strings 53 | hints: 54 | #- { 55 | # content: "Thi is affected by corrupted magic power!", 56 | # cost: 0 57 | #} 58 | 59 | # The state of the challenge. 60 | # If the field is omitted, the challenge is visible by default. 61 | # If provided, the field can take one of two values: hidden, visible. 62 | state: hidden 63 | 64 | # Specifies what version of the challenge specification was used. 65 | # Subject to change until ctfcli v1.0.0 66 | version: "0.1" 67 | -------------------------------------------------------------------------------- /challenge-10-wifi-evidence/dist/forensics_wifi_evidence.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-10-wifi-evidence/dist/forensics_wifi_evidence.zip -------------------------------------------------------------------------------- /challenge-10-wifi-evidence/src/app/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | Secure Chat 7 | 8 | 9 | 10 | 11 | 12 |
13 |
14 | 15 |
16 |
17 |
18 | 19 |
20 |

Secure Chat

21 |
22 | 23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 | 31 |
32 |
33 |
34 | Encrypted Session 35 |
connecting ...
36 |
37 |
38 |
39 | 40 |
41 | 42 |
43 |
44 | 45 | 46 |
47 |
48 | 49 |
50 |
51 |
52 |
53 |
54 | 55 | 56 | 57 | 58 | 59 | 60 | -------------------------------------------------------------------------------- /challenge-10-wifi-evidence/src/app/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "chat-app", 3 | "version": "1.0.0", 4 | "description": "", 5 | "main": "app.js", 6 | "scripts": { 7 | "test": "echo \"Error: no test specified\" && exit 1" 8 | }, 9 | "author": "", 10 | "license": "ISC", 11 | "dependencies": { 12 | "ws": "^8.12.1" 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /challenge-10-wifi-evidence/src/app/static/chat.css: -------------------------------------------------------------------------------- 1 | body{ 2 | margin-top: 0px; 3 | } 4 | 5 | #app { 6 | position: absolute; 7 | top: 0px; 8 | bottom: 0px; 9 | left: 0px; 10 | right: 0px; 11 | } 12 | 13 | .fullh { 14 | height: 100%; 15 | } 16 | 17 | .chat-wrapper { 18 | height: 100%; 19 | overflow: hidden; 20 | position: relative; 21 | } 22 | 23 | .chat-wrapper-top{ 24 | position: absolute; 25 | top: 0px; 26 | left: 0px; 27 | right: 0px; 28 | height: 68px; 29 | overflow: hidden; 30 | } 31 | 32 | .chat-messages { 33 | position: absolute; 34 | top: 68px; 35 | bottom: 71px; 36 | left: 0px; 37 | right: 0px; 38 | } 39 | 40 | .chat-wrapper-bottom{ 41 | position: absolute; 42 | bottom: 0px; 43 | left: 0px; 44 | right: 0px; 45 | height: 71px; 46 | overflow: hidden; 47 | } 48 | 49 | .anonymous-picture{ 50 | font-family: MONOSPACE; 51 | background: black; 52 | color: white; 53 | line-height: 40px; 54 | text-align: center; 55 | width:40px; 56 | height: 40px; 57 | } 58 | 59 | .chat-online { 60 | color: #34ce57 61 | } 62 | 63 | .chat-offline { 64 | color: #e4606d 65 | } 66 | 67 | .chat-messages { 68 | display: flex; 69 | flex-direction: column; 70 | /*max-height: 800px;*/ 71 | overflow-y: scroll 72 | } 73 | 74 | .chat-message-left, 75 | .chat-message-right { 76 | display: flex; 77 | flex-shrink: 0 78 | } 79 | 80 | .chat-message-left { 81 | margin-right: auto 82 | } 83 | 84 | .chat-message-right { 85 | flex-direction: row-reverse; 86 | margin-left: auto 87 | } 88 | .py-3 { 89 | padding-top: 1rem!important; 90 | padding-bottom: 1rem!important; 91 | } 92 | .px-4 { 93 | padding-right: 1.5rem!important; 94 | padding-left: 1.5rem!important; 95 | } 96 | .flex-grow-0 { 97 | flex-grow: 0!important; 98 | } 99 | .border-top { 100 | border-top: 1px solid #dee2e6!important; 101 | } 102 | -------------------------------------------------------------------------------- /challenge-10-wifi-evidence/src/info.txt: -------------------------------------------------------------------------------- 1 | App will be at 2 | http://secure-app.pmdk.ctflib.eu:4242/ 3 | 4 | WiFi password will be 5 | lamborghini 6 | WiFi name will be 7 | EasyMoney 8 | 9 | Command to prepare WiFi capturing 10 | sudo airmon-ng check kill 11 | sudo airmon-ng start wlan0 12 | sudo ifconfig wlan0 down && sudo ifconfig wlan0 up 13 | sudo airodump-ng -w try1 --manufacturer --channel 1 --essid EasyMoney wlan0 14 | 15 | Wireshark WPA key 16 | lamborghini:EasyMoney 17 | 18 | Steps to create challenge 19 | Step 1: Launch a hotspot with the name "EasyMoney" and password "lamborghini" 20 | Step 2: Start capturing the traffic on that network 21 | Step 3: Open the webapp on an other client that is not on that network 22 | Step 4: Connect client device on the network using the password 23 | Step 5: Open the webapp on the browser 24 | Step 6: Start the script between the 2 clients 25 | 26 | Problems: 27 | - Too many packages were lost or malformed 28 | - We can do the process about 15 times to get good results for the pcap files 29 | -------------------------------------------------------------------------------- /challenge-10-wifi-evidence/writeup/1-wireshark-view-of-packets.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-10-wifi-evidence/writeup/1-wireshark-view-of-packets.png -------------------------------------------------------------------------------- /challenge-10-wifi-evidence/writeup/10-wireshark-websocket.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-10-wifi-evidence/writeup/10-wireshark-websocket.png -------------------------------------------------------------------------------- /challenge-10-wifi-evidence/writeup/11-replayed-messages.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-10-wifi-evidence/writeup/11-replayed-messages.png -------------------------------------------------------------------------------- /challenge-10-wifi-evidence/writeup/2-crack-wifi-password-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-10-wifi-evidence/writeup/2-crack-wifi-password-1.png -------------------------------------------------------------------------------- /challenge-10-wifi-evidence/writeup/3-crack-wifi-password-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-10-wifi-evidence/writeup/3-crack-wifi-password-2.png -------------------------------------------------------------------------------- /challenge-10-wifi-evidence/writeup/4-wireshark-wpa-keys.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-10-wifi-evidence/writeup/4-wireshark-wpa-keys.png -------------------------------------------------------------------------------- /challenge-10-wifi-evidence/writeup/5-traffic-to-a-secure-app-website.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-10-wifi-evidence/writeup/5-traffic-to-a-secure-app-website.png -------------------------------------------------------------------------------- /challenge-10-wifi-evidence/writeup/6-exporting-website-files.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-10-wifi-evidence/writeup/6-exporting-website-files.png -------------------------------------------------------------------------------- /challenge-10-wifi-evidence/writeup/8-recovered-website-files.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-10-wifi-evidence/writeup/8-recovered-website-files.png -------------------------------------------------------------------------------- /challenge-10-wifi-evidence/writeup/9-recovered-website.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-10-wifi-evidence/writeup/9-recovered-website.png -------------------------------------------------------------------------------- /challenge-10-wifi-evidence/writeup/files/chat.css: -------------------------------------------------------------------------------- 1 | body{ 2 | margin-top: 0px; 3 | } 4 | 5 | #app { 6 | position: absolute; 7 | top: 0px; 8 | bottom: 0px; 9 | left: 0px; 10 | right: 0px; 11 | } 12 | 13 | .fullh { 14 | height: 100%; 15 | } 16 | 17 | .chat-wrapper { 18 | height: 100%; 19 | overflow: hidden; 20 | position: relative; 21 | } 22 | 23 | .chat-wrapper-top{ 24 | position: absolute; 25 | top: 0px; 26 | left: 0px; 27 | right: 0px; 28 | height: 68px; 29 | overflow: hidden; 30 | } 31 | 32 | .chat-messages { 33 | position: absolute; 34 | top: 68px; 35 | bottom: 71px; 36 | left: 0px; 37 | right: 0px; 38 | } 39 | 40 | .chat-wrapper-bottom{ 41 | position: absolute; 42 | bottom: 0px; 43 | left: 0px; 44 | right: 0px; 45 | height: 71px; 46 | overflow: hidden; 47 | } 48 | 49 | .anonymous-picture{ 50 | font-family: MONOSPACE; 51 | background: black; 52 | color: white; 53 | line-height: 40px; 54 | text-align: center; 55 | width:40px; 56 | height: 40px; 57 | } 58 | 59 | .chat-online { 60 | color: #34ce57 61 | } 62 | 63 | .chat-offline { 64 | color: #e4606d 65 | } 66 | 67 | .chat-messages { 68 | display: flex; 69 | flex-direction: column; 70 | /*max-height: 800px;*/ 71 | overflow-y: scroll 72 | } 73 | 74 | .chat-message-left, 75 | .chat-message-right { 76 | display: flex; 77 | flex-shrink: 0 78 | } 79 | 80 | .chat-message-left { 81 | margin-right: auto 82 | } 83 | 84 | .chat-message-right { 85 | flex-direction: row-reverse; 86 | margin-left: auto 87 | } 88 | .py-3 { 89 | padding-top: 1rem!important; 90 | padding-bottom: 1rem!important; 91 | } 92 | .px-4 { 93 | padding-right: 1.5rem!important; 94 | padding-left: 1.5rem!important; 95 | } 96 | .flex-grow-0 { 97 | flex-grow: 0!important; 98 | } 99 | .border-top { 100 | border-top: 1px solid #dee2e6!important; 101 | } 102 | -------------------------------------------------------------------------------- /challenge-10-wifi-evidence/writeup/files/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | Secure Chat 7 | 8 | 9 | 10 | 11 | 12 |
13 |
14 | 15 |
16 |
17 |
18 | 19 |
20 |

Secure Chat

21 |
22 | 23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 | 31 |
32 |
33 |
34 | Encrypted Session 35 |
connecting ...
36 |
37 |
38 |
39 | 40 |
41 | 42 |
43 |
44 | 45 | 46 |
47 |
48 | 49 |
50 |
51 |
52 |
53 |
54 | 55 | 56 | 57 | 58 | 59 | 60 | -------------------------------------------------------------------------------- /challenge-11-weak-locks/challenge.yml: -------------------------------------------------------------------------------- 1 | # This file represents the base specification of your challenge. It is used by 2 | # other tools to install and deploy your challenge. 3 | 4 | # Required sections 5 | name: "Αδύναμες Κλειδαριές" 6 | author: "sem1tonos " 7 | category: Κρυπτογραφία 8 | description: "![rsa-padlock](/files/61c70c1b22c7ae9b0cd168234bb30c2c/challenge_11.png)\n\nΤο μήνυμα αυτό είναι κρυπτογραφημένο με το RSA δημόσιο κλειδί που δίνεται. Μπορείς να βρεις το ιδιωτικό κλειδί και να αποκρυπτογραφήσεις το μήνυμα;" 9 | value: 600 10 | type: dynamic 11 | 12 | # The extra field provides additional fields for data during the install/sync commands/ 13 | # Fields in extra can be used to supply additional information for other challenge types 14 | # For example the follow extra field is for dynamic challenges. To use these following 15 | # extra fields, set the type to "dynamic" and uncomment the "extra" section below 16 | extra: 17 | initial: 600 18 | decay: 20 19 | minimum: 200 20 | 21 | # Flags specify answers that your challenge use. You should generally provide at least one. 22 | # Can be removed if unused 23 | # Accepts strings or dictionaries of CTFd API data 24 | flags: 25 | # A static case sensitive flag 26 | - FLAG{1b0912a1fd127fb9187752d9ed603b7e} 27 | 28 | # Topics are used to help tell what techniques/information a challenge involves 29 | # They are generally only visible to admins 30 | # Accepts strings 31 | topics: 32 | - Γνώσεις Κρυπτογραφίας. 33 | - Κατανόηση αλγορίθμου RSA. 34 | - Γνώσεις επιθέσεων σε αδύναμα κλειδιά. 35 | 36 | # Tags are used to provide additional public tagging to a challenge 37 | # Can be removed if unused 38 | # Accepts strings 39 | tags: 40 | - Δύσκολη 41 | - Κρυπτογραφία 42 | - Cryptography 43 | 44 | # Provide paths to files from the same directory that this file is in 45 | # Accepts strings 46 | files: 47 | - dist/crypto_weak_locks.zip 48 | 49 | # The state of the challenge. 50 | # If the field is omitted, the challenge is visible by default. 51 | # If provided, the field can take one of two values: hidden, visible. 52 | state: hidden 53 | 54 | # Specifies what version of the challenge specification was used. 55 | # Subject to change until ctfcli v1.0.0 56 | version: "0.1" 57 | -------------------------------------------------------------------------------- /challenge-11-weak-locks/dist/crypto_weak_locks.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-11-weak-locks/dist/crypto_weak_locks.zip -------------------------------------------------------------------------------- /challenge-11-weak-locks/src/data.txt: -------------------------------------------------------------------------------- 1 | c = 2094979585608680836233193997487890176040270502324810567700311729514482445310484825255947244508295839865409644945578 2 | -------------------------------------------------------------------------------- /challenge-11-weak-locks/src/pubkey.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PUBLIC KEY----- 2 | MEswDQYJKoZIhvcNAQEBBQADOgAwNwIwMnZL0LEekBWw8c5/yzRvDujmHgQoRg/s 3 | 86q+KzaIxtbB4vVEfFg97d4pPOmi1pyZAgMBAAE= 4 | -----END PUBLIC KEY----- 5 | -------------------------------------------------------------------------------- /challenge-11-weak-locks/src/script.py: -------------------------------------------------------------------------------- 1 | from Crypto.PublicKey import RSA 2 | from Crypto.Util.number import getPrime, long_to_bytes, bytes_to_long 3 | 4 | FLAG = b'??????????????????????????????????????' 5 | 6 | p, q = getPrime((1 << 6) + (1 << 5)), getPrime((1 << 6) + (1 << 5)) 7 | 8 | n = p**2 * q**2 9 | e = 65537 10 | 11 | key = RSA.construct((n, e)) 12 | 13 | with open('pubkey.pem', 'wb') as f: 14 | f.write(key.exportKey()+b'\n') 15 | 16 | m = bytes_to_long(FLAG) 17 | 18 | c = pow(m, e, n) 19 | 20 | with open('data.txt', 'w') as f: 21 | f.write(f'c = {c}\n') 22 | -------------------------------------------------------------------------------- /challenge-11-weak-locks/writeup/data.txt: -------------------------------------------------------------------------------- 1 | c = 2094979585608680836233193997487890176040270502324810567700311729514482445310484825255947244508295839865409644945578 2 | -------------------------------------------------------------------------------- /challenge-11-weak-locks/writeup/pubkey.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PUBLIC KEY----- 2 | MEswDQYJKoZIhvcNAQEBBQADOgAwNwIwMnZL0LEekBWw8c5/yzRvDujmHgQoRg/s 3 | 86q+KzaIxtbB4vVEfFg97d4pPOmi1pyZAgMBAAE= 4 | -----END PUBLIC KEY----- 5 | -------------------------------------------------------------------------------- /challenge-11-weak-locks/writeup/solve.py: -------------------------------------------------------------------------------- 1 | from Crypto.PublicKey import RSA 2 | from Crypto.Util.number import long_to_bytes 3 | from sage.all import * 4 | from gmpy2 import iroot 5 | 6 | with open('pubkey.pem') as f: 7 | key = RSA.import_key(f.read()) 8 | 9 | n = key.n 10 | e = key.e 11 | 12 | N = iroot(n, 2)[0] 13 | facs = factor(N) 14 | p, q = facs[0][0], facs[1][0] 15 | 16 | assert n == p**2 * q**2 17 | 18 | phi = N * (p-1)*(q-1) 19 | d = power_mod(e, -1, phi) 20 | 21 | with open('data.txt') as f: 22 | c = int(f.read().strip().split(' = ')[1]) 23 | 24 | m = power_mod(c, d, n) 25 | 26 | print(long_to_bytes(m).decode()) -------------------------------------------------------------------------------- /challenge-12-ransomware/Makefile: -------------------------------------------------------------------------------- 1 | default: print 2 | cd src/ && python3 zencrypt.py && zip -r ../dist/crypto_ransomware.zip zencrypt.py *.enc 3 | @echo Challenge compiled. 4 | print: 5 | @echo Current Flag: $(shell bash -c 'cat src/app/flag.txt') 6 | change: print changeflag clean default print 7 | changeflag: 8 | $(shell bash -c 'read -p "New Flag: " flag; echo $$flag > src/app/flag.txt') 9 | @echo Flag changed. 10 | clean: 11 | rm -f dist/*.zip 12 | @echo Challenge cleaned. 13 | -------------------------------------------------------------------------------- /challenge-12-ransomware/challenge.yml: -------------------------------------------------------------------------------- 1 | # This file represents the base specification of your challenge. It is used by 2 | # other tools to install and deploy your challenge. 3 | 4 | # Required sections 5 | name: "R4NS0MW4R3" 6 | author: "sem1tonos " 7 | homepage: "https://ssl.ds.unipi.gr/" 8 | category: Κρυπτογραφία 9 | description: "![pc-on-fire](/files/f2c4261e3eda3dfee00e2987292376c8/challenge_12.png)\n\nΗ εταιρεία μας έπεσε θύμα κυβερνοεπίθεσης κατά την οποία κάποιοι πήραν πρόσβαση στον κεντρικό διακομιστή μας και κρυπτογράφησε όλα τα αρχεία μας. Οι κακοποιοί επικοινώνησαν μαζί μας και μας ζητάνε λίτρα για να μας δώσουν το κλειδί για την αποκρυπτογράφηση, αλλά το ποσό είναι τεράστιο για την εταιρεία μας. Αν δεν μας βοηθήσεις θα χάσουμε όλα μας τα αρχεία για πάντα!" 10 | value: 600 11 | type: dynamic 12 | 13 | # The extra field provides additional fields for data during the install/sync commands/ 14 | # Fields in extra can be used to supply additional information for other challenge types 15 | # For example the follow extra field is for dynamic challenges. To use these following 16 | # extra fields, set the type to "dynamic" and uncomment the "extra" section below 17 | extra: 18 | initial: 600 19 | decay: 20 20 | minimum: 200 21 | 22 | # Flags specify answers that your challenge use. You should generally provide at least one. 23 | # Can be removed if unused 24 | # Accepts strings or dictionaries of CTFd API data 25 | flags: 26 | # A static case sensitive flag 27 | - FLAG{Too_many_leakzzz} 28 | 29 | # Topics are used to help tell what techniques/information a challenge involves 30 | # They are generally only visible to admins 31 | # Accepts strings 32 | topics: 33 | - bruteforce 34 | - aes ecb 35 | - ransomware 36 | 37 | # Tags are used to provide additional public tagging to a challenge 38 | # Can be removed if unused 39 | # Accepts strings 40 | tags: 41 | - Υπερβολικά δύσκολη 42 | - Κρυπτογραφία 43 | - Προγραμματισμός 44 | - Cryptography 45 | - Programming 46 | 47 | # Provide paths to files from the same directory that this file is in 48 | # Accepts strings 49 | files: 50 | - dist/crypto_ransomware.zip 51 | 52 | # Hints are used to give players a way to buy or have suggestions. They are not 53 | # required but can be nice. 54 | # Can be removed if unused 55 | # Accepts dictionaries or strings 56 | hints: 57 | #- { 58 | # content: "No hints.", 59 | # cost: 0 60 | #} 61 | 62 | # The state of the challenge. 63 | # If the field is omitted, the challenge is visible by default. 64 | # If provided, the field can take one of two values: hidden, visible. 65 | state: hidden 66 | 67 | # Specifies what version of the challenge specification was used. 68 | # Subject to change until ctfcli v1.0.0 69 | version: "0.1" 70 | -------------------------------------------------------------------------------- /challenge-12-ransomware/dist/crypto_ransomware.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-12-ransomware/dist/crypto_ransomware.zip -------------------------------------------------------------------------------- /challenge-12-ransomware/src/deep_web_results.txt.enc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-12-ransomware/src/deep_web_results.txt.enc -------------------------------------------------------------------------------- /challenge-12-ransomware/src/dont_open_me.txt.enc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-12-ransomware/src/dont_open_me.txt.enc -------------------------------------------------------------------------------- /challenge-12-ransomware/src/extremely_important.txt.enc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-12-ransomware/src/extremely_important.txt.enc -------------------------------------------------------------------------------- /challenge-12-ransomware/src/fake_flag!1!!!1.txt.enc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-12-ransomware/src/fake_flag!1!!!1.txt.enc -------------------------------------------------------------------------------- /challenge-12-ransomware/src/fbi_open_up.txt.enc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-12-ransomware/src/fbi_open_up.txt.enc -------------------------------------------------------------------------------- /challenge-12-ransomware/src/flag.png.enc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-12-ransomware/src/flag.png.enc -------------------------------------------------------------------------------- /challenge-12-ransomware/src/flag.txt: -------------------------------------------------------------------------------- 1 | FLAG{Too_many_leakzzz} -------------------------------------------------------------------------------- /challenge-12-ransomware/src/plain/fake_flag!1!!!1.txt: -------------------------------------------------------------------------------- 1 | FLAG{Th1s_1s_f4k3} -------------------------------------------------------------------------------- /challenge-12-ransomware/src/plain/flag.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-12-ransomware/src/plain/flag.png -------------------------------------------------------------------------------- /challenge-12-ransomware/src/plain/readme.txt: -------------------------------------------------------------------------------- 1 | Well done, you solved this challenge! I probably shouldn't leak so many key bytes because you can brute force the rest :( -------------------------------------------------------------------------------- /challenge-12-ransomware/src/please_dont.txt.enc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-12-ransomware/src/please_dont.txt.enc -------------------------------------------------------------------------------- /challenge-12-ransomware/src/random.txt.enc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-12-ransomware/src/random.txt.enc -------------------------------------------------------------------------------- /challenge-12-ransomware/src/readme.txt.enc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-12-ransomware/src/readme.txt.enc -------------------------------------------------------------------------------- /challenge-12-ransomware/src/really_important.txt.enc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-12-ransomware/src/really_important.txt.enc -------------------------------------------------------------------------------- /challenge-12-ransomware/src/secret_flag.txt.enc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-12-ransomware/src/secret_flag.txt.enc -------------------------------------------------------------------------------- /challenge-12-ransomware/src/top_secret.txt.enc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-12-ransomware/src/top_secret.txt.enc -------------------------------------------------------------------------------- /challenge-12-ransomware/src/transactions.txt.enc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-12-ransomware/src/transactions.txt.enc -------------------------------------------------------------------------------- /challenge-12-ransomware/src/very_important.txt.enc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-12-ransomware/src/very_important.txt.enc -------------------------------------------------------------------------------- /challenge-12-ransomware/src/zencrypt.py: -------------------------------------------------------------------------------- 1 | import os 2 | from Crypto.Cipher import AES 3 | from Crypto.Util.Padding import pad 4 | 5 | key = os.urandom(16) 6 | dr = 'plain/' 7 | files = os.listdir(os.curdir+'/'+dr) 8 | 9 | for i, f in enumerate(files): 10 | if f.endswith('.txt') or f.endswith('.png'): 11 | cipher = AES.new(key, AES.MODE_ECB) 12 | with open(dr+f, 'rb') as fr: 13 | with open(f+'.enc', 'wb') as fw: 14 | padded = pad(fr.read(), 16) 15 | fw.write(bytes([key[i]]) + cipher.encrypt(padded)) -------------------------------------------------------------------------------- /challenge-12-ransomware/writeup/deep_web_results.txt.enc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-12-ransomware/writeup/deep_web_results.txt.enc -------------------------------------------------------------------------------- /challenge-12-ransomware/writeup/dont_open_me.txt.enc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-12-ransomware/writeup/dont_open_me.txt.enc -------------------------------------------------------------------------------- /challenge-12-ransomware/writeup/extremely_important.txt.enc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-12-ransomware/writeup/extremely_important.txt.enc -------------------------------------------------------------------------------- /challenge-12-ransomware/writeup/fake_flag!1!!!1.txt.enc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-12-ransomware/writeup/fake_flag!1!!!1.txt.enc -------------------------------------------------------------------------------- /challenge-12-ransomware/writeup/fbi_open_up.txt.enc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-12-ransomware/writeup/fbi_open_up.txt.enc -------------------------------------------------------------------------------- /challenge-12-ransomware/writeup/flag.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-12-ransomware/writeup/flag.png -------------------------------------------------------------------------------- /challenge-12-ransomware/writeup/flag.png.enc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-12-ransomware/writeup/flag.png.enc -------------------------------------------------------------------------------- /challenge-12-ransomware/writeup/please_dont.txt.enc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-12-ransomware/writeup/please_dont.txt.enc -------------------------------------------------------------------------------- /challenge-12-ransomware/writeup/random.txt.enc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-12-ransomware/writeup/random.txt.enc -------------------------------------------------------------------------------- /challenge-12-ransomware/writeup/readme.txt.enc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-12-ransomware/writeup/readme.txt.enc -------------------------------------------------------------------------------- /challenge-12-ransomware/writeup/really_important.txt.enc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-12-ransomware/writeup/really_important.txt.enc -------------------------------------------------------------------------------- /challenge-12-ransomware/writeup/secret_flag.txt.enc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-12-ransomware/writeup/secret_flag.txt.enc -------------------------------------------------------------------------------- /challenge-12-ransomware/writeup/top_secret.txt.enc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-12-ransomware/writeup/top_secret.txt.enc -------------------------------------------------------------------------------- /challenge-12-ransomware/writeup/transactions.txt.enc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-12-ransomware/writeup/transactions.txt.enc -------------------------------------------------------------------------------- /challenge-12-ransomware/writeup/very_important.txt.enc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-12-ransomware/writeup/very_important.txt.enc -------------------------------------------------------------------------------- /challenge-12-ransomware/writeup/zsolve.py: -------------------------------------------------------------------------------- 1 | import os 2 | from Crypto.Cipher import AES 3 | from Crypto.Util.Padding import unpad 4 | 5 | files = os.listdir(os.curdir) 6 | 7 | key = b'' 8 | 9 | for f in files: 10 | if f.endswith('.enc'): 11 | with open(f, 'rb') as fr: 12 | key += fr.read()[:1] 13 | for b1 in range(256): 14 | for b2 in range(256): 15 | test_key = key + bytes([b1]) + bytes([b2]) 16 | cipher = AES.new(test_key, AES.MODE_ECB) 17 | with open('flag.png.enc', 'rb') as f: 18 | pt = cipher.decrypt(f.read()[1:]) 19 | if pt.startswith(b'\x89PNG'): 20 | print(f'RECOVERED KEY = {test_key}') 21 | with open('flag.png', 'wb') as f: 22 | f.write(unpad(pt, 16)) 23 | exit(0) -------------------------------------------------------------------------------- /challenge-demo-01-web-cooking/Makefile: -------------------------------------------------------------------------------- 1 | default: print 2 | tar cvf dist/docker-challenge.tar -C src html Dockerfile flag.txt 3 | @echo Challenge compiled. 4 | 5 | print: 6 | @echo Current Flag: $$(cat src/flag.txt) 7 | 8 | change: print changeflag clean default print 9 | 10 | changeflag: 11 | $(shell bash -c 'read -p "New Flag: " flag; echo $$flag > src/flag.txt') 12 | @echo Flag changed. 13 | 14 | clean: 15 | rm -f dist/docker-challenge.tar 16 | @echo Challenge cleaned. 17 | -------------------------------------------------------------------------------- /challenge-demo-01-web-cooking/challenge.yml: -------------------------------------------------------------------------------- 1 | # This file represents the base specification of your challenge. It is used by 2 | # other tools to install and deploy your challenge. 3 | 4 | # Required sections 5 | name: "Μαγειρική στο Διαδίκτυο" 6 | author: "Athanasios Vasileios Grammatopoulos " 7 | homepage: "https://ssl.ds.unipi.gr/" 8 | category: Παγκόσμιος Ιστός 9 | description: "![cookies](/files/865af97576cd9ada9557c766f3d24d21/challenge_demo_01.png)\n\nΑυτή η ιστοσελίδα λένε πως έχει τις καλύτερες συνταγές για γλυκά. Μου είπαν πως η συνταγή για τα μπισκότα είναι η καλύτερη! Δυστυχώς όμως δεν είναι διαθέσιμη πια…" 10 | value: 1 11 | type: standard 12 | 13 | # The extra field provides additional fields for data during the install/sync commands/ 14 | # Fields in extra can be used to supply additional information for other challenge types 15 | # For example the follow extra field is for dynamic challenges. To use these following 16 | # extra fields, set the type to "dynamic" and uncomment the "extra" section below 17 | #extra: 18 | # initial: 600 19 | # decay: 25 20 | # minimum: 25 21 | 22 | # connection_info is used to provide a link, hostname, or instructions on how to connect to a challenge 23 | connection_info: http://challenge-web-cooking.ctflib.eu 24 | 25 | # Flags specify answers that your challenge use. You should generally provide at least one. 26 | # Can be removed if unused 27 | # Accepts strings or dictionaries of CTFd API data 28 | flags: 29 | # A static case sensitive flag 30 | - CTFLIB{cre4T1nG-w3b-cO0kies-1s-fUn} 31 | 32 | # Topics are used to help tell what techniques/information a challenge involves 33 | # They are generally only visible to admins 34 | # Accepts strings 35 | topics: 36 | #- 37 | 38 | 39 | # Tags are used to provide additional public tagging to a challenge 40 | # Can be removed if unused 41 | # Accepts strings 42 | tags: 43 | - Demo 44 | - Εύκολη 45 | - Παγκόσμιος Ιστός 46 | - Web 47 | 48 | # Provide paths to files from the same directory that this file is in 49 | # Accepts strings 50 | files: 51 | #- no files 52 | 53 | # Hints are used to give players a way to buy or have suggestions. They are not 54 | # required but can be nice. 55 | # Can be removed if unused 56 | # Accepts dictionaries or strings 57 | hints: 58 | - { 59 | content: "Σε αυτήν την δοκιμασία η κρυμμένη σημαία (flag) είναι της μορφής: `CTFLIB{ex4mpl3-fl4g}`", 60 | cost: 0 61 | } 62 | 63 | # The state of the challenge. 64 | # If the field is omitted, the challenge is visible by default. 65 | # If provided, the field can take one of two values: hidden, visible. 66 | state: hidden 67 | 68 | # Specifies what version of the challenge specification was used. 69 | # Subject to change until ctfcli v1.0.0 70 | version: "0.1" 71 | -------------------------------------------------------------------------------- /challenge-demo-01-web-cooking/src/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM php:apache 2 | LABEL maintainer="gramthanos@gmail.com" 3 | 4 | # Copy challenge files 5 | RUN rm -rf /var/www/html 6 | COPY html /var/www/html 7 | COPY flag.txt /var/www/flag.txt 8 | RUN chown -R www-data:www-data /var/www/html /var/www/flag.txt 9 | 10 | # Expose port 11 | EXPOSE 80 12 | -------------------------------------------------------------------------------- /challenge-demo-01-web-cooking/src/flag.txt: -------------------------------------------------------------------------------- 1 | CTFLIB{cre4T1nG-w3b-cO0kies-1s-fUn} 2 | -------------------------------------------------------------------------------- /challenge-demo-01-web-cooking/src/html/include/webcookies.php: -------------------------------------------------------------------------------- 1 | 6 | 7 | 8 | 9 | 10 | 11 | Cooking Recipes 12 | 13 | 14 | 15 | 36 | 37 |
38 | Awesome recipes for everyone!
39 | Pick the one that you like from the menu above! 40 |
41 | 42 | 43 | 44 | 45 | -------------------------------------------------------------------------------- /challenge-demo-01-web-cooking/src/html/tiramisu.php: -------------------------------------------------------------------------------- 1 | 6 | 7 | 8 | 9 | 10 | 11 | Cooking Recipes 12 | 13 | 14 | 15 | 36 | 37 |
38 |

Tiramisu Recipe

39 | Here is the recipe to make a Tiramisu: 40 |
    41 |
  • Mix creamy filling. Beat the mascarpone, cream, sugar, and vanilla together until stiff peaks.
    • 42 |
  • Dip lady fingers. Add the espresso and liqueur (if using) to a shallow bowl and dip the lady fingers on both sides (don’t let them soak–just a quick dip!)
    • 43 |
  • Layer mascarpone. Smooth a layer of the mascarpone/whipped cream mixture on top of the lady fingers.
    • 44 |
  • Repeat. Add another layer of lady fingers (dipped in coffee and liqueur) and another layer of cheese mixture. Dust with cocoa powder.
    • 45 |
46 |
47 | 48 | 49 | 50 | 51 | -------------------------------------------------------------------------------- /challenge-demo-01-web-cooking/writeup/README.md: -------------------------------------------------------------------------------- 1 | # Μαγειρική στο Διαδίκτυο Write-Up 2 | 3 | 4 | 5 | | Δοκιμασία | Μαγειρική στο Διαδίκτυο | 6 | | :------- | :----- | 7 | | Δυσκολία | Εύκολη | 8 | | Κατηγορία | Demo, Παγκόσμιος Ιστός (Web) | 9 | | Λύσεις | 29 | 10 | | Πόντοι | 0 | 11 | 12 | ## Περιγραφή Δοκιμασίας 13 | 14 | Στην περιγραφή της δοκιμασίας περιγράφετε πως έχουμε μια ιστοσελίδα με συνταγές και εμείς πρέπει να διαβάσουμε την συνταγή για τα μπισκότα, η οποί όμως δεν είναι διαθέσιμη πια στην σελίδα. 15 | 16 | ## Επίλυση 17 | 18 | Ανοίγουμε την σελίδα της δοκιμασίας http://challenge-web-cooking.ctflib.eu και πάμε στην συνταγή για τα μπισκότα: 19 | 20 | ![](cookie-recipe-blocked.png) 21 | 22 | Αλλά η συνταγή δεν είναι πλέον διαθέσιμη και το μήνυμα αναφέρει πως μόνο οι διαχειριστές μπορούν να την δουν. 23 | 24 | Για να δει η σελίδα αν είμαστε διαχειριστής μπορεί να κοιτάει τα cookies του browser μας. Για αυτό ας ανοίξουμε τα εργαλεία προγραμματιστή για να δούμε τι cookies έχει ο browser μας στην σελίδα αυτή: 25 | 26 | ![](cookies-developer-tools.png) 27 | 28 | Βλέπουμε πως υπάρχει ένα cookie με το όνομα `is-admin` το οποίο είναι `false`. Τι θα γίνει άραγε α το κάνουμε `true`; Για να δούμε... κάνουμε διπλό κλικ και αλλάζουμε την τιμή: 29 | 30 | ![](cookies-developer-tools-edited.png) 31 | 32 | Τώρα κάνουμε ανανέωση της σελίδα για να δούμε τι θα γίνει: 33 | 34 | ![](cookie-recipe-unblocked.png) 35 | 36 | Τέτοια! Η σελίδα τώρα νομίζει πως είμαστε διαχειριστές και μας έδωσε την συνταγή. 37 | 38 | ## Σημαία 39 | 40 | ``` 41 | CTFLIB{cre4T1nG-w3b-cO0kies-1s-fUn} 42 | ``` 43 | -------------------------------------------------------------------------------- /challenge-demo-01-web-cooking/writeup/cookie-recipe-blocked.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-demo-01-web-cooking/writeup/cookie-recipe-blocked.png -------------------------------------------------------------------------------- /challenge-demo-01-web-cooking/writeup/cookie-recipe-unblocked.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-demo-01-web-cooking/writeup/cookie-recipe-unblocked.png -------------------------------------------------------------------------------- /challenge-demo-01-web-cooking/writeup/cookies-developer-tools-edited.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-demo-01-web-cooking/writeup/cookies-developer-tools-edited.png -------------------------------------------------------------------------------- /challenge-demo-01-web-cooking/writeup/cookies-developer-tools.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-demo-01-web-cooking/writeup/cookies-developer-tools.png -------------------------------------------------------------------------------- /challenge-demo-02-the-bar-at-caesar-street/challenge.yml: -------------------------------------------------------------------------------- 1 | # This file represents the base specification of your challenge. It is used by 2 | # other tools to install and deploy your challenge. 3 | 4 | # Required sections 5 | name: "Το bar στην οδό Καίσαρα" 6 | author: "Michalis Takaronis " 7 | homepage: "https://ssl.ds.unipi.gr/" 8 | category: Κρυπτογραφία 9 | description: "![bar](/files/d6a3104232477a626070ec0256b59663/challenge_demo_02.png)\n\nO Σέρλοκ Χολμς και ο Δρ. Γουάτσον χρειάζονται την βοήθεια σου. Τα στοιχεία που έχουν μαζέψει αποκάλυψαν πως ο ύποπτος που ψάχνουν κρύβεται σε ένα μυστηριώδες bar στην οδό Καίσαρα. Το μαγαζί όμως δεν είναι ανοιχτό προς όλους αφού ένας σωματοφύλακας στην πόρτα του αφήνει να μπουν μόνο όσοι γνωρίζουν τη μυστική φράση. Το μόνο στοιχείο που έχουν για την κωδική λέξη είναι ένα κρυπτογραφημένο μήνυμα και έναν αριθμό. Μπορείς να ρίξεις φως στο μυστήριο και να ανακαλύψεις την φράση κλειδί να μπουν στο bar χωρίς να κινήσουν υποψίες;\n\nΤα στοιχεία είναι:\n- το Κρυπτογραφημένο Μήνυμα `wkh sdvvsukdvh lv vfduohw` και\n- ο Αριθμός `23`" 10 | value: 1 11 | type: standard 12 | 13 | # The extra field provides additional fields for data during the install/sync commands/ 14 | # Fields in extra can be used to supply additional information for other challenge types 15 | # For example the follow extra field is for dynamic challenges. To use these following 16 | # extra fields, set the type to "dynamic" and uncomment the "extra" section below 17 | #extra: 18 | # initial: 600 19 | # decay: 25 20 | # minimum: 25 21 | 22 | # Flags specify answers that your challenge use. You should generally provide at least one. 23 | # Can be removed if unused 24 | # Accepts strings or dictionaries of CTFd API data 25 | flags: 26 | # A static case sensitive flag 27 | - FLAG{w3_l0VE_C4eS4r_c1ph3R} 28 | 29 | # Topics are used to help tell what techniques/information a challenge involves 30 | # They are generally only visible to admins 31 | # Accepts strings 32 | topics: 33 | #- 34 | 35 | 36 | # Tags are used to provide additional public tagging to a challenge 37 | # Can be removed if unused 38 | # Accepts strings 39 | tags: 40 | - Demo 41 | - Εύκολη 42 | - Κρυπτογραφία 43 | - Cryptography 44 | 45 | # Provide paths to files from the same directory that this file is in 46 | # Accepts strings 47 | files: 48 | - dist/crypto_pass_word_check.zip 49 | 50 | # Hints are used to give players a way to buy or have suggestions. They are not 51 | # required but can be nice. 52 | # Can be removed if unused 53 | # Accepts dictionaries or strings 54 | hints: 55 | #- { 56 | # content: "Thi is affected by corrupted magic power!", 57 | # cost: 0 58 | #} 59 | 60 | # The state of the challenge. 61 | # If the field is omitted, the challenge is visible by default. 62 | # If provided, the field can take one of two values: hidden, visible. 63 | state: hidden 64 | 65 | # Specifies what version of the challenge specification was used. 66 | # Subject to change until ctfcli v1.0.0 67 | version: "0.1" 68 | -------------------------------------------------------------------------------- /challenge-demo-02-the-bar-at-caesar-street/dist/crypto_pass_word_check.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-demo-02-the-bar-at-caesar-street/dist/crypto_pass_word_check.zip -------------------------------------------------------------------------------- /challenge-demo-02-the-bar-at-caesar-street/writeup/README.md: -------------------------------------------------------------------------------- 1 | # Το bar στην οδό Καίσαρα Write-Up 2 | 3 | 4 | 5 | | Δοκιμασία | Το bar στην οδό Καίσαρα | 6 | | :------- | :----- | 7 | | Δυσκολία | Εύκολη | 8 | | Κατηγορία | Demo, Κρυπτογραφία (Cryptography) | 9 | | Λύσεις | 33 | 10 | | Πόντοι | 0 | 11 | 12 | ## Περιγραφή Δοκιμασίας 13 | 14 | ``` 15 | O Σέρλοκ Χολμς και ο Δρ. Γουάτσον χρειάζονται την βοήθεια σου. Τα στοιχεία που έχουν μαζέψει αποκάλυψαν πως ο ύποπτος που ψάχνουν κρύβεται σε ένα μυστηριώδες bar στην οδό Καίσαρα. Το μαγαζί όμως δεν είναι ανοιχτό προς όλους αφού ένας σωματοφύλακας στην πόρτα του αφήνει να μπουν μόνο όσοι γνωρίζουν τη μυστική φράση. Το μόνο στοιχείο που έχουν για την κωδική λέξη είναι ένα κρυπτογραφημένο μήνυμα και έναν αριθμό. Μπορείς να ρίξεις φως στο μυστήριο και να ανακαλύψεις την φράση κλειδί να μπουν στο bar χωρίς να κινήσουν υποψίες; 16 | 17 | Τα στοιχεία είναι: 18 | 19 | το Κρυπτογραφημένο Μήνυμα wkh sdvvsukdvh lv vfduohw και 20 | ο Αριθμός 23 21 | ``` 22 | 23 | ## Επίλυση 24 | 25 | Από την περιγραφή και τον τίτλο της δοκιμασίας καταλαβαίνουμε πως το μήνυμα `wkh sdvvsukdvh lv vfduohw` είναι Caesar Cipher το οποίο μπορούμε να αποκρυπτογραφήσουμε με το χέρι ή με κάποιο εργαλείο σαν το [Caesar Cipher Decoder](https://www.dcode.fr/caesar-cipher). Ο αριθμός `23` που μας δίνεται φαίνεται να είναι το κλειδί της κρυπτογράφησης. 26 | 27 | ![](decoder.png) 28 | 29 | Με την αποκρυπτογράφηση βγαίνει το μήνυμα `the passprhase is scarlet`. Με την κωδική λέξη `scarlet` μπορούμε να ανοίξουμε το `zip` και να διαβάσουμε την σημαία. 30 | 31 | ## Σημαία 32 | 33 | ``` 34 | FLAG{w3_l0VE_C4eS4r_c1ph3R} 35 | ``` 36 | -------------------------------------------------------------------------------- /challenge-demo-02-the-bar-at-caesar-street/writeup/decoder.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-demo-02-the-bar-at-caesar-street/writeup/decoder.png -------------------------------------------------------------------------------- /challenge-demo-03-corrupted-image/challenge.yml: -------------------------------------------------------------------------------- 1 | # This file represents the base specification of your challenge. It is used by 2 | # other tools to install and deploy your challenge. 3 | 4 | # Required sections 5 | name: "Κατεστραμμένη Φωτογραφία" 6 | author: "Athanasios Vasileios Grammatopoulos " 7 | homepage: "https://ssl.ds.unipi.gr/" 8 | category: Διάφορα 9 | description: "![camera](/files/4b312a664d3f73ca350bf0b7295e94db/challenge_demo_03.png)\n\nΜου έστειλε ένας φίλος μια φωτογραφία αλλά δεν μπορώ να την ανοίξω… κάτι δεν πάει καλά.\nΜπορείς να του ρίξεις μια ματιά;" 10 | value: 1 11 | type: standard 12 | 13 | # The extra field provides additional fields for data during the install/sync commands/ 14 | # Fields in extra can be used to supply additional information for other challenge types 15 | # For example the follow extra field is for dynamic challenges. To use these following 16 | # extra fields, set the type to "dynamic" and uncomment the "extra" section below 17 | #extra: 18 | # initial: 600 19 | # decay: 25 20 | # minimum: 25 21 | 22 | # Flags specify answers that your challenge use. You should generally provide at least one. 23 | # Can be removed if unused 24 | # Accepts strings or dictionaries of CTFd API data 25 | flags: 26 | # A static case sensitive flag 27 | - FLAG{y0u_kNoW_1f_I_w4NT_1_cAN_b3_4N_1Mag3} 28 | 29 | # Topics are used to help tell what techniques/information a challenge involves 30 | # They are generally only visible to admins 31 | # Accepts strings 32 | topics: 33 | #- 34 | 35 | 36 | # Tags are used to provide additional public tagging to a challenge 37 | # Can be removed if unused 38 | # Accepts strings 39 | tags: 40 | - Demo 41 | - Εύκολη 42 | - Διάφορα 43 | - Misc 44 | 45 | # Provide paths to files from the same directory that this file is in 46 | # Accepts strings 47 | files: 48 | - dist/misc_corrupted_image.zip 49 | 50 | # Hints are used to give players a way to buy or have suggestions. They are not 51 | # required but can be nice. 52 | # Can be removed if unused 53 | # Accepts dictionaries or strings 54 | hints: 55 | #- { 56 | # content: "Thi is affected by corrupted magic power!", 57 | # cost: 0 58 | #} 59 | 60 | # The state of the challenge. 61 | # If the field is omitted, the challenge is visible by default. 62 | # If provided, the field can take one of two values: hidden, visible. 63 | state: hidden 64 | 65 | # Specifies what version of the challenge specification was used. 66 | # Subject to change until ctfcli v1.0.0 67 | version: "0.1" 68 | -------------------------------------------------------------------------------- /challenge-demo-03-corrupted-image/dist/misc_corrupted_image.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-demo-03-corrupted-image/dist/misc_corrupted_image.zip -------------------------------------------------------------------------------- /challenge-demo-03-corrupted-image/writeup/README.md: -------------------------------------------------------------------------------- 1 | # Κατεστραμμένη Φωτογραφία Write-Up 2 | 3 | 4 | 5 | | Δοκιμασία | Κατεστραμμένη Φωτογραφία | 6 | | :------- | :----- | 7 | | Δυσκολία | Εύκολη | 8 | | Κατηγορία | Demo, Διάφορα (Misc) | 9 | | Λύσεις | 34 | 10 | | Πόντοι | 0 | 11 | 12 | ## Περιγραφή Δοκιμασίας 13 | 14 | Η περιγραφή της δοκιμασίας μας αναφέρει: 15 | ``` 16 | Μου έστειλε ένας φίλος μια φωτογραφία αλλά δεν μπορώ να την ανοίξω… κάτι δεν πάει καλά. Μπορείς να του ρίξεις μια ματιά; 17 | ``` 18 | 19 | Παράλληλα μας δίνει ένα `zip` με ένα αρχείο `png`. 20 | 21 | ## Επίλυση 22 | 23 | Ανοίγοντας την φωτογραφία εμφανίζεται ένα μήνυμα πως η φωτογραφία είναι κατεστραμμένη. 24 | 25 | ![](corrupted-image.png) 26 | 27 | Δοκιμάζουμε να ανοίξουμε την φωτογραφία με ένα επεξεργαστή κειμένου (notepad, notepad++, sublime text κτλ.). Με το που το ανοίξουμε βλέπουμε πως δεν είναι φωτογραφία αλλά αρχείο κειμένου: 28 | 29 | ![](corrupted-image-hex.png) 30 | 31 | ``` 32 | Things are not always what they seem. 33 | Here is your flag: 34 | 35 | FLAG{y0u_kNoW_1f_I_w4NT_1_cAN_b3_4N_1Mag3} 36 | 37 | ``` 38 | 39 | ## Σημαία 40 | 41 | ``` 42 | FLAG{y0u_kNoW_1f_I_w4NT_1_cAN_b3_4N_1Mag3} 43 | ``` 44 | -------------------------------------------------------------------------------- /challenge-demo-03-corrupted-image/writeup/corrupted-image-hex.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-demo-03-corrupted-image/writeup/corrupted-image-hex.png -------------------------------------------------------------------------------- /challenge-demo-03-corrupted-image/writeup/corrupted-image.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-demo-03-corrupted-image/writeup/corrupted-image.png -------------------------------------------------------------------------------- /challenge-demo-04-weird-shapes/challenge.yml: -------------------------------------------------------------------------------- 1 | # This file represents the base specification of your challenge. It is used by 2 | # other tools to install and deploy your challenge. 3 | 4 | # Required sections 5 | name: "Περίεργα Σχήματα" 6 | author: "Athanasios Vasileios Grammatopoulos " 7 | homepage: "https://ssl.ds.unipi.gr/" 8 | category: Ψηφιακή Εγκληματολογία 9 | description: "![symbols](/files/72528e7bc6f068c0d502c17efbf54a12/challenge_demo_04.png)\n\nΕίμαι μέλος σε ένα forum στο διαδίκτυο με θέμα τα μυστήρια. Ένας ανώνυμος χρήστης σήμερα ανέβασε ένα έγγραφο με ένα πολύπλοκο σχήμα και προσπαθούμε να βρούμε ποιος το έφτιαξε.\nΜπορείς να μας βοηθήσεις;" 10 | value: 1 11 | type: standard 12 | 13 | # The extra field provides additional fields for data during the install/sync commands/ 14 | # Fields in extra can be used to supply additional information for other challenge types 15 | # For example the follow extra field is for dynamic challenges. To use these following 16 | # extra fields, set the type to "dynamic" and uncomment the "extra" section below 17 | #extra: 18 | # initial: 600 19 | # decay: 25 20 | # minimum: 25 21 | 22 | # Flags specify answers that your challenge use. You should generally provide at least one. 23 | # Can be removed if unused 24 | # Accepts strings or dictionaries of CTFd API data 25 | flags: 26 | # A static case sensitive flag 27 | - FLAG{ArT1fiC1aL-iNT3l1iGenC3-1S-r3AlLy-4wES0m3} 28 | 29 | # Topics are used to help tell what techniques/information a challenge involves 30 | # They are generally only visible to admins 31 | # Accepts strings 32 | topics: 33 | #- 34 | 35 | 36 | # Tags are used to provide additional public tagging to a challenge 37 | # Can be removed if unused 38 | # Accepts strings 39 | tags: 40 | - Demo 41 | - Εύκολη 42 | - Ψηφιακή Εγκληματολογία 43 | - Forensics 44 | 45 | # Provide paths to files from the same directory that this file is in 46 | # Accepts strings 47 | files: 48 | - dist/forensics_weird_shapes.zip 49 | 50 | # Hints are used to give players a way to buy or have suggestions. They are not 51 | # required but can be nice. 52 | # Can be removed if unused 53 | # Accepts dictionaries or strings 54 | hints: 55 | #- { 56 | # content: "Thi is affected by corrupted magic power!", 57 | # cost: 0 58 | #} 59 | 60 | # The state of the challenge. 61 | # If the field is omitted, the challenge is visible by default. 62 | # If provided, the field can take one of two values: hidden, visible. 63 | state: hidden 64 | 65 | # Specifies what version of the challenge specification was used. 66 | # Subject to change until ctfcli v1.0.0 67 | version: "0.1" 68 | -------------------------------------------------------------------------------- /challenge-demo-04-weird-shapes/dist/forensics_weird_shapes.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-demo-04-weird-shapes/dist/forensics_weird_shapes.zip -------------------------------------------------------------------------------- /challenge-demo-04-weird-shapes/writeup/README.md: -------------------------------------------------------------------------------- 1 | # Περίεργα Σχήματα Write-Up 2 | 3 | 4 | 5 | | Δοκιμασία | Περίεργα Σχήματα | 6 | | :------- | :----- | 7 | | Δυσκολία | Εύκολη | 8 | | Κατηγορία | Demo, Ψηφιακή Εγκληματολογία (Forensics) | 9 | | Λύσεις | 31 | 10 | | Πόντοι | 0 | 11 | 12 | ## Περιγραφή Δοκιμασίας 13 | 14 | Η περιγραφή της δοκιμασίας μας αναφέρει: 15 | ``` 16 | Είμαι μέλος σε ένα forum στο διαδίκτυο με θέμα τα μυστήρια. Ένας ανώνυμος χρήστης σήμερα ανέβασε ένα έγγραφο με ένα πολύπλοκο σχήμα και προσπαθούμε να βρούμε ποιος το έφτιαξε. Μπορείς να μας βοηθήσεις; 17 | ``` 18 | 19 | Παράλληλα μας δίνει ένα `zip` με ένα αρχείο `pdf`. 20 | 21 | ## Επίλυση 22 | 23 | Ανοίγοντας το αρχείο PDF βλέπουμε μια εικόνα με σχήματα. Για να βρούμε ποιος δημιούργησε το έγγραφο κοιτάμε τα metadata του αρχείου πηγαίνοντας στο μενού `File > Properties...`. 24 | 25 | ![](document-properties.png) 26 | 27 | Και βρίσκουμε την σημαία δίπλα στο πεδίο του `Author`. 28 | 29 | ## Σημαία 30 | 31 | ``` 32 | FLAG{ArT1fiC1aL-iNT3l1iGenC3-1S-r3AlLy-4wES0m3} 33 | ``` 34 | -------------------------------------------------------------------------------- /challenge-demo-04-weird-shapes/writeup/document-properties.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-demo-04-weird-shapes/writeup/document-properties.png -------------------------------------------------------------------------------- /challenge-extra-01-what-the-hash/challenge.yml: -------------------------------------------------------------------------------- 1 | # This file represents the base specification of your challenge. It is used by 2 | # other tools to install and deploy your challenge. 3 | 4 | # Required sections 5 | name: "What the HASH!" 6 | author: "Michalis Takaronis " 7 | homepage: "https://ssl.ds.unipi.gr/" 8 | category: Διάφορα 9 | description: "![machine](/files/3ba7aa5330b9382078374c7e51e5de8b/challenge_extra_01.png)\n\nΟ CΤΟ της εταιρείας σου ανέθεσε να μάθεις στους νέους υπαλλήλους του τμήματος κυβερνοασφάλειας τεχνικές password cracking." 10 | value: 600 11 | type: dynamic 12 | 13 | # The extra field provides additional fields for data during the install/sync commands/ 14 | # Fields in extra can be used to supply additional information for other challenge types 15 | # For example the follow extra field is for dynamic challenges. To use these following 16 | # extra fields, set the type to "dynamic" and uncomment the "extra" section below 17 | extra: 18 | initial: 600 19 | decay: 20 20 | minimum: 200 21 | 22 | # Flags specify answers that your challenge use. You should generally provide at least one. 23 | # Can be removed if unused 24 | # Accepts strings or dictionaries of CTFd API data 25 | flags: 26 | # A static case sensitive flag 27 | - { 28 | type: "static", 29 | content: "FLAG{9ec6518f2ee7c8df503a7500446dd466}", 30 | data: "case_insensitive", 31 | } 32 | 33 | # Topics are used to help tell what techniques/information a challenge involves 34 | # They are generally only visible to admins 35 | # Accepts strings 36 | topics: 37 | - Εισαγωγικές γνώσεις για hash cracking 38 | - Εισαγωγικές γνώσεις για hash συναρτήσεις 39 | - Γνώσεις χρήσης του Hashcat 40 | 41 | # Tags are used to provide additional public tagging to a challenge 42 | # Can be removed if unused 43 | # Accepts strings 44 | tags: 45 | - Εύκολη 46 | - Διάφορα 47 | - Misc 48 | 49 | # Provide paths to files from the same directory that this file is in 50 | # Accepts strings 51 | files: 52 | - dist/hashes.zip 53 | 54 | # Hints are used to give players a way to buy or have suggestions. They are not 55 | # required but can be nice. 56 | # Can be removed if unused 57 | # Accepts dictionaries or strings 58 | hints: 59 | #- { 60 | # content: "Thi is affected by corrupted magic power!", 61 | # cost: 0 62 | #} 63 | 64 | # The state of the challenge. 65 | # If the field is omitted, the challenge is visible by default. 66 | # If provided, the field can take one of two values: hidden, visible. 67 | state: hidden 68 | 69 | # Specifies what version of the challenge specification was used. 70 | # Subject to change until ctfcli v1.0.0 71 | version: "0.1" 72 | -------------------------------------------------------------------------------- /challenge-extra-01-what-the-hash/dist/hashes.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-01-what-the-hash/dist/hashes.zip -------------------------------------------------------------------------------- /challenge-extra-01-what-the-hash/src/hash1: -------------------------------------------------------------------------------- 1 | fb585b17289598a563579ac921202d0325ecc954 2 | -------------------------------------------------------------------------------- /challenge-extra-01-what-the-hash/src/hash2: -------------------------------------------------------------------------------- 1 | 41a7fde8875b7ad470c8352bdce1955e5e1f6902b5679891f7e8a9d9fca238b9:admin 2 | -------------------------------------------------------------------------------- /challenge-extra-01-what-the-hash/src/hashes3: -------------------------------------------------------------------------------- 1 | 3fcdcaa8778a8e7cfcceb0d50b9c74ee 2 | cd58d6201da866172cfb4547ac4b88e7 3 | -------------------------------------------------------------------------------- /challenge-extra-01-what-the-hash/src/readme.txt: -------------------------------------------------------------------------------- 1 | Για την ολοκλήρωση της δοκιμασίας πρέπει να ακολουθήσετε τα παρακάτω βήματα: 2 | 3 | 1. Σπάστε τα 4 hashes τα οποία βρίσκονται στα 3 αρχεία που δίνονται 4 | 2. Συνδυάστε τις 4 συμβολοσειρές που βρήκατε από το προηγούμενο βήμα σε 1 συμβολοσειρά. 5 | 2. Κωδικοποιήστε την παραγόμενη συμβολοσειρά με τη συνάρτηση κατακερματισμού (hash) MD5. 6 | 3. Βάλτε το παραγόμενο hash στην μορφή της σημαίας. 7 | 8 | Παράδειγμα: 9 | 10 | Ας υποθέσουμε ότι έχουμε σπάσει τα 4 hashes και έχουμε τα ακόλουθα αποτελέσματα: 11 | 12 | αρχείο hash1 - StringA 13 | αρχείο hash2 - StringB 14 | αρχείο hashes3 1o hash - StringC 15 | αρχείο hashes3 1o hash - StringD 16 | 17 | Για να λύσουμε την πρόκληση πρέπει: 18 | 19 | 1. Να συνδυάσουμε τις 4 συμβολοσειρές: StringAStringBStringCStringD 20 | 2. Να κωδικοποιήσουμε την παραγόμενη συμβολοσειρά με τη συνάρτηση κατακερματισμού MD5: 16d4d419dad4e7e99d8fbcafbfbb07e0 21 | 3. Βάλτε το παραγόμενο hash στην μορφή της σημαίας: FLAG{16d4d419dad4e7e99d8fbcafbfbb07e0} 22 | -------------------------------------------------------------------------------- /challenge-extra-01-what-the-hash/writeup/hash_1/hash: -------------------------------------------------------------------------------- 1 | fb585b17289598a563579ac921202d0325ecc954 2 | -------------------------------------------------------------------------------- /challenge-extra-01-what-the-hash/writeup/hash_1/sha1_command.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-01-what-the-hash/writeup/hash_1/sha1_command.png -------------------------------------------------------------------------------- /challenge-extra-01-what-the-hash/writeup/hash_1/sha1_cracked.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-01-what-the-hash/writeup/hash_1/sha1_cracked.png -------------------------------------------------------------------------------- /challenge-extra-01-what-the-hash/writeup/hash_2/Screenshot at 2022-10-21 14-14-36.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-01-what-the-hash/writeup/hash_2/Screenshot at 2022-10-21 14-14-36.png -------------------------------------------------------------------------------- /challenge-extra-01-what-the-hash/writeup/hash_2/Screenshot at 2022-10-21 14-15-01.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-01-what-the-hash/writeup/hash_2/Screenshot at 2022-10-21 14-15-01.png -------------------------------------------------------------------------------- /challenge-extra-01-what-the-hash/writeup/hash_2/hash: -------------------------------------------------------------------------------- 1 | 41a7fde8875b7ad470c8352bdce1955e5e1f6902b5679891f7e8a9d9fca238b9:admin 2 | -------------------------------------------------------------------------------- /challenge-extra-01-what-the-hash/writeup/hash_3/command.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-01-what-the-hash/writeup/hash_3/command.png -------------------------------------------------------------------------------- /challenge-extra-01-what-the-hash/writeup/hash_3/hashes: -------------------------------------------------------------------------------- 1 | 3fcdcaa8778a8e7cfcceb0d50b9c74ee 2 | cd58d6201da866172cfb4547ac4b88e7 3 | -------------------------------------------------------------------------------- /challenge-extra-01-what-the-hash/writeup/hash_3/readme.txt: -------------------------------------------------------------------------------- 1 | To complete this level you have to crack 2 hashes. 2 | The final hash will be produced by combining both of them. 3 | 4 | Let's say the cracked passwords are "A" and "B" respectively. 5 | 6 | You have to take AB and combine it with the rest of the cracked passwords. 7 | 8 | -------------------------------------------------------------------------------- /challenge-extra-01-what-the-hash/writeup/hash_3/solve.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-01-what-the-hash/writeup/hash_3/solve.png -------------------------------------------------------------------------------- /challenge-extra-01-what-the-hash/writeup/info.txt: -------------------------------------------------------------------------------- 1 | To complete the specific challenges you have to follow a number of steps. 2 | 3 | 1. Combine the 3 strings. 4 | 2. Encode the produced string with the md5 hash function. 5 | 3. Add the hash to the flag format. 6 | 7 | Example: 8 | 9 | Let's pretend that we've cracked the three hashes and the following results produced: 10 | 11 | 1 - A 12 | 2 - B 13 | 3 - C 14 | 15 | To sovle the challenge we have to: 16 | 17 | 1. Combine the 3 strings: ABC 18 | 2. Encode the produced string with the md5 hash function: 902fbdd2b1df0c4f70b4a5d23525e932 19 | 3. Add the hash to the flag format: FLAG{902fbdd2b1df0c4f70b4a5d23525e932} 20 | -------------------------------------------------------------------------------- /challenge-extra-02-timemachine/challenge.yml: -------------------------------------------------------------------------------- 1 | # This file represents the base specification of your challenge. It is used by 2 | # other tools to install and deploy your challenge. 3 | 4 | # Required sections 5 | name: "Χρονομηχανή" 6 | author: "Athanasios Vasileios Grammatopoulos " 7 | homepage: "https://ssl.ds.unipi.gr/" 8 | category: OSINT 9 | description: "![time](/files/060783fdd1b5ca4dd112ea99ca884e75/challenge_extra_02.png)\n\nΜια σημαία διέρρευσε στην κεντρική ιστοσελίδα του διαγωνισμού πριν μερικές ημέρες. Οι διοργανωτές την κατέβασαν μόλις το αντιλήφθηκαν. Μπορείς να βρεις την σημαία που διέρρευσε;" 10 | value: 600 11 | type: dynamic 12 | 13 | # The extra field provides additional fields for data during the install/sync commands/ 14 | # Fields in extra can be used to supply additional information for other challenge types 15 | # For example the follow extra field is for dynamic challenges. To use these following 16 | # extra fields, set the type to "dynamic" and uncomment the "extra" section below 17 | extra: 18 | initial: 600 19 | decay: 20 20 | minimum: 200 21 | 22 | # Flags specify answers that your challenge use. You should generally provide at least one. 23 | # Can be removed if unused 24 | # Accepts strings or dictionaries of CTFd API data 25 | flags: 26 | # A static case sensitive flag 27 | - FLAG{200fd83c8fbe55df25bfc638e4ee2e746443ff037c78a985005dff0206e103d3} 28 | 29 | # Topics are used to help tell what techniques/information a challenge involves 30 | # They are generally only visible to admins 31 | # Accepts strings 32 | topics: 33 | - Εισαγωγικές γνώσεις σε συλλογή πληροφοριών από ανοικτές πηγές (OSINT) 34 | - Γνώσεις χρήσης του Wayback Machine 35 | 36 | # Tags are used to provide additional public tagging to a challenge 37 | # Can be removed if unused 38 | # Accepts strings 39 | tags: 40 | - Εύκολη 41 | - Συλλογή πληροφοριών από ανοικτές πηγές 42 | - Open Source Intelligence (OSINT) 43 | 44 | # Provide paths to files from the same directory that this file is in 45 | # Accepts strings 46 | files: 47 | #- 48 | 49 | # Hints are used to give players a way to buy or have suggestions. They are not 50 | # required but can be nice. 51 | # Can be removed if unused 52 | # Accepts dictionaries or strings 53 | hints: 54 | #- { 55 | # content: "Thi is affected by corrupted magic power!", 56 | # cost: 0 57 | #} 58 | 59 | # The state of the challenge. 60 | # If the field is omitted, the challenge is visible by default. 61 | # If provided, the field can take one of two values: hidden, visible. 62 | state: hidden 63 | 64 | # Specifies what version of the challenge specification was used. 65 | # Subject to change until ctfcli v1.0.0 66 | version: "0.1" 67 | -------------------------------------------------------------------------------- /challenge-extra-02-timemachine/writeup/README.md: -------------------------------------------------------------------------------- 1 | # Χρονομηχανή Write-Up 2 | 3 | 4 | 5 | | Δοκιμασία | Χρονομηχανή | 6 | | :------- | :----- | 7 | | Δυσκολία | Εύκολη | 8 | | Κατηγορία | Συλλογή πληροφοριών από ανοικτές πηγές (Open Source Intelligence, OSINT) | 9 | | Λύσεις | 10 | 10 | | Πόντοι | 519 | 11 | 12 | ## Επισκόπηση Δοκιμασίας 13 | 14 | Η περιγραφή της δοκιμασίας μας αναφέρει: 15 | ``` 16 | Μια σημαία διέρρευσε στην κεντρική ιστοσελίδα του διαγωνισμού πριν μερικές ημέρες. Οι διοργανωτές την κατέβασαν μόλις το αντιλήφθηκαν. Μπορείς να βρεις την σημαία που διέρρευσε; 17 | ``` 18 | 19 | ## Επίλυση 20 | 21 | Υπάρχουν online ιστοσελίδες οι οποίες μπορούν να μας δείξουν πως ήταν μια ιστοσελίδα στο παρελθόν. Μια από αυτές τις ιστοσελίδες (ίσως η μεγαλύτερη) είναι το [WayBackMachine](https://archive.org/web/). 22 | 23 | 24 | Πηγαίνοντας στην ιστοσελίδα WayBackMachine και αναζητώντας την κυρίως ιστοσελίδα τους διαγωνισμού [https://ecsc.gr/index.php/ethical-hacking-comp/](https://web.archive.org/web/20230000000000*/https://ecsc.gr/index.php/ethical-hacking-comp/) βρίσκουμε αρκετά στιγμιότυπα της σελίδας να έχουν τραβηχθεί: 25 | 26 | ![wayback machine captures](wayback_machine_captures.png) 27 | 28 | Αν ψάξουμε τα προηγούμενα στιγμιότυπα θα δούμε πως στις 10 Φεβρουαρίου ([FEBRUARY 10, 2023 στις 11:28:37](https://web.archive.org/web/20230210112837/https://ecsc.gr/index.php/ethical-hacking-comp/)) είχε διαρρεύσει η σημαία στην σελίδα του. 29 | 30 | ![wayback machine leak](wayback_machine_leak.png) 31 | 32 | ## Σημαία 33 | 34 | ``` 35 | FLAG{200fd83c8fbe55df25bfc638e4ee2e746443ff037c78a985005dff0206e103d3} 36 | ``` 37 | -------------------------------------------------------------------------------- /challenge-extra-02-timemachine/writeup/wayback_machine_captures.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-02-timemachine/writeup/wayback_machine_captures.png -------------------------------------------------------------------------------- /challenge-extra-02-timemachine/writeup/wayback_machine_leak.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-02-timemachine/writeup/wayback_machine_leak.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/Makefile: -------------------------------------------------------------------------------- 1 | default: 2 | cd src && python3 -m pip install -r requirements.txt 3 | cd src && python3 ./generate.py 4 | cd src && zip -r ../dist/misc_mysterious_symbols.zip symbols.png 5 | 6 | clean: 7 | rm -f dist/misc_mysterious_symbols.zip 8 | rm -f src/symbols.png 9 | -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/challenge.yml: -------------------------------------------------------------------------------- 1 | # This file represents the base specification of your challenge. It is used by 2 | # other tools to install and deploy your challenge. 3 | 4 | # Required sections 5 | name: "Μυστηριώδης σύμβολα" 6 | author: "Athanasios Vasileios Grammatopoulos " 7 | homepage: "https://ssl.ds.unipi.gr/" 8 | category: Διάφορα 9 | description: "![symbols](/files/6f1025d71a417021ab4e4254bca87bda/challenge_extra_03.png)\n\nΤι είναι αυτά τα περίεργα σύμβολα;" 10 | value: 600 11 | type: dynamic 12 | 13 | # The extra field provides additional fields for data during the install/sync commands/ 14 | # Fields in extra can be used to supply additional information for other challenge types 15 | # For example the follow extra field is for dynamic challenges. To use these following 16 | # extra fields, set the type to "dynamic" and uncomment the "extra" section below 17 | extra: 18 | initial: 600 19 | decay: 20 20 | minimum: 200 21 | 22 | # connection_info is used to provide a link, hostname, or instructions on how to connect to a challenge 23 | #connection_info: 24 | 25 | # Flags specify answers that your challenge use. You should generally provide at least one. 26 | # Can be removed if unused 27 | # Accepts strings or dictionaries of CTFd API data 28 | flags: 29 | # A static case sensitive flag 30 | - { 31 | type: "static", 32 | content: "FLAG{GOODJOBYOUUNCOVEREDMYSECRETMESSAGE}", 33 | data: "case_insensitive", 34 | } 35 | 36 | # Topics are used to help tell what techniques/information a challenge involves 37 | # They are generally only visible to admins 38 | # Accepts strings 39 | topics: 40 | - Κωδικοποιήσεις 41 | - Pigpen Cipher 42 | 43 | 44 | # Tags are used to provide additional public tagging to a challenge 45 | # Can be removed if unused 46 | # Accepts strings 47 | tags: 48 | - Εύκολη 49 | - Διάφορα 50 | - Misc 51 | 52 | # Provide paths to files from the same directory that this file is in 53 | # Accepts strings 54 | files: 55 | - dist/misc_mysterious_symbols.zip 56 | 57 | # Hints are used to give players a way to buy or have suggestions. They are not 58 | # required but can be nice. 59 | # Can be removed if unused 60 | # Accepts dictionaries or strings 61 | hints: 62 | #- { 63 | # content: "Thi is affected by corrupted magic power!", 64 | # cost: 0 65 | #} 66 | 67 | # The state of the challenge. 68 | # If the field is omitted, the challenge is visible by default. 69 | # If provided, the field can take one of two values: hidden, visible. 70 | state: hidden 71 | 72 | # Specifies what version of the challenge specification was used. 73 | # Subject to change until ctfcli v1.0.0 74 | version: "0.1" 75 | -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/dist/misc_mysterious_symbols.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/dist/misc_mysterious_symbols.zip -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/src/flag.txt: -------------------------------------------------------------------------------- 1 | FLAG{GOODJOBYOUUNCOVEREDMYSECRETMESSAGE} -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/src/generate.py: -------------------------------------------------------------------------------- 1 | import os 2 | import math 3 | from PIL import Image 4 | 5 | # Symbols path 6 | symbols_folder = os.path.join(os.path.dirname(__file__), "pigpen") 7 | symbols_ext = ".png" 8 | 9 | # Load flag 10 | flag = 'flag{this-is-an-example-flag}' 11 | with open('flag.txt') as f: 12 | flag = f.read().strip() 13 | 14 | 15 | # Get symbol size 16 | symbol = Image.open(os.path.join(symbols_folder, "A" + symbols_ext)) 17 | symbols_width, symbols_height = symbol.size 18 | print('Symbols width = ' + str(symbols_width) + 'px, height = ' + str(symbols_height) + 'px') 19 | 20 | cols = math.ceil(math.sqrt(len(flag))) 21 | rows = math.ceil(len(flag) / cols) 22 | print('Message will be ' + str(cols) + ' x ' + str(rows) + ' symbols') 23 | 24 | width = (2 * cols + 1) * symbols_width 25 | height = (2 * rows + 1) * symbols_height 26 | img = Image.new('RGBA', (width, height), color="white") 27 | print('Image will be ' + str(width) + ' x ' + str(height) + ' pixels') 28 | 29 | 30 | for i in range(len(flag)): 31 | offset_x = (2 * (i % cols) + 1) * symbols_width 32 | offset_y = (2 * (i // cols) + 1) * symbols_height 33 | symbol = Image.open(os.path.join(symbols_folder, flag[i].upper() + symbols_ext)) 34 | img.paste(symbol, (offset_x, offset_y), symbol) 35 | 36 | img.save('symbols.png') 37 | print('Image generated') 38 | -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/src/pigpen/A.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/src/pigpen/A.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/src/pigpen/B.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/src/pigpen/B.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/src/pigpen/C.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/src/pigpen/C.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/src/pigpen/D.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/src/pigpen/D.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/src/pigpen/E.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/src/pigpen/E.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/src/pigpen/F.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/src/pigpen/F.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/src/pigpen/G.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/src/pigpen/G.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/src/pigpen/H.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/src/pigpen/H.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/src/pigpen/I.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/src/pigpen/I.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/src/pigpen/J.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/src/pigpen/J.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/src/pigpen/K.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/src/pigpen/K.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/src/pigpen/L.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/src/pigpen/L.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/src/pigpen/M.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/src/pigpen/M.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/src/pigpen/N.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/src/pigpen/N.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/src/pigpen/O.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/src/pigpen/O.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/src/pigpen/P.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/src/pigpen/P.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/src/pigpen/Q.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/src/pigpen/Q.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/src/pigpen/R.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/src/pigpen/R.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/src/pigpen/S.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/src/pigpen/S.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/src/pigpen/T.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/src/pigpen/T.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/src/pigpen/U.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/src/pigpen/U.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/src/pigpen/V.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/src/pigpen/V.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/src/pigpen/W.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/src/pigpen/W.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/src/pigpen/X.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/src/pigpen/X.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/src/pigpen/Y.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/src/pigpen/Y.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/src/pigpen/Z.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/src/pigpen/Z.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/src/pigpen/pigpen-symbols.xcf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/src/pigpen/pigpen-symbols.xcf -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/src/pigpen/{.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/src/pigpen/{.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/src/pigpen/}.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/src/pigpen/}.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/src/requirements.txt: -------------------------------------------------------------------------------- 1 | pillow 2 | -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/src/symbols.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/src/symbols.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/writeup/README.md: -------------------------------------------------------------------------------- 1 | # Μυστηριώδης σύμβολα Write-Up 2 | 3 | 4 | 5 | | Δοκιμασία | Μυστηριώδης σύμβολα | 6 | | :------- | :----- | 7 | | Δυσκολία | Εύκολη | 8 | | Κατηγορία | Διάφορα (Misc) | 9 | | Λύσεις | 30 | 10 | | Πόντοι | 200 | 11 | 12 | ## Επισκόπηση Δοκιμασίας 13 | 14 | Η περιγραφή της δοκιμασίας μας αναφέρει: 15 | ``` 16 | Τι είναι αυτά τα περίεργα σύμβολα; 17 | ``` 18 | 19 | Και μαζί μας δίνεται και ένα zip με μέσα μια εικόνα με σύμβολα: 20 | 21 | ![](symbols.png) 22 | 23 | ## Επίλυση 24 | 25 | Με λίγο ψάξιμο αναγνωρίζουμε πως τα σύμβολα αυτά είναι ένα Pigpen Cipher, το οποίο έχει την ακόλουθη αντιστοίχιση: 26 | 27 | | Σύμβολο | Γράμμα | 28 | | :---------------: | :----: | 29 | | ![](pigpen/A.png) | `A` | 30 | | ![](pigpen/B.png) | `B` | 31 | | ![](pigpen/C.png) | `C` | 32 | | ![](pigpen/D.png) | `D` | 33 | | ![](pigpen/E.png) | `E` | 34 | | ![](pigpen/F.png) | `F` | 35 | | ![](pigpen/G.png) | `G` | 36 | | ![](pigpen/H.png) | `H` | 37 | | ![](pigpen/I.png) | `I` | 38 | | ![](pigpen/J.png) | `J` | 39 | | ![](pigpen/K.png) | `K` | 40 | | ![](pigpen/L.png) | `L` | 41 | | ![](pigpen/M.png) | `M` | 42 | | ![](pigpen/N.png) | `N` | 43 | | ![](pigpen/O.png) | `O` | 44 | | ![](pigpen/P.png) | `P` | 45 | | ![](pigpen/Q.png) | `Q` | 46 | | ![](pigpen/R.png) | `R` | 47 | | ![](pigpen/S.png) | `S` | 48 | | ![](pigpen/T.png) | `T` | 49 | | ![](pigpen/U.png) | `U` | 50 | | ![](pigpen/V.png) | `V` | 51 | | ![](pigpen/W.png) | `W` | 52 | | ![](pigpen/X.png) | `X` | 53 | | ![](pigpen/Y.png) | `Y` | 54 | | ![](pigpen/Z.png) | `Z` | 55 | 56 | Και έχουμε και 2 σύμβολα τα οποία δεν είναι στο Pigpen Cipher αλλά μπορούμε να μαντέψουμε πως είναι: 57 | | Σύμβολο | Γράμμα | 58 | | :---------------: | :----: | 59 | | ![](pigpen/{.png) | `}` | 60 | | ![](pigpen/}.png) | `}` | 61 | 62 | ## Σημαία 63 | 64 | Αποκωδικοποιώντας το μήνυμα της φωτογραφίας παίρνουμε την σημαία: 65 | ``` 66 | FLAG{GOODJOBYOUUNCOVEREDMYSECRETMESSAGE} 67 | ``` 68 | -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/writeup/pigpen/A.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/writeup/pigpen/A.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/writeup/pigpen/B.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/writeup/pigpen/B.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/writeup/pigpen/C.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/writeup/pigpen/C.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/writeup/pigpen/D.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/writeup/pigpen/D.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/writeup/pigpen/E.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/writeup/pigpen/E.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/writeup/pigpen/F.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/writeup/pigpen/F.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/writeup/pigpen/G.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/writeup/pigpen/G.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/writeup/pigpen/H.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/writeup/pigpen/H.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/writeup/pigpen/I.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/writeup/pigpen/I.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/writeup/pigpen/J.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/writeup/pigpen/J.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/writeup/pigpen/K.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/writeup/pigpen/K.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/writeup/pigpen/L.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/writeup/pigpen/L.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/writeup/pigpen/M.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/writeup/pigpen/M.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/writeup/pigpen/N.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/writeup/pigpen/N.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/writeup/pigpen/O.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/writeup/pigpen/O.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/writeup/pigpen/P.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/writeup/pigpen/P.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/writeup/pigpen/Q.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/writeup/pigpen/Q.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/writeup/pigpen/R.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/writeup/pigpen/R.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/writeup/pigpen/S.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/writeup/pigpen/S.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/writeup/pigpen/T.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/writeup/pigpen/T.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/writeup/pigpen/U.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/writeup/pigpen/U.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/writeup/pigpen/V.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/writeup/pigpen/V.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/writeup/pigpen/W.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/writeup/pigpen/W.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/writeup/pigpen/X.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/writeup/pigpen/X.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/writeup/pigpen/Y.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/writeup/pigpen/Y.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/writeup/pigpen/Z.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/writeup/pigpen/Z.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/writeup/pigpen/{.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/writeup/pigpen/{.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/writeup/pigpen/}.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/writeup/pigpen/}.png -------------------------------------------------------------------------------- /challenge-extra-03-mysterious-symbols/writeup/symbols.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-03-mysterious-symbols/writeup/symbols.png -------------------------------------------------------------------------------- /challenge-extra-04-code-of-bytes/Makefile: -------------------------------------------------------------------------------- 1 | default: print 2 | cd src && python3 -m pip install -r requirements.txt 3 | cd src && python3 ./generate.py 4 | cd src && python3 -m compileall code.py 5 | cd src && cp __pycache__/code.*.pyc code.pyc 6 | cd src && rm -rf __pycache__ 7 | cd src && zip -r ../dist/rev_codeofbytes.zip run.py code.pyc 8 | @echo Challenge compiled. 9 | 10 | print: 11 | @echo Current Flag: $(shell bash -c 'cat src/flag.txt') 12 | 13 | change: print changeflag clean default print 14 | 15 | changeflag: 16 | $(shell bash -c 'read -p "New Flag: " flag; echo $$flag > src/flag.txt') 17 | @echo Flag changed. 18 | 19 | clean: 20 | -rm -f dist/rev_codeofbytes.zip 21 | -rm -f src/code.py 22 | -rm -rf src/__pycache__ 23 | @echo Challenge cleaned. 24 | -------------------------------------------------------------------------------- /challenge-extra-04-code-of-bytes/challenge.yml: -------------------------------------------------------------------------------- 1 | # This file represents the base specification of your challenge. It is used by 2 | # other tools to install and deploy your challenge. 3 | 4 | # Required sections 5 | name: "Κώδικας από byte" 6 | author: "Athanasios Vasileios Grammatopoulos " 7 | homepage: "https://ssl.ds.unipi.gr/" 8 | category: Αντίστροφη Μηχανική 9 | description: "![bytes-and-bits](/files/f4cbd1bcf3062d5bf87346ff57e3b917/challenge_extra_04.png)\n\nΚάποιος έγραψε αυτό το πρόγραμμα python, και έκρυψε μέσα ένα μήνυμα. Δυστυχώς δεν έχουμε όλο τον πηγαίο κώδικα και δεν ξέρουμε τι πρέπει να κάνουμε για να το ανακτήσουμε. Καμιά ιδέα;" 10 | value: 600 11 | type: dynamic 12 | 13 | # The extra field provides additional fields for data during the install/sync commands/ 14 | # Fields in extra can be used to supply additional information for other challenge types 15 | # For example the follow extra field is for dynamic challenges. To use these following 16 | # extra fields, set the type to "dynamic" and uncomment the "extra" section below 17 | extra: 18 | initial: 600 19 | decay: 20 20 | minimum: 200 21 | 22 | # connection_info is used to provide a link, hostname, or instructions on how to connect to a challenge 23 | #connection_info: 24 | 25 | # Flags specify answers that your challenge use. You should generally provide at least one. 26 | # Can be removed if unused 27 | # Accepts strings or dictionaries of CTFd API data 28 | flags: 29 | # A static case sensitive flag 30 | - FLAG{8a498a574605c51128ea041766d893b6} 31 | 32 | # Topics are used to help tell what techniques/information a challenge involves 33 | # They are generally only visible to admins 34 | # Accepts strings 35 | topics: 36 | - Python bytecode 37 | 38 | 39 | # Tags are used to provide additional public tagging to a challenge 40 | # Can be removed if unused 41 | # Accepts strings 42 | tags: 43 | - Μέτρια 44 | - Αντίστροφη Μηχανική 45 | - Reverse Engineering 46 | 47 | # Provide paths to files from the same directory that this file is in 48 | # Accepts strings 49 | files: 50 | - dist/rev_codeofbytes.zip 51 | 52 | # Hints are used to give players a way to buy or have suggestions. They are not 53 | # required but can be nice. 54 | # Can be removed if unused 55 | # Accepts dictionaries or strings 56 | hints: 57 | - Χρειάζεται να χρησιμοποιήσετε Python 3.8 58 | 59 | # The state of the challenge. 60 | # If the field is omitted, the challenge is visible by default. 61 | # If provided, the field can take one of two values: hidden, visible. 62 | state: hidden 63 | 64 | # Specifies what version of the challenge specification was used. 65 | # Subject to change until ctfcli v1.0.0 66 | version: "0.1" 67 | -------------------------------------------------------------------------------- /challenge-extra-04-code-of-bytes/dist/rev_codeofbytes.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-04-code-of-bytes/dist/rev_codeofbytes.zip -------------------------------------------------------------------------------- /challenge-extra-04-code-of-bytes/src/code.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | import requests 3 | 4 | # Load credentials from the web 5 | def loadCredentials(): 6 | print("Conntecting to the database ...", end =" ") 7 | r = requests.get('https://en.wikipedia.org/wiki/Python_(programming_language)') 8 | if r.status_code != 200: 9 | print("Error! Internet connection is required.") 10 | return None 11 | else: 12 | print("Success") 13 | 14 | # Parse output 15 | allowed_characters = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ" 16 | article = ''.join(filter(lambda x: x in allowed_characters, r.text[len(r.text)//2 : len(r.text)//2 + 256])) 17 | 18 | # User info 19 | username = 'admin' 20 | password = article[0:min(len(article), 64)][::-1] 21 | return [username, password] 22 | 23 | def authenticate(username, password): 24 | credentials = loadCredentials() 25 | if not credentials: 26 | return None 27 | 28 | print("Authenticating user ...", end =" ") 29 | if username == credentials[0] and password == credentials[1]: 30 | print("Success") 31 | return bytes([80, 208, 122, 73, 92, 25, 250, 37, 188, 147, 115, 254, 43, 126, 245, 205, 238, 131, 200, 229, 85, 185, 112, 4, 124, 219, 255, 34, 174, 216, 96, 48, 104, 57, 76, 249, 159, 129]) 32 | 33 | print("Failed") 34 | return False 35 | 36 | 37 | def getFlag(session): 38 | key = session 39 | ciphertext = bytes([22, 156, 59, 14, 39, 33, 155, 17, 133, 171, 18, 203, 28, 74, 195, 253, 219, 224, 253, 212, 100, 139, 72, 97, 29, 235, 203, 19, 153, 238, 86, 84, 80, 0, 127, 155, 169, 252]) 40 | flag = bytes(a ^ b for a, b in zip(ciphertext, key)).decode("utf-8") 41 | return flag 42 | -------------------------------------------------------------------------------- /challenge-extra-04-code-of-bytes/src/code.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-04-code-of-bytes/src/code.pyc -------------------------------------------------------------------------------- /challenge-extra-04-code-of-bytes/src/code.template.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | import requests 3 | 4 | # Load credentials from the web 5 | def loadCredentials(): 6 | print("Conntecting to the database ...", end =" ") 7 | r = requests.get('https://en.wikipedia.org/wiki/Python_(programming_language)') 8 | if r.status_code != 200: 9 | print("Error! Internet connection is required.") 10 | return None 11 | else: 12 | print("Success") 13 | 14 | # Parse output 15 | allowed_characters = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ" 16 | article = ''.join(filter(lambda x: x in allowed_characters, r.text[len(r.text)//2 : len(r.text)//2 + 256])) 17 | 18 | # User info 19 | username = 'admin' 20 | password = article[0:min(len(article), 64)][::-1] 21 | return [username, password] 22 | 23 | def authenticate(username, password): 24 | credentials = loadCredentials() 25 | if not credentials: 26 | return None 27 | 28 | print("Authenticating user ...", end =" ") 29 | if username == credentials[0] and password == credentials[1]: 30 | print("Success") 31 | return bytes({{key}}) 32 | 33 | print("Failed") 34 | return False 35 | 36 | 37 | def getFlag(session): 38 | key = session 39 | ciphertext = bytes({{ciphertext}}) 40 | flag = bytes(a ^ b for a, b in zip(ciphertext, key)).decode("utf-8") 41 | return flag 42 | -------------------------------------------------------------------------------- /challenge-extra-04-code-of-bytes/src/flag.txt: -------------------------------------------------------------------------------- 1 | FLAG{8a498a574605c51128ea041766d893b6} 2 | -------------------------------------------------------------------------------- /challenge-extra-04-code-of-bytes/src/generate.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | import os 3 | import json 4 | import secrets 5 | 6 | # Load flag 7 | flag = 'flag{this-is-an-example-flag}' 8 | with open('flag.txt', 'r') as f: 9 | flag = f.read().strip() 10 | 11 | plaintext = bytes(flag, 'utf-8') 12 | key = secrets.token_bytes(len(plaintext)) 13 | ciphertext = bytes(a ^ b for a, b in zip(plaintext, key)) 14 | 15 | with open('code.template.py', 'r') as code_template_py: 16 | code = code_template_py.read() 17 | code = code.replace('{{key}}', json.dumps(list(key))) 18 | code = code.replace('{{ciphertext}}', json.dumps(list(ciphertext))) 19 | with open('code.py', 'w') as code_py: 20 | code_py.write(code) 21 | -------------------------------------------------------------------------------- /challenge-extra-04-code-of-bytes/src/requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-04-code-of-bytes/src/requirements.txt -------------------------------------------------------------------------------- /challenge-extra-04-code-of-bytes/src/run.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | import code 3 | 4 | # Get credentials 5 | print("Please insert your credentials:") 6 | username = input("username: ") 7 | password = input("password: ") 8 | 9 | # Try to authenticate 10 | session = code.authenticate(username, password) 11 | if session: 12 | flag = code.getFlag(session) 13 | print('Good job here is your flag: ' + flag) 14 | else: 15 | print('Try again.') 16 | -------------------------------------------------------------------------------- /challenge-extra-04-code-of-bytes/writeup/README.md: -------------------------------------------------------------------------------- 1 | # Κώδικας από byte Write-Up 2 | 3 | 4 | 5 | | Δοκιμασία | Κώδικας από byte | 6 | | :------- | :----- | 7 | | Δυσκολία | Μέτρια | 8 | | Κατηγορία | Αντίστροφη Μηχανική (Reverse Engineering) | 9 | | Λύσεις | 15 | 10 | | Πόντοι | 404 | 11 | 12 | ## Επισκόπηση Δοκιμασίας 13 | 14 | ``` 15 | Κάποιος έγραψε αυτό το πρόγραμμα python, και έκρυψε μέσα ένα μήνυμα. Δυστυχώς δεν έχουμε όλο τον πηγαίο κώδικα και δεν ξέρουμε τι πρέπει να κάνουμε για να το ανακτήσουμε. Καμιά ιδέα; 16 | ``` 17 | 18 | ## Επίλυση 19 | 20 | Βλέπουμε πως μας δίνεται ένας κώδικας python: 21 | ```python 22 | #!/usr/bin/python3 23 | import code 24 | 25 | # Lets print credentials 26 | print(dir(code)) 27 | print(code.loadCredentials()) 28 | 29 | # Get credentials 30 | print("Please insert your credentials:") 31 | username = input("username: ") 32 | password = input("password: ") 33 | 34 | # Try to authenticate 35 | session = code.authenticate(username, password) 36 | if session: 37 | flag = code.getFlag(session) 38 | print('Good job here is your flag: ' + flag) 39 | else: 40 | print('Try again.') 41 | ``` 42 | που χρησιμοποιεί και έναν εξωτερικό byte κώδικα python (τον οποίο δεν μπορούμε να τον διαβάσουμε). 43 | 44 | Πρώτα ας ελέγξουμε τι functions είναι διαθέσιμα μέσα στον κωδικα της που δεν μπορούμε να διαβάσουμε: 45 | 46 | ```python 47 | import code 48 | print(dir(code)) 49 | ``` 50 | 51 | Και παίρνουμε σαν έξοδο: 52 | ``` 53 | ['__builtins__', '__cached__', '__doc__', '__file__', '__loader__', '__name__', '__package__', '__spec__', 'authenticate', 'getFlag', 'loadCredentials', 'requests'] 54 | ``` 55 | 56 | Μπορούμε να δούμε ότι εκτός από τις συναρτήσεις `authenticate` και `getFlag`, υπάρχει και μια συνάρτηση `loadCredentials`. 57 | 58 | Έτσι, ας το καλέσουμε την συνάρτηση `loadCredentials` και ας δούμε τι μας γυρνάει: 59 | ```python 60 | import code 61 | print(code.loadCredentials()) 62 | ``` 63 | 64 | Και παίρνουμε σαν έξοδο: 65 | ``` 66 | ['admin', 'ilkcabeticwmssalcnaps701etoneticdiililnapsnaps8893Zssalc92egaugn'] 67 | ``` 68 | 69 | Τώρα ας προσπαθήσουμε να τα χρησιμοποιήσουμε για να αυθεντικοποιηθούμε: 70 | ``` 71 | Please insert your credentials: 72 | username: admin 73 | password: ilkcabeticwmssalcnaps701etoneticdiililnapsnaps8893Zssalc92egaugn 74 | Conntecting to the database ... Success 75 | Authenticating user ... Success 76 | Good job here is your flag: FLAG{8a498a574605c51128ea041766d893b6} 77 | ``` 78 | 79 | ## Σημαία 80 | 81 | ``` 82 | FLAG{8a498a574605c51128ea041766d893b6} 83 | ``` 84 | 85 | -------------------------------------------------------------------------------- /challenge-extra-04-code-of-bytes/writeup/code.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-04-code-of-bytes/writeup/code.pyc -------------------------------------------------------------------------------- /challenge-extra-04-code-of-bytes/writeup/run.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | import code 3 | 4 | # Lets print credentials 5 | print(dir(code)) 6 | print(code.loadCredentials()) 7 | 8 | # Get credentials 9 | print("Please insert your credentials:") 10 | username = input("username: ") 11 | password = input("password: ") 12 | 13 | # Try to authenticate 14 | session = code.authenticate(username, password) 15 | if session: 16 | flag = code.getFlag(session) 17 | print('Good job here is your flag: ' + flag) 18 | else: 19 | print('Try again.') 20 | -------------------------------------------------------------------------------- /challenge-extra-05-pboard/Makefile: -------------------------------------------------------------------------------- 1 | default: print 2 | cd src && gcc updater.c -o updater -lcurl -lcjson 3 | cd src && zip -r ../dist/misc_pboard.zip updater 4 | @echo Challenge compiled. 5 | 6 | dependancies: 7 | #@echo No dependencies. 8 | # For building 9 | apt-get install libcurl4-openssl-dev 10 | @echo Dependencies were installed. 11 | 12 | print: 13 | @echo Current Flag: $(shell bash -c 'cat src/board-files/flag.txt') 14 | 15 | change: print changeflag clean default print 16 | 17 | changeflag: 18 | $(shell bash -c 'read -p "New Flag: " flag; echo $$flag > src/board-files/flag.txt') 19 | @echo Flag changed. 20 | 21 | clean: 22 | -rm -f dist/misc_pboard.zip 23 | @echo Challenge cleaned. 24 | -------------------------------------------------------------------------------- /challenge-extra-05-pboard/challenge.yml: -------------------------------------------------------------------------------- 1 | # This file represents the base specification of your challenge. It is used by 2 | # other tools to install and deploy your challenge. 3 | 4 | # Required sections 5 | name: "PBoard" 6 | author: "Athanasios Vasileios Grammatopoulos " 7 | homepage: "https://ssl.ds.unipi.gr/" 8 | category: Διάφορα 9 | description: "![cloud](/files/446c0f6ddf21add442ce23c108a56cf7/challenge_extra_05.png)\n\nΚαταπληκτική εφαρμογή το PBoard. Να θυμηθώ να την δώ αν έχει βγεί καμία καινούρια ενημέρωση με καινούρια χαρακτηριστικά!" 10 | value: 600 11 | type: dynamic 12 | 13 | # The extra field provides additional fields for data during the install/sync commands/ 14 | # Fields in extra can be used to supply additional information for other challenge types 15 | # For example the follow extra field is for dynamic challenges. To use these following 16 | # extra fields, set the type to "dynamic" and uncomment the "extra" section below 17 | extra: 18 | initial: 600 19 | decay: 20 20 | minimum: 200 21 | 22 | # connection_info is used to provide a link, hostname, or instructions on how to connect to a challenge 23 | #connection_info: 24 | 25 | # Flags specify answers that your challenge use. You should generally provide at least one. 26 | # Can be removed if unused 27 | # Accepts strings or dictionaries of CTFd API data 28 | flags: 29 | # A static case sensitive flag 30 | - FLAG{8b9ee735133b7d20276bffa9feae32b08113bacee1c4c9adc290b8b4a6fb6472} 31 | 32 | # Topics are used to help tell what techniques/information a challenge involves 33 | # They are generally only visible to admins 34 | # Accepts strings 35 | topics: 36 | #- Public endpoint 37 | 38 | 39 | # Tags are used to provide additional public tagging to a challenge 40 | # Can be removed if unused 41 | # Accepts strings 42 | tags: 43 | - Μέτρια 44 | - Διάφορα 45 | - Misc 46 | 47 | # Provide paths to files from the same directory that this file is in 48 | # Accepts strings 49 | files: 50 | - dist/misc_pboard.zip 51 | 52 | # Hints are used to give players a way to buy or have suggestions. They are not 53 | # required but can be nice. 54 | # Can be removed if unused 55 | # Accepts dictionaries or strings 56 | hints: 57 | #- No hints 58 | 59 | # The state of the challenge. 60 | # If the field is omitted, the challenge is visible by default. 61 | # If provided, the field can take one of two values: hidden, visible. 62 | state: hidden 63 | 64 | # Specifies what version of the challenge specification was used. 65 | # Subject to change until ctfcli v1.0.0 66 | version: "0.1" 67 | -------------------------------------------------------------------------------- /challenge-extra-05-pboard/dist/misc_pboard.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-05-pboard/dist/misc_pboard.zip -------------------------------------------------------------------------------- /challenge-extra-05-pboard/src/board-files/customers_data.csv: -------------------------------------------------------------------------------- 1 | id,name,phone number,balance,premium 2 | 1,Ayomide Davies,505-953-2937,40.97,FALSE 3 | 2,Anne-Marie Walmsley,505-269-2236,81.88,FALSE 4 | 3,Eilish Mcdaniel,214-483-4835,474.75,TRUE 5 | 4,Brenda Compton,285-442-215,207.34,FALSE 6 | 5,Ava Wallace,375-769-015,268.77,FALSE 7 | 6,Dillan Esquivel,799-413-046,291.06,FALSE 8 | 7,Elissa Guevara,553-698-386,183.84,FALSE 9 | 8,Tommy-Lee Gross,118-645-775,170.25,TRUE 10 | 9,Shiloh Mckenna,731-417-258,293.08,FALSE 11 | 10,Sarina Rangel,558-693-055,119.96,FALSE 12 | 11,Skye Bradley,832-439-271,459.01,FALSE 13 | 12,Umaima Oneil,641-039-887,7.67,FALSE 14 | 13,Neive Burn,199-920-321,240.43,FALSE 15 | 14,Shaan Brook,167-359-826,471.15,FALSE 16 | 15,Jak Molina,228-363-710,338.54,TRUE 17 | 16,Letitia Goldsmith,859-924-561,36.88,TRUE 18 | 17,Delilah Foreman,909-976-040,289.96,TRUE 19 | 18,Gregor Brennan,397-933-020,450.5,TRUE 20 | 19,Elliott Langley,578-100-097,13.67,FALSE 21 | 20,Jamaal Dodd,965-958-972,213.15,FALSE 22 | 21,Alastair Buckley,869-363-211,388.2,TRUE 23 | 22,Charis Blackburn,682-379-881,475.79,TRUE 24 | 23,Angharad Drew,227-403-719,48.49,TRUE 25 | 24,Tevin Schofield,801-859-364,65.13,FALSE 26 | 25,Adelina Andrew,720-937-339,302.73,FALSE 27 | 26,Leanne Rawlings,302-802-840,215.89,FALSE 28 | 27,Aiden Reynolds,377-860-528,21.05,TRUE 29 | 28,Mya Partridge,951-105-326,236.66,TRUE 30 | 29,Soraya Christensen,611-847-798,424.59,FALSE 31 | 30,Alexandria Porter,638-670-251,497.38,FALSE 32 | 31,Susie Bowler,621-598-535,451.09,TRUE 33 | 32,Cienna Craig,462-993-004,27.4,FALSE 34 | 33,Tanya Dixon,895-091-051,10.79,TRUE 35 | 34,Jarod Bloom,347-354-011,255.51,FALSE 36 | 35,Emyr Dodson,265-971-744,307.14,FALSE 37 | 36,Calum Hayward,629-042-447,389.01,TRUE 38 | 37,Ammar Vaughn,288-132-505,257.45,FALSE 39 | 38,Jerry Cameron,449-208-422,184.59,FALSE 40 | 39,Rodney Wright,833-178-527,92.6,TRUE 41 | 40,Sameer Childs,749-113-324,429.71,TRUE 42 | 41,Philip Sears,144-129-441,477.25,FALSE 43 | 42,Kanye Almond,FLAG{8b9ee735133b7d20276bffa9feae32b08113bacee1c4c9adc290b8b4a6fb6472},416.37,TRUE -------------------------------------------------------------------------------- /challenge-extra-05-pboard/src/board-files/flag.txt: -------------------------------------------------------------------------------- 1 | FLAG{8b9ee735133b7d20276bffa9feae32b08113bacee1c4c9adc290b8b4a6fb6472} -------------------------------------------------------------------------------- /challenge-extra-05-pboard/src/board-files/latest-version.json: -------------------------------------------------------------------------------- 1 | { 2 | "version" : { 3 | "name" : "v3.1", 4 | "major" : 3, 5 | "minor" : 1, 6 | 7 | "changelog" : "We imporved the sercurity of the application! Your data are always safe!" 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /challenge-extra-05-pboard/src/cjson/LICENSE: -------------------------------------------------------------------------------- 1 | Copyright (c) 2009-2017 Dave Gamble and cJSON contributors 2 | 3 | Permission is hereby granted, free of charge, to any person obtaining a copy 4 | of this software and associated documentation files (the "Software"), to deal 5 | in the Software without restriction, including without limitation the rights 6 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 7 | copies of the Software, and to permit persons to whom the Software is 8 | furnished to do so, subject to the following conditions: 9 | 10 | The above copyright notice and this permission notice shall be included in 11 | all copies or substantial portions of the Software. 12 | 13 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 14 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 15 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 16 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 17 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 18 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 19 | THE SOFTWARE. 20 | 21 | -------------------------------------------------------------------------------- /challenge-extra-05-pboard/src/cjson/appveyor.yml: -------------------------------------------------------------------------------- 1 | os: Visual Studio 2015 2 | 3 | # ENABLE_CUSTOM_COMPILER_FLAGS - on by default 4 | # ENABLE_SANITIZERS - off by default 5 | # ENABLE_PUBLIC_SYMBOLS - on by default 6 | # BUILD_SHARED_LIBS - on by default 7 | # ENABLE_TARGET_EXPORT - on by default 8 | # ENABLE_CJSON_UTILS - off by default 9 | # ENABLE_CJSON_TEST -on by default 10 | # ENABLE_VALGRIND - off by default 11 | # ENABLE_FUZZING - off by default 12 | 13 | environment: 14 | matrix: 15 | - GENERATOR: "Visual Studio 14 2015" 16 | BUILD_SHARED_LIBS: ON 17 | ENABLE_CJSON_TEST: OFF 18 | ENABLE_CJSON_UTILS: ON 19 | 20 | - GENERATOR: "Visual Studio 14 2015" 21 | BUILD_SHARED_LIBS: OFF 22 | ENABLE_CJSON_TEST: OFF 23 | ENABLE_CJSON_UTILS: ON 24 | 25 | - GENERATOR: "Visual Studio 12 2013" 26 | BUILD_SHARED_LIBS: ON 27 | ENABLE_CJSON_TEST: OFF 28 | ENABLE_CJSON_UTILS: ON 29 | 30 | - GENERATOR: "Visual Studio 12 2013" 31 | BUILD_SHARED_LIBS: OFF 32 | ENABLE_CJSON_TEST: OFF 33 | ENABLE_CJSON_UTILS: ON 34 | 35 | - GENERATOR: "Visual Studio 11 2012" 36 | BUILD_SHARED_LIBS: ON 37 | ENABLE_CJSON_TEST: OFF 38 | ENABLE_CJSON_UTILS: ON 39 | 40 | - GENERATOR: "Visual Studio 11 2012" 41 | BUILD_SHARED_LIBS: OFF 42 | ENABLE_CJSON_TEST: OFF 43 | ENABLE_CJSON_UTILS: ON 44 | 45 | - GENERATOR: "Visual Studio 10 2010" 46 | BUILD_SHARED_LIBS: ON 47 | ENABLE_CJSON_TEST: OFF 48 | ENABLE_CJSON_UTILS: ON 49 | 50 | - GENERATOR: "Visual Studio 10 2010" 51 | BUILD_SHARED_LIBS: OFF 52 | ENABLE_CJSON_TEST: OFF 53 | ENABLE_CJSON_UTILS: ON 54 | 55 | - GENERATOR: "Visual Studio 9 2008" 56 | BUILD_SHARED_LIBS: ON 57 | ENABLE_CJSON_TEST: OFF 58 | ENABLE_CJSON_UTILS: ON 59 | 60 | - GENERATOR: "Visual Studio 9 2008" 61 | BUILD_SHARED_LIBS: OFF 62 | ENABLE_CJSON_TEST: OFF 63 | ENABLE_CJSON_UTILS: ON 64 | 65 | 66 | platform: 67 | - x86 68 | - x64 69 | matrix: 70 | exclude: 71 | - platform: x64 72 | GENERATOR: "Visual Studio 9 2008" 73 | 74 | configuration: 75 | - Release 76 | 77 | 78 | build_script: 79 | - ps: if($env:PLATFORM -eq "x64") { $env:CMAKE_GEN_SUFFIX=" Win64" } 80 | - cmake "-G%GENERATOR%%CMAKE_GEN_SUFFIX%" -DBUILD_SHARED_LIBS=%BUILD_SHARED_LIBS% -DENABLE_CJSON_TEST=%ENABLE_CJSON_TEST% -H. -Bbuild 81 | - cmake --build build --config "%CONFIGURATION%" 82 | 83 | 84 | on_failure: 85 | - ps: if(Test-Path builds/CMakeFiles/CMakeOutput.log) { cat builds/CMakeFiles/CMakeOutput.log } 86 | - ps: if(Test-Path builds/CMakeFiles/CMakeError.log) { cat builds/CMakeFiles/CMakeError.log } -------------------------------------------------------------------------------- /challenge-extra-05-pboard/src/cjson/library_config/cJSONConfig.cmake.in: -------------------------------------------------------------------------------- 1 | # Whether the utils lib was build. 2 | set(CJSON_UTILS_FOUND @ENABLE_CJSON_UTILS@) 3 | 4 | # The include directories used by cJSON 5 | set(CJSON_INCLUDE_DIRS "@CMAKE_INSTALL_FULL_INCLUDEDIR@") 6 | set(CJSON_INCLUDE_DIR "@CMAKE_INSTALL_FULL_INCLUDEDIR@") 7 | 8 | get_filename_component(_dir "${CMAKE_CURRENT_LIST_FILE}" PATH) 9 | 10 | # The cJSON library 11 | set(CJSON_LIBRARY "@CJSON_LIB@") 12 | if(@ENABLE_TARGET_EXPORT@) 13 | # Include the target 14 | include("${_dir}/cjson.cmake") 15 | endif() 16 | 17 | if(CJSON_UTILS_FOUND) 18 | # The cJSON utils library 19 | set(CJSON_UTILS_LIBRARY @CJSON_UTILS_LIB@) 20 | # All cJSON libraries 21 | set(CJSON_LIBRARIES "@CJSON_UTILS_LIB@" "@CJSON_LIB@") 22 | if(@ENABLE_TARGET_EXPORT@) 23 | # Include the target 24 | include("${_dir}/cjson_utils.cmake") 25 | endif() 26 | else() 27 | # All cJSON libraries 28 | set(CJSON_LIBRARIES "@CJSON_LIB@") 29 | endif() 30 | -------------------------------------------------------------------------------- /challenge-extra-05-pboard/src/cjson/library_config/cJSONConfigVersion.cmake.in: -------------------------------------------------------------------------------- 1 | set(PACKAGE_VERSION "@PROJECT_VERSION@") 2 | 3 | # Check whether the requested PACKAGE_FIND_VERSION is compatible 4 | if("${PACKAGE_VERSION}" VERSION_LESS "${PACKAGE_FIND_VERSION}") 5 | set(PACKAGE_VERSION_COMPATIBLE FALSE) 6 | else() 7 | set(PACKAGE_VERSION_COMPATIBLE TRUE) 8 | if ("${PACKAGE_VERSION}" VERSION_EQUAL "${PACKAGE_FIND_VERSION}") 9 | set(PACKAGE_VERSION_EXACT TRUE) 10 | endif() 11 | endif() 12 | -------------------------------------------------------------------------------- /challenge-extra-05-pboard/src/cjson/library_config/libcjson.pc.in: -------------------------------------------------------------------------------- 1 | libdir=@CMAKE_INSTALL_FULL_LIBDIR@ 2 | includedir=@CMAKE_INSTALL_FULL_INCLUDEDIR@ 3 | 4 | Name: libcjson 5 | Version: @PROJECT_VERSION@ 6 | Description: Ultralightweight JSON parser in ANSI C 7 | URL: https://github.com/DaveGamble/cJSON 8 | Libs: -L${libdir} -lcjson 9 | Libs.private: -lm 10 | Cflags: -I${includedir} -I${includedir}/cjson 11 | -------------------------------------------------------------------------------- /challenge-extra-05-pboard/src/cjson/library_config/libcjson_utils.pc.in: -------------------------------------------------------------------------------- 1 | libdir=@CMAKE_INSTALL_FULL_LIBDIR@ 2 | includedir=@CMAKE_INSTALL_FULL_INCLUDEDIR@ 3 | 4 | Name: libcjson_utils 5 | Version: @PROJECT_VERSION@ 6 | Description: An implementation of JSON Pointer, Patch and Merge Patch based on cJSON. 7 | URL: https://github.com/DaveGamble/cJSON 8 | Libs: -L${libdir} -lcjson_utils 9 | Cflags: -I${includedir} -I${includedir}/cjson 10 | Requires: libcjson 11 | -------------------------------------------------------------------------------- /challenge-extra-05-pboard/src/cjson/library_config/uninstall.cmake: -------------------------------------------------------------------------------- 1 | cmake_minimum_required(VERSION 2.8.5) 2 | 3 | set(MANIFEST "${CMAKE_CURRENT_BINARY_DIR}/install_manifest.txt") 4 | 5 | if(NOT EXISTS ${MANIFEST}) 6 | message(FATAL_ERROR "Cannot find install mainfest: ${MANIFEST}") 7 | endif() 8 | 9 | file(STRINGS ${MANIFEST} files) 10 | foreach(file ${files}) 11 | if(EXISTS ${file} OR IS_SYMLINK ${file}) 12 | message(STATUS "Removing: ${file}") 13 | 14 | execute_process(COMMAND rm -f ${file} 15 | RESULT_VARIABLE result 16 | OUTPUT_QUIET 17 | ERROR_VARIABLE stderr 18 | ERROR_STRIP_TRAILING_WHITESPACE 19 | ) 20 | 21 | if(NOT ${result} EQUAL 0) 22 | message(FATAL_ERROR "${stderr}") 23 | endif() 24 | else() 25 | message(STATUS "Does-not-exist: ${file}") 26 | endif() 27 | endforeach(file) 28 | -------------------------------------------------------------------------------- /challenge-extra-05-pboard/src/cjson/valgrind.supp: -------------------------------------------------------------------------------- 1 | { 2 | suppress_ld_on_armv7 3 | Memcheck:Cond 4 | ... 5 | obj:*/ld-*.so 6 | } 7 | -------------------------------------------------------------------------------- /challenge-extra-05-pboard/src/info.txt: -------------------------------------------------------------------------------- 1 | 2 | # The files where uploaded on Trello 3 | # In a public board 4 | 5 | # Install the required libaries 6 | sudo apt-get install libcurl4-openssl-dev 7 | 8 | # Compile application 9 | gcc updater.c -o updater -lcurl -lcjson 10 | 11 | -------------------------------------------------------------------------------- /challenge-extra-05-pboard/src/updater: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-05-pboard/src/updater -------------------------------------------------------------------------------- /challenge-extra-05-pboard/writeup/trello-board-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-05-pboard/writeup/trello-board-1.png -------------------------------------------------------------------------------- /challenge-extra-05-pboard/writeup/trello-board-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-05-pboard/writeup/trello-board-2.png -------------------------------------------------------------------------------- /challenge-extra-05-pboard/writeup/trello-customer-files.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenge-extra-05-pboard/writeup/trello-customer-files.png -------------------------------------------------------------------------------- /challenges-images/README.md: -------------------------------------------------------------------------------- 1 | # Images for the Challenges 2 | 3 | ## Περιγραφή 4 | Οι παρακάτω εικόνες δημιουργήθηκαν με την χρήση του Stable Diffusion (πιο συγκεκριμένα με το μοντέλο `v2-1_512-nonema-pruned.ckpt`) και με την βοήθεια του [Stable Diffusion WebUI](https://github.com/AUTOMATIC1111/stable-diffusion-webui) και των extension του. 5 | 6 | Για την παραγωγή των φωτογραφιών χρησιμοποιήθηκε το παρακάτω πρότυπο promt από το [publicprompts.art](https://publicprompts.art/block-structures-prompt/): 7 | ```text 8 | tiny cute isometric PER_CHALLENGE_KEYWORKS_HERE, soft smooth lighting, soft colors, soft colors, 100mm lens, 3d blender render, trending on polycount, centered 9 | ``` 10 | με `CFG scale: 10`, `Sampler: euler_a` και `steps: 50` 11 | 12 | 13 | ## Εικόνες 14 | 15 | ### Κύριες Δοκιμασίες 16 | 17 | | Δοκιμασία 01 | Δοκιμασία 02 | Δοκιμασία 03 | Δοκιμασία 04 | 18 | |-------------|-------------|-------------|-------------| 19 | | | | | | 20 | 21 | | Δοκιμασία 05 | Δοκιμασία 06 | Δοκιμασία 07 | Δοκιμασία 08 | 22 | |-------------|-------------|-------------|-------------| 23 | | | | | | 24 | 25 | | Δοκιμασία 09 | Δοκιμασία 10 | Δοκιμασία 11 | Δοκιμασία 12 | 26 | |-------------|-------------|-------------|-------------| 27 | | | | | | 28 | 29 | ### Demo Δοκιμασίες 30 | 31 | | Δοκιμασία 01 | Δοκιμασία 02 | Δοκιμασία 03 | Δοκιμασία 04 | 32 | |-------------|-------------|-------------|-------------| 33 | | | | | | 34 | 35 | ### Extra Δοκιμασίες 36 | 37 | | Δοκιμασία 01 | Δοκιμασία 02 | Δοκιμασία 03 | Δοκιμασία 04 | 38 | |-------------|-------------|-------------|-------------| 39 | | | | | | 40 | 41 | | Δοκιμασία 05 | 42 | |-------------| 43 | | | 44 | -------------------------------------------------------------------------------- /challenges-images/challenge_01.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenges-images/challenge_01.png -------------------------------------------------------------------------------- /challenges-images/challenge_02.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenges-images/challenge_02.png -------------------------------------------------------------------------------- /challenges-images/challenge_03.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenges-images/challenge_03.png -------------------------------------------------------------------------------- /challenges-images/challenge_04.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenges-images/challenge_04.png -------------------------------------------------------------------------------- /challenges-images/challenge_05.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenges-images/challenge_05.png -------------------------------------------------------------------------------- /challenges-images/challenge_06.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenges-images/challenge_06.png -------------------------------------------------------------------------------- /challenges-images/challenge_07.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenges-images/challenge_07.png -------------------------------------------------------------------------------- /challenges-images/challenge_08.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenges-images/challenge_08.png -------------------------------------------------------------------------------- /challenges-images/challenge_09.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenges-images/challenge_09.png -------------------------------------------------------------------------------- /challenges-images/challenge_10.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenges-images/challenge_10.png -------------------------------------------------------------------------------- /challenges-images/challenge_11.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenges-images/challenge_11.png -------------------------------------------------------------------------------- /challenges-images/challenge_12.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenges-images/challenge_12.png -------------------------------------------------------------------------------- /challenges-images/challenge_alternative_01.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenges-images/challenge_alternative_01.png -------------------------------------------------------------------------------- /challenges-images/challenge_alternative_02.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenges-images/challenge_alternative_02.png -------------------------------------------------------------------------------- /challenges-images/challenge_alternative_03.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenges-images/challenge_alternative_03.png -------------------------------------------------------------------------------- /challenges-images/challenge_demo_01.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenges-images/challenge_demo_01.png -------------------------------------------------------------------------------- /challenges-images/challenge_demo_02.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenges-images/challenge_demo_02.png -------------------------------------------------------------------------------- /challenges-images/challenge_demo_03.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenges-images/challenge_demo_03.png -------------------------------------------------------------------------------- /challenges-images/challenge_demo_04.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenges-images/challenge_demo_04.png -------------------------------------------------------------------------------- /challenges-images/challenge_extra_01.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenges-images/challenge_extra_01.png -------------------------------------------------------------------------------- /challenges-images/challenge_extra_02.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenges-images/challenge_extra_02.png -------------------------------------------------------------------------------- /challenges-images/challenge_extra_03.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenges-images/challenge_extra_03.png -------------------------------------------------------------------------------- /challenges-images/challenge_extra_04.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenges-images/challenge_extra_04.png -------------------------------------------------------------------------------- /challenges-images/challenge_extra_05.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/challenges-images/challenge_extra_05.png -------------------------------------------------------------------------------- /images/hellenic-cyber-security-team.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/images/hellenic-cyber-security-team.png -------------------------------------------------------------------------------- /images/pwn-the-scoreboard.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/images/pwn-the-scoreboard.png -------------------------------------------------------------------------------- /images/university-of-piraeus-ssl.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/images/university-of-piraeus-ssl.png -------------------------------------------------------------------------------- /images/πανελλήνιος-μαθητικός-διαγωνισμός-κυβερνοασφάλειας-πμδκ.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/UniPiSSL/pmdk-2023/4d06f5fda33ec7703d5b4b203fa605938fa32d1c/images/πανελλήνιος-μαθητικός-διαγωνισμός-κυβερνοασφάλειας-πμδκ.png --------------------------------------------------------------------------------