├── .gitmodules ├── LICENSE ├── README.md ├── crypto ├── brsaby │ ├── solve │ │ ├── secret.py │ │ └── solve.py │ └── static │ │ └── script.py ├── clipper-chip │ ├── .gitignore │ ├── hosted │ │ ├── Dockerfile │ │ └── chal.py │ ├── solve │ │ └── solve.py │ ├── src │ │ ├── datasheet │ │ │ ├── logo.png │ │ │ ├── mb9001c67-datasheet.tex │ │ │ ├── pinout.svg │ │ │ ├── soic8.svg │ │ │ ├── timing.json │ │ │ └── timing.svg │ │ └── hardware │ │ │ ├── cipher.gds │ │ │ ├── cipher.sv │ │ │ ├── gen_image.py │ │ │ └── tb.sv │ └── static │ │ ├── mb9001c67-datasheet.pdf │ │ └── mb9001c67.tar.xz ├── e000p │ ├── solve │ │ ├── secret.py │ │ ├── solve.py │ │ └── test_script.py │ └── static │ │ └── script.py ├── jwt │ ├── .gitignore │ ├── hosted │ │ ├── Dockerfile │ │ ├── app.py │ │ ├── jwt.py │ │ ├── models.py │ │ ├── requirements.txt │ │ ├── secret.py │ │ ├── startup.txt │ │ ├── static │ │ │ ├── img │ │ │ │ ├── background-image-golden.png │ │ │ │ ├── background-image-golden2.png │ │ │ │ ├── background-image-grey.png │ │ │ │ ├── background-image.png │ │ │ │ ├── border-image-golden.png │ │ │ │ ├── border-image-golden2.png │ │ │ │ ├── border-image-grey.png │ │ │ │ ├── border-image.png │ │ │ │ ├── button-background.png │ │ │ │ ├── button-down.png │ │ │ │ ├── button-golden-down.png │ │ │ │ ├── button-golden-hover.png │ │ │ │ ├── button-golden-left.png │ │ │ │ ├── button-golden-right.png │ │ │ │ ├── button-golden.png │ │ │ │ ├── button-hover.png │ │ │ │ ├── button.png │ │ │ │ ├── checkbox-golden-off.png │ │ │ │ ├── checkbox-golden-on.png │ │ │ │ ├── checkbox-off.png │ │ │ │ ├── checkbox-on.png │ │ │ │ ├── cursor │ │ │ │ │ ├── cursor.cur │ │ │ │ │ ├── default.png │ │ │ │ │ ├── grab-close.png │ │ │ │ │ ├── grab-open.png │ │ │ │ │ ├── point.png │ │ │ │ │ └── select.png │ │ │ │ ├── hr-golden.png │ │ │ │ ├── hr.png │ │ │ │ ├── icons │ │ │ │ │ ├── armor-slot.png │ │ │ │ │ ├── empty-slot.png │ │ │ │ │ ├── exclamation.png │ │ │ │ │ ├── helmet-slot.png │ │ │ │ │ ├── magic-slot.png │ │ │ │ │ ├── potion-blue.png │ │ │ │ │ ├── potion-green.png │ │ │ │ │ ├── potion-red.png │ │ │ │ │ ├── potion-slot.png │ │ │ │ │ ├── ring-slot.png │ │ │ │ │ ├── shield-slot.png │ │ │ │ │ ├── shield.png │ │ │ │ │ ├── shoes-slot.png │ │ │ │ │ ├── sword.png │ │ │ │ │ └── weapon-slot.png │ │ │ │ ├── progress-bar-left.png │ │ │ │ ├── progress-bar-right.png │ │ │ │ ├── progress-bar-track.png │ │ │ │ ├── progress-blue.png │ │ │ │ ├── progress-green.png │ │ │ │ ├── progress-red.png │ │ │ │ ├── progress.png │ │ │ │ ├── radio-golden-off.png │ │ │ │ ├── radio-golden-on.png │ │ │ │ ├── radio-off.png │ │ │ │ ├── radio-on.png │ │ │ │ ├── scrollbar-button.png │ │ │ │ ├── scrollbar-thumb.png │ │ │ │ ├── scrollbar-track.png │ │ │ │ ├── select-background-image.png │ │ │ │ ├── select-border-image.png │ │ │ │ ├── slider-left-golden.png │ │ │ │ ├── slider-left.png │ │ │ │ ├── slider-right-golden.png │ │ │ │ ├── slider-right.png │ │ │ │ ├── slider-thumb-golden.png │ │ │ │ ├── slider-thumb.png │ │ │ │ ├── slider-track-golden.png │ │ │ │ └── slider-track.png │ │ │ ├── rpgui.min.css │ │ │ ├── rpgui.min.js │ │ │ └── style.css │ │ └── templates │ │ │ ├── base.html │ │ │ ├── home.html │ │ │ ├── login.html │ │ │ └── register.html │ ├── solve │ │ ├── jwt.py │ │ └── solve.py │ └── static │ │ └── jwt.tar.xz ├── qotp │ ├── hosted │ │ ├── Dockerfile │ │ ├── secret.py │ │ └── server.py │ ├── solve │ │ ├── poc.py │ │ └── solve.py │ └── static │ │ └── server.py ├── spiral-baby │ ├── .gitignore │ ├── hosted │ │ ├── Dockerfile │ │ ├── main.py │ │ ├── secret.py │ │ ├── spiral.py │ │ └── utils.py │ ├── solve │ │ ├── exploit.py │ │ ├── spiral.py │ │ └── utils.py │ └── static │ │ ├── main.py │ │ ├── spiral.py │ │ └── utils.py └── spiral │ ├── .gitignore │ ├── hosted │ ├── Dockerfile │ ├── main.py │ ├── secret.py │ ├── spiral.py │ └── utils.py │ ├── solve │ ├── exploit.py │ ├── spiral.py │ └── utils.py │ └── static │ ├── main.py │ ├── spiral.py │ └── utils.py ├── misc ├── Bored-hacker │ └── challenge.yaml ├── disukoodo │ ├── hosted │ │ ├── Dockerfile │ │ └── bot.py │ └── static │ │ └── bot.py ├── flag-hoarding │ └── static │ │ └── LEAK_20220804_SCAN_1.jpeg └── maplebacoin │ ├── hosted │ ├── Dockerfile │ └── src │ │ ├── .gitignore │ │ ├── .node-version │ │ ├── contracts │ │ ├── Context.sol │ │ ├── ERC20.sol │ │ ├── IERC20.sol │ │ ├── IERC20Metadata.sol │ │ ├── MapleBaCoin.sol │ │ ├── MapleBankon.sol │ │ └── Ownable.sol │ │ ├── package-lock.json │ │ ├── package.json │ │ └── ui │ │ ├── index.js │ │ └── static │ │ └── index.html │ ├── solve │ └── Solve.sol │ └── static │ ├── Dockerfile │ ├── README.md │ └── src │ ├── .gitignore │ ├── .node-version │ ├── .npmignore │ ├── contracts │ ├── MapleBaCoin.sol │ └── MapleBankon.sol │ ├── hardhat.config.js │ ├── package-lock.json │ ├── package.json │ ├── patches │ └── hardhat+2.10.2.patch │ ├── scripts │ ├── deploy.js │ └── solve.js │ ├── start.sh │ └── ui │ ├── index.js │ └── static │ └── index.html ├── pwn ├── ebcsic │ ├── README.md │ ├── hosted │ │ ├── Dockerfile │ │ ├── chal.py │ │ ├── flag │ │ └── xinetd.conf │ ├── solve │ │ ├── gen_solution.py │ │ ├── shellcode-x86 │ │ ├── solution.bin │ │ └── solution.txt │ └── static │ │ └── chal.py ├── no-flag-4-u │ ├── hosted │ │ ├── Dockerfile │ │ ├── banner_fail │ │ ├── chal │ │ ├── challenge.sh │ │ ├── flag.txt │ │ ├── libno_flag_4_u.so │ │ ├── run.sh │ │ └── xinetd.conf │ ├── solve │ │ └── exploit.py │ ├── src │ │ ├── .gitignore │ │ ├── Dockerfile │ │ ├── Makefile │ │ ├── banner_fail │ │ ├── build.dockerfile │ │ ├── build.sh │ │ ├── chal.c │ │ ├── challenge.sh │ │ ├── flag.txt │ │ ├── no-flag-4-u │ │ │ ├── .cargo │ │ │ │ └── config.toml │ │ │ ├── .gitignore │ │ │ ├── Cargo.toml │ │ │ ├── build.rs │ │ │ ├── rust-toolchain │ │ │ └── src │ │ │ │ ├── config.rs │ │ │ │ ├── lib.rs │ │ │ │ ├── log_server.rs │ │ │ │ ├── preload_hooks.rs │ │ │ │ ├── preload_hooks │ │ │ │ ├── gets.rs │ │ │ │ ├── heap.rs │ │ │ │ ├── libc_start_main.rs │ │ │ │ ├── printf.rs │ │ │ │ ├── puts.rs │ │ │ │ ├── read.rs │ │ │ │ ├── scanf.rs │ │ │ │ └── write.rs │ │ │ │ └── utils.rs │ │ ├── run.sh │ │ └── xinetd.conf │ └── static │ │ ├── chal │ │ ├── libno_flag_4_u.so │ │ └── run.sh ├── printf │ ├── hosted │ │ ├── Dockerfile │ │ ├── banner_fail │ │ ├── chal │ │ ├── challenge.sh │ │ ├── flag.txt │ │ └── xinetd.conf │ ├── solve │ │ ├── exploit.py │ │ └── libc-2.31.so │ ├── src │ │ ├── .gitignore │ │ ├── Dockerfile │ │ ├── Makefile │ │ ├── banner_fail │ │ ├── build.dockerfile │ │ ├── build.sh │ │ ├── chal.c │ │ ├── challenge.sh │ │ ├── flag.txt │ │ └── xinetd.conf │ └── static │ │ └── chal ├── puzzling-oversight │ ├── hosted │ │ ├── Dockerfile │ │ ├── banner_fail │ │ ├── chal │ │ ├── challenge.sh │ │ ├── flag.txt │ │ └── xinetd.conf │ ├── solve │ │ └── solve.py │ ├── src │ │ ├── build.sh │ │ └── chall.c │ └── static │ │ ├── Dockerfile │ │ └── puzzling-oversight ├── warmup1 │ ├── hosted │ │ ├── Dockerfile │ │ ├── banner_fail │ │ ├── chal │ │ ├── challenge.sh │ │ ├── flag.txt │ │ └── xinetd.conf │ ├── solve │ │ └── exploit.py │ ├── src │ │ ├── .gitignore │ │ ├── Dockerfile │ │ ├── Makefile │ │ ├── banner_fail │ │ ├── build.dockerfile │ │ ├── build.sh │ │ ├── chal.c │ │ ├── challenge.sh │ │ ├── flag.txt │ │ └── xinetd.conf │ └── static │ │ └── chal └── warmup2 │ ├── hosted │ ├── Dockerfile │ ├── banner_fail │ ├── chal │ ├── challenge.sh │ ├── flag.txt │ └── xinetd.conf │ ├── solve │ ├── exploit.py │ └── libc-2.31.so │ ├── src │ ├── .gitignore │ ├── Dockerfile │ ├── Makefile │ ├── banner_fail │ ├── build.dockerfile │ ├── build.sh │ ├── chal.c │ ├── challenge.sh │ ├── flag.txt │ └── xinetd.conf │ └── static │ └── chal ├── rev ├── badcontroller │ ├── solve │ │ └── solve.py │ ├── src │ │ ├── .vscode │ │ │ └── arduino.json │ │ ├── build.bat │ │ ├── challdriver.c │ │ ├── challemu │ │ │ └── challemu.ino │ │ └── encrypt.py │ └── static │ │ ├── challdriver.exe │ │ └── log.pcap ├── confounded-pondering-unit │ ├── LICENSE │ ├── src │ │ ├── README.md │ │ ├── isa.asm │ │ └── multistack_obf.asm │ └── static │ │ ├── CPU_IO.circ │ │ ├── README.md │ │ └── flag-checker-v5.bin ├── maplewave │ ├── solve │ │ └── solve.py │ ├── src │ │ ├── Makefile │ │ └── maplewave.c │ └── static │ │ ├── flag0.maplewave │ │ ├── flag1.maplewave │ │ ├── flag2.maplewave │ │ └── maplewave ├── scotty │ ├── src │ │ ├── Dockerfile │ │ ├── Makefile │ │ ├── generate.py │ │ └── scotty.hs │ └── static │ │ └── scotty ├── vm-new │ └── static │ │ ├── chal.sv │ │ ├── data.txt │ │ └── prog.txt └── vm │ ├── src │ ├── assemble.py │ ├── cpu.sv │ ├── datapath.sv │ ├── enc.py │ ├── flag.txt │ ├── flag_check.s │ ├── gen_data.py │ └── top.sv │ └── static │ ├── chal.sv │ ├── data.txt │ └── prog.txt └── web ├── VieneLibrary ├── hosted │ ├── .gitignore │ ├── Dockerfile │ ├── run.sh │ ├── vieneclient │ │ ├── app.js │ │ ├── package-lock.json │ │ └── package.json │ └── vieneserver │ │ ├── .ruby-version │ │ ├── Gemfile │ │ ├── Gemfile.lock │ │ ├── Rakefile │ │ ├── app │ │ ├── assets │ │ │ ├── 1.txt │ │ │ ├── 2.txt │ │ │ ├── 3.txt │ │ │ └── config │ │ │ │ └── manifest.js │ │ └── controllers │ │ │ ├── application_controller.rb │ │ │ └── viene_controller.rb │ │ ├── bin │ │ ├── bundle │ │ ├── importmap │ │ ├── rails │ │ ├── rake │ │ └── setup │ │ ├── config.ru │ │ ├── config │ │ ├── application.rb │ │ ├── boot.rb │ │ ├── cable.yml │ │ ├── environment.rb │ │ ├── environments │ │ │ ├── development.rb │ │ │ └── production.rb │ │ ├── importmap.rb │ │ ├── initializers │ │ │ ├── assets.rb │ │ │ ├── content_security_policy.rb │ │ │ ├── filter_parameter_logging.rb │ │ │ ├── inflections.rb │ │ │ └── permissions_policy.rb │ │ ├── locales │ │ │ └── en.yml │ │ ├── puma.rb │ │ └── routes.rb │ │ └── flag.txt └── solve │ └── solve.py ├── artgallery ├── .gitignore └── hosted │ ├── Dockerfile │ ├── flag.txt │ ├── ftp │ ├── files │ │ ├── bunny.png │ │ ├── girl.png │ │ ├── goose.png │ │ └── motorcycle.png │ ├── ftpserver.js │ ├── package-lock.json │ └── package.json │ ├── http │ ├── app.js │ ├── package-lock.json │ ├── package.json │ └── views │ │ ├── pages │ │ ├── gallery.ejs │ │ ├── index.ejs │ │ └── upload.ejs │ │ └── partials │ │ ├── footer.ejs │ │ ├── head.ejs │ │ └── header.ejs │ └── run.sh ├── bookstore ├── challenge-description.md ├── docker-compose.yml ├── hosted │ ├── .dockerignore │ ├── .gitignore │ ├── Dockerfile │ ├── db.js │ ├── index.js │ ├── init.sh │ ├── init.sql │ ├── package.json │ ├── static │ │ ├── assets │ │ │ ├── LICENSE.txt │ │ │ ├── README.md │ │ │ ├── img │ │ │ │ ├── background-image-golden.png │ │ │ │ ├── background-image-golden2.png │ │ │ │ ├── background-image-grey.png │ │ │ │ ├── background-image.png │ │ │ │ ├── border-image-golden.png │ │ │ │ ├── border-image-golden2.png │ │ │ │ ├── border-image-grey.png │ │ │ │ ├── border-image.png │ │ │ │ ├── button-background.png │ │ │ │ ├── button-down.png │ │ │ │ ├── button-golden-down.png │ │ │ │ ├── button-golden-hover.png │ │ │ │ ├── button-golden-left.png │ │ │ │ ├── button-golden-right.png │ │ │ │ ├── button-golden.png │ │ │ │ ├── button-hover.png │ │ │ │ ├── button.png │ │ │ │ ├── checkbox-golden-off.png │ │ │ │ ├── checkbox-golden-on.png │ │ │ │ ├── checkbox-off.png │ │ │ │ ├── checkbox-on.png │ │ │ │ ├── cursor │ │ │ │ │ ├── cursor.cur │ │ │ │ │ ├── default.png │ │ │ │ │ ├── grab-close.png │ │ │ │ │ ├── grab-open.png │ │ │ │ │ ├── point.png │ │ │ │ │ └── select.png │ │ │ │ ├── hr-golden.png │ │ │ │ ├── hr.png │ │ │ │ ├── icons │ │ │ │ │ ├── armor-slot.png │ │ │ │ │ ├── empty-slot.png │ │ │ │ │ ├── exclamation.png │ │ │ │ │ ├── helmet-slot.png │ │ │ │ │ ├── magic-slot.png │ │ │ │ │ ├── potion-blue.png │ │ │ │ │ ├── potion-green.png │ │ │ │ │ ├── potion-red.png │ │ │ │ │ ├── potion-slot.png │ │ │ │ │ ├── ring-slot.png │ │ │ │ │ ├── shield-slot.png │ │ │ │ │ ├── shield.png │ │ │ │ │ ├── shoes-slot.png │ │ │ │ │ ├── sword.png │ │ │ │ │ └── weapon-slot.png │ │ │ │ ├── progress-bar-left.png │ │ │ │ ├── progress-bar-right.png │ │ │ │ ├── progress-bar-track.png │ │ │ │ ├── progress-blue.png │ │ │ │ ├── progress-green.png │ │ │ │ ├── progress-red.png │ │ │ │ ├── progress.png │ │ │ │ ├── radio-golden-off.png │ │ │ │ ├── radio-golden-on.png │ │ │ │ ├── radio-off.png │ │ │ │ ├── radio-on.png │ │ │ │ ├── scrollbar-button.png │ │ │ │ ├── scrollbar-thumb.png │ │ │ │ ├── scrollbar-track.png │ │ │ │ ├── select-background-image.png │ │ │ │ ├── select-border-image.png │ │ │ │ ├── slider-left-golden.png │ │ │ │ ├── slider-left.png │ │ │ │ ├── slider-right-golden.png │ │ │ │ ├── slider-right.png │ │ │ │ ├── slider-thumb-golden.png │ │ │ │ ├── slider-thumb.png │ │ │ │ ├── slider-track-golden.png │ │ │ │ └── slider-track.png │ │ │ ├── package.json │ │ │ ├── rpgui.css │ │ │ ├── rpgui.js │ │ │ ├── rpgui.min.css │ │ │ ├── rpgui.min.js │ │ │ ├── style.css │ │ │ └── test.html │ │ └── img │ │ │ ├── 1.png │ │ │ ├── 2.png │ │ │ ├── 3.png │ │ │ └── 4.png │ ├── validator.js │ └── views │ │ ├── books.ejs │ │ ├── catalogue.ejs │ │ ├── index.ejs │ │ ├── login.ejs │ │ └── register.ejs ├── solve │ └── script.py └── static │ └── bookstore.zip ├── honksay ├── .gitignore ├── hosted │ ├── Dockerfile │ ├── app.js │ ├── goose.js │ ├── package-lock.json │ ├── package.json │ └── public │ │ └── images │ │ └── goosevie.png └── static │ └── honksay.tar.gz └── pickle-factory ├── challenge-description.md ├── docker-compose.yml ├── hosted ├── .gitignore ├── Dockerfile ├── app.py ├── flag.log ├── requirements.txt └── templates │ └── index.html ├── solve └── solve.py └── static └── pickle-factory.zip /.gitmodules: -------------------------------------------------------------------------------- 1 | [submodule "rev\\badcontroller\\src\\HID"] 2 | path = rev\\badcontroller\\src\\HID 3 | url = https://github.com/NicoHood/HID.git 4 | [submodule "rev\\badcontroller\\src\\tiny-AES-c"] 5 | path = rev\\badcontroller\\src\\tiny-AES-c 6 | url = https://github.com/kokke/tiny-AES-c.git 7 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # maple-ctf-2022-public 2 | Challenges and solutions for Maple CTF 2022. 3 | -------------------------------------------------------------------------------- /crypto/brsaby/solve/secret.py: -------------------------------------------------------------------------------- 1 | FLAG = b"maple{s0lving_th3m_p3rf3ct_r000ts_1s_fun}" 2 | -------------------------------------------------------------------------------- /crypto/brsaby/solve/solve.py: -------------------------------------------------------------------------------- 1 | from sage.all import * 2 | from Crypto.Util.number import long_to_bytes 3 | 4 | N = 134049493752540418773065530143076126635445393203564220282068096099004424462500237164471467694656029850418188898633676218589793310992660499303428013844428562884017060683631593831476483842609871002334562252352992475614866865974358629573630911411844296034168928705543095499675521713617474013653359243644060206273 5 | e = 65537 6 | enc = 110102068225857249266317472106969433365215711224747391469423595211113736904624336819727052620230568210114877696850912188601083627767033947343144894754967713943008865252845680364312307500261885582194931443807130970738278351511194280306132200450370953028936210150584164591049215506801271155664701637982648648103 7 | hint = 20172108941900018394284473561352944005622395962339433571299361593905788672168045532232800087202397752219344139121724243795336720758440190310585711170413893436453612554118877290447992615675653923905848685604450760355869000618609981902108252359560311702189784994512308860998406787788757988995958832480986292341328962694760728098818022660328680140765730787944534645101122046301434298592063643437213380371824613660631584008711686240103416385845390125711005079231226631612790119628517438076962856020578250598417110996970171029663545716229258911304933901864735285384197017662727621049720992964441567484821110407612560423282 8 | 9 | ##### begin solution 10 | 11 | P = PolynomialRing(Integers(), 'x') 12 | x = P.gen() 13 | eq = x ** 7 - hint * x ** 3 - N ** 3 14 | p = eq.roots()[0][0] 15 | q = N//p 16 | assert(p*q==N) 17 | 18 | d = pow(e, -1, (p-1) * (q-1)) 19 | print(long_to_bytes(pow(enc, int(d), N))) 20 | 21 | -------------------------------------------------------------------------------- /crypto/brsaby/static/script.py: -------------------------------------------------------------------------------- 1 | from Crypto.Util.number import getPrime, bytes_to_long 2 | from secret import FLAG 3 | 4 | msg = bytes_to_long(FLAG) 5 | p = getPrime(512) 6 | q = getPrime(512) 7 | N = p*q 8 | e = 0x10001 9 | enc = pow(msg, e, N) 10 | hint = p**4 - q**3 11 | 12 | print(f"{N = }") 13 | print(f"{e = }") 14 | print(f"{enc = }") 15 | print(f"{hint = }") 16 | 17 | ''' 18 | N = 134049493752540418773065530143076126635445393203564220282068096099004424462500237164471467694656029850418188898633676218589793310992660499303428013844428562884017060683631593831476483842609871002334562252352992475614866865974358629573630911411844296034168928705543095499675521713617474013653359243644060206273 19 | e = 65537 20 | enc = 110102068225857249266317472106969433365215711224747391469423595211113736904624336819727052620230568210114877696850912188601083627767033947343144894754967713943008865252845680364312307500261885582194931443807130970738278351511194280306132200450370953028936210150584164591049215506801271155664701637982648648103 21 | hint = 20172108941900018394284473561352944005622395962339433571299361593905788672168045532232800087202397752219344139121724243795336720758440190310585711170413893436453612554118877290447992615675653923905848685604450760355869000618609981902108252359560311702189784994512308860998406787788757988995958832480986292341328962694760728098818022660328680140765730787944534645101122046301434298592063643437213380371824613660631584008711686240103416385845390125711005079231226631612790119628517438076962856020578250598417110996970171029663545716229258911304933901864735285384197017662727621049720992964441567484821110407612560423282 22 | ''' 23 | 24 | -------------------------------------------------------------------------------- /crypto/clipper-chip/.gitignore: -------------------------------------------------------------------------------- 1 | *.vcd 2 | -------------------------------------------------------------------------------- /crypto/clipper-chip/hosted/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:alpine 2 | 3 | RUN apk update && apk add socat 4 | 5 | WORKDIR /app 6 | 7 | COPY chal.py . 8 | RUN addgroup -S ctf && adduser -S ctf -G ctf 9 | 10 | USER ctf 11 | CMD ["socat", "TCP-LISTEN:3333,fork,reuseaddr", "EXEC:'python ./chal.py'"] 12 | -------------------------------------------------------------------------------- /crypto/clipper-chip/src/datasheet/logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/clipper-chip/src/datasheet/logo.png -------------------------------------------------------------------------------- /crypto/clipper-chip/src/datasheet/timing.json: -------------------------------------------------------------------------------- 1 | { 2 | signal: [ 3 | {name: 'CLK', wave: 'p...|...|.'}, 4 | {name: 'RST', wave: '101.|...|.'}, 5 | {name: 'MODE', wave: '0.1.|0..|.'}, 6 | {name: 'IN', wave: 'x.3.|4..|x', data: ['key', 'plaintext']}, 7 | {name: 'OUT', wave: 'x...|5..|x', data: ['ciphertext']} 8 | ] 9 | } 10 | -------------------------------------------------------------------------------- /crypto/clipper-chip/src/hardware/cipher.gds: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/clipper-chip/src/hardware/cipher.gds -------------------------------------------------------------------------------- /crypto/clipper-chip/src/hardware/cipher.sv: -------------------------------------------------------------------------------- 1 | module lfsr 2 | #(parameter SIZE = 4, parameter POLYNOMIAL = 'hc) 3 | (input clk, nrst, mode, seed, output out); 4 | 5 | reg [SIZE-1:0] stages; 6 | 7 | assign out = stages[0]; 8 | 9 | always @(posedge clk) 10 | if (nrst) begin 11 | stages[SIZE-1] <= mode ? seed : stages[0]; 12 | for (int i = SIZE-2; i >= 0; i--) 13 | stages[i] <= ((POLYNOMIAL[i] & ~mode) ? stages[0] : 1'b0) ^ stages[i+1]; 14 | end 15 | endmodule // lfsr 16 | 17 | module cipher 18 | (input clk, nrst, mode, in, 19 | output out); 20 | 21 | wire a, b, c; 22 | wire k = (a&b) | (a&c) | (b&c); 23 | 24 | assign out = in ^ k; 25 | 26 | lfsr #(17, 'h100ab) REG0(.seed(in), .out(a), .*); 27 | lfsr #(19, 'h40112) REG1(.seed(a), .out(b), .*); 28 | lfsr #(31, 'h40000576) REG2(.seed(b), .out(c), .*); 29 | endmodule // cipher 30 | -------------------------------------------------------------------------------- /crypto/clipper-chip/src/hardware/gen_image.py: -------------------------------------------------------------------------------- 1 | import gdspy 2 | from svglib.svglib import svg2rlg 3 | from rich.progress import track 4 | 5 | lib = gdspy.GdsLibrary(infile="cipher.gds") 6 | 7 | layers = [ 8 | ("diff", (65, 20)), 9 | ("nsdm", (93, 44)), 10 | ("psdm", (94, 20)), 11 | ("poly", (66, 20)), 12 | ("npc", (95, 20)), 13 | ("licon1", (66, 44)), 14 | ("li1", (67, 20)), 15 | ("mcon", (67, 44)), 16 | ("met1", (68, 20)), 17 | ("via", (68, 44)), 18 | ("met2", (69, 20)), 19 | ("via2", (69, 44)), 20 | ("met3", (70, 20)), 21 | ("via3", (70, 44)), 22 | ("met4", (71, 20)), 23 | ("via4", (71, 44)), 24 | ("met5", (72, 20)), 25 | ] 26 | 27 | top_cell = lib.top_level()[0] 28 | text = gdspy.Text("MAPLECTF", 2, (5.5, 8.5), layer=66, datatype=20) 29 | top_cell.add(text) 30 | top_cell.flatten() 31 | 32 | bb = top_cell.get_bounding_box() 33 | 34 | style = {(0,0): {"fill": "none"}} 35 | 36 | for i, (name, ld) in track(enumerate(layers), total=len(layers)): 37 | cell = top_cell.copy(name) 38 | 39 | cell.remove_polygons(lambda pts, l, d: (l, d) != ld) 40 | cell.remove_labels(lambda _: True) 41 | cell.remove_paths(lambda _: True) 42 | 43 | cell.add(gdspy.Rectangle(bb[0], bb[1], layer=0, datatype=0)) 44 | 45 | cell.write_svg(f"masks/{i:02}_{name}.svg", background="white", style=style) 46 | -------------------------------------------------------------------------------- /crypto/clipper-chip/src/hardware/tb.sv: -------------------------------------------------------------------------------- 1 | module tb; 2 | reg clk, nrst; 3 | reg in, mode; 4 | wire out; 5 | 6 | cipher DUT(.*); 7 | 8 | initial forever begin 9 | clk = 'b0; 10 | #5; 11 | clk = 'b1; 12 | #5; 13 | end 14 | 15 | task loadkey(input [66:0] key); 16 | mode = 1'b1; 17 | for (int i = 66; i >= 0; i--) begin 18 | in = key[i]; 19 | #10; 20 | end 21 | mode = 1'b0; 22 | in = 1'bx; 23 | endtask // loadkey 24 | 25 | task encrypt(input string pt); 26 | reg [7:0] p; 27 | reg [7:0] c; 28 | for (int i = 0; i < pt.len(); i++) begin 29 | p = pt[i]; 30 | for (int j = 7; j >= 0; j--) begin 31 | in = p[j]; 32 | #0 c[j] = out; 33 | #10; 34 | end 35 | $write("%02x", c); 36 | end 37 | $display(); 38 | endtask // encrypt 39 | 40 | initial begin 41 | $dumpvars; 42 | mode = 1'b0; 43 | in = 1'b0; 44 | nrst = 1'b0; 45 | #10; 46 | nrst = 1'b1; 47 | 48 | loadkey(67'h383e04e16005dfa29); 49 | encrypt("flag: maple{c0rr3l4710n_4nd_c4u54710n.HAiBDKZP3Jggoqyb}"); 50 | 51 | $finish; 52 | end 53 | endmodule // tb 54 | -------------------------------------------------------------------------------- /crypto/clipper-chip/static/mb9001c67-datasheet.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/clipper-chip/static/mb9001c67-datasheet.pdf -------------------------------------------------------------------------------- /crypto/clipper-chip/static/mb9001c67.tar.xz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/clipper-chip/static/mb9001c67.tar.xz -------------------------------------------------------------------------------- /crypto/e000p/solve/secret.py: -------------------------------------------------------------------------------- 1 | FLAG = b"maple{th3_3dw4rd_cu12ve_and_kn0wn_bits_dlp}" 2 | -------------------------------------------------------------------------------- /crypto/e000p/static/script.py: -------------------------------------------------------------------------------- 1 | from secret import FLAG 2 | 3 | # Implementation of Edwards Curve41417 4 | # x ** 2 + y ** 2 = 1 + 3617 * x ** 2 * y ** 2 5 | # Formulas from http://hyperelliptic.org/EFD/g1p/auto-edwards.html 6 | 7 | P = 2 ** 414 - 17 8 | d = 3617 9 | 10 | def on_curve(p): 11 | x, y = p 12 | return (x * x + y * y) % P == (1 + d * x * x * y * y) % P 13 | 14 | def inv(x): 15 | return pow(x, -1, P) 16 | 17 | def add(p1, p2): 18 | x1, y1 = p1 19 | x2, y2 = p2 20 | x = (x1 * y2 + y1 * x2) * inv(1 + d * x1 * x2 * y1 * y2) 21 | y = (y1 * y2 - x1 * x2) * inv(1 - d * x1 * x2 * y1 * y2) 22 | return (x % P, y % P) 23 | 24 | 25 | def mul(x: int, base): 26 | ans = (0,1) 27 | cur = base 28 | while x > 0: 29 | if x & 1: 30 | ans = add(cur, ans) 31 | x >>= 1 32 | cur = add(cur, cur) 33 | return ans 34 | 35 | base = (17319886477121189177719202498822615443556957307604340815256226171904769976866975908866528699294134494857887698432266169206165, 34) 36 | assert(on_curve(base)) 37 | 38 | order = 2 ** 411 - 33364140863755142520810177694098385178984727200411208589594759 39 | 40 | msg = int.from_bytes(FLAG, 'big') 41 | assert(msg < 2 ** 410) 42 | 43 | enc = mul(pow(msg, -1, order), base) 44 | 45 | print(f"{enc = }") 46 | 47 | # Have a hint! 48 | bm = (1 << 412) - 1 49 | bm ^= ((1 << 22) -1) << 313 50 | bm ^= ((1 << 22) -1) << 13 51 | bm ^= 1 << 196 52 | hint = bm & pow(msg, -1, order) 53 | print(f"{hint = }") 54 | 55 | ''' 56 | enc = (29389900956614406804195679733048238721927197300216785144586024378999988819550861039522005309555174206184334563744077143526515, 35393890305755889860162885313105764163711685229222879079392595581125504924571957049674311023316022028491019878405896203357959) 57 | hint = 323811241263249292936728039512527915123919581362694022248295847200852329370976362254362732891461683020125008591836401372097 58 | ''' 59 | -------------------------------------------------------------------------------- /crypto/jwt/.gitignore: -------------------------------------------------------------------------------- 1 | __pycache__/ -------------------------------------------------------------------------------- /crypto/jwt/hosted/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:3.8-alpine 2 | 3 | WORKDIR /jwt 4 | 5 | COPY requirements.txt requirements.txt 6 | RUN apk add --no-cache build-base musl-dev gmp-dev mariadb-dev 7 | RUN pip3 install -r requirements.txt 8 | RUN pip3 install gunicorn mysqlclient 9 | 10 | COPY . . 11 | 12 | CMD [ "gunicorn", "-w" , "4", "-b", "0.0.0.0", "app:app"] -------------------------------------------------------------------------------- /crypto/jwt/hosted/models.py: -------------------------------------------------------------------------------- 1 | from flask_sqlalchemy import SQLAlchemy 2 | 3 | db = SQLAlchemy() 4 | 5 | 6 | class User(db.Model): 7 | id = db.Column(db.Integer, primary_key=True) 8 | username = db.Column(db.String, nullable=False) 9 | password = db.Column(db.String, nullable=False) 10 | 11 | def __repr__(self): 12 | return f"" 13 | -------------------------------------------------------------------------------- /crypto/jwt/hosted/requirements.txt: -------------------------------------------------------------------------------- 1 | Flask==2.1.3 2 | Flask-Cors==3.0.10 3 | Flask-SQLAlchemy==2.5.1 4 | fastecdsa==2.2.3 5 | pycryptodome==3.15.0 -------------------------------------------------------------------------------- /crypto/jwt/hosted/secret.py: -------------------------------------------------------------------------------- 1 | flag = "maple{3ll1pt!c_c2rv3s_f7w!!!}" 2 | 3 | private = 48851004221674385686123624098528909906235635313442021459577134258726978602540 4 | -------------------------------------------------------------------------------- /crypto/jwt/hosted/startup.txt: -------------------------------------------------------------------------------- 1 | CREATE TABLE User ( 2 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, 3 | username VARCHAR(255) NOT NULL, 4 | password VARCHAR(255) NOT NULL 5 | ); -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/background-image-golden.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/background-image-golden.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/background-image-golden2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/background-image-golden2.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/background-image-grey.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/background-image-grey.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/background-image.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/background-image.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/border-image-golden.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/border-image-golden.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/border-image-golden2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/border-image-golden2.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/border-image-grey.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/border-image-grey.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/border-image.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/border-image.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/button-background.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/button-background.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/button-down.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/button-down.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/button-golden-down.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/button-golden-down.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/button-golden-hover.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/button-golden-hover.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/button-golden-left.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/button-golden-left.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/button-golden-right.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/button-golden-right.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/button-golden.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/button-golden.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/button-hover.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/button-hover.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/button.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/button.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/checkbox-golden-off.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/checkbox-golden-off.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/checkbox-golden-on.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/checkbox-golden-on.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/checkbox-off.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/checkbox-off.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/checkbox-on.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/checkbox-on.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/cursor/cursor.cur: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/cursor/cursor.cur -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/cursor/default.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/cursor/default.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/cursor/grab-close.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/cursor/grab-close.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/cursor/grab-open.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/cursor/grab-open.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/cursor/point.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/cursor/point.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/cursor/select.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/cursor/select.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/hr-golden.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/hr-golden.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/hr.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/hr.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/icons/armor-slot.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/icons/armor-slot.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/icons/empty-slot.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/icons/empty-slot.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/icons/exclamation.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/icons/exclamation.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/icons/helmet-slot.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/icons/helmet-slot.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/icons/magic-slot.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/icons/magic-slot.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/icons/potion-blue.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/icons/potion-blue.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/icons/potion-green.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/icons/potion-green.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/icons/potion-red.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/icons/potion-red.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/icons/potion-slot.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/icons/potion-slot.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/icons/ring-slot.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/icons/ring-slot.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/icons/shield-slot.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/icons/shield-slot.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/icons/shield.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/icons/shield.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/icons/shoes-slot.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/icons/shoes-slot.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/icons/sword.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/icons/sword.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/icons/weapon-slot.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/icons/weapon-slot.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/progress-bar-left.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/progress-bar-left.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/progress-bar-right.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/progress-bar-right.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/progress-bar-track.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/progress-bar-track.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/progress-blue.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/progress-blue.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/progress-green.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/progress-green.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/progress-red.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/progress-red.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/progress.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/progress.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/radio-golden-off.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/radio-golden-off.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/radio-golden-on.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/radio-golden-on.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/radio-off.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/radio-off.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/radio-on.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/radio-on.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/scrollbar-button.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/scrollbar-button.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/scrollbar-thumb.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/scrollbar-thumb.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/scrollbar-track.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/scrollbar-track.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/select-background-image.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/select-background-image.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/select-border-image.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/select-border-image.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/slider-left-golden.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/slider-left-golden.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/slider-left.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/slider-left.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/slider-right-golden.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/slider-right-golden.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/slider-right.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/slider-right.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/slider-thumb-golden.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/slider-thumb-golden.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/slider-thumb.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/slider-thumb.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/slider-track-golden.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/slider-track-golden.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/img/slider-track.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/crypto/jwt/hosted/static/img/slider-track.png -------------------------------------------------------------------------------- /crypto/jwt/hosted/static/style.css: -------------------------------------------------------------------------------- 1 | input { 2 | text-shadow: none !important; 3 | margin: 10px auto; 4 | } 5 | 6 | .center-container { 7 | margin: 50px auto; 8 | position: static !important; 9 | width: 60%; 10 | padding: 30px !important; 11 | } 12 | 13 | * { 14 | user-select: text !important; 15 | } 16 | 17 | html { 18 | background-image: url("https://opengameart.org/sites/default/files/Preview_143.png"); 19 | background-size: cover; 20 | } 21 | -------------------------------------------------------------------------------- /crypto/jwt/hosted/templates/base.html: -------------------------------------------------------------------------------- 1 | 2 | {% block title %}{% endblock %} - Welcome! 3 | 4 | 5 | 6 | 7 |
8 | 19 |
20 |
21 | {% block header %}{% endblock %} 22 |
23 | {% for message in get_flashed_messages() %} 24 |

{{ message }}

25 | {% endfor %} 26 | {% block content %}{% endblock %} 27 |
28 |
29 | 30 | 31 | 32 | 33 | -------------------------------------------------------------------------------- /web/bookstore/hosted/views/login.ejs: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Bookstore 6 | 7 | 8 | 9 | 10 | 11 | 12 |
13 |
14 |
15 |
16 |
17 |

Please Login

18 |
19 |
20 |
21 | 22 | 23 | 24 | 25 |
26 | 27 | 28 | 29 | <% if (message) { %> 30 |

31 | <%= message %> 32 |

33 | <% } %> 34 |
35 |
36 |
37 |
38 | 39 | 40 | 41 | -------------------------------------------------------------------------------- /web/bookstore/hosted/views/register.ejs: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Bookstore 6 | 7 | 8 | 9 | 10 | 11 | 12 |
13 |
14 |
15 |
16 |
17 |

Please Register

18 |
19 |
20 |
21 | 22 | 23 | 24 | 25 |
26 | 27 | 28 | 29 | <% if (message) { %> 30 |

31 | <%= message %> 32 |

33 | <% } %> 34 | 35 | <% if (link) { %> 36 | Log in here 37 | <% } %> 38 |
39 |
40 |
41 |
42 | 43 | 44 | 45 | -------------------------------------------------------------------------------- /web/bookstore/static/bookstore.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/web/bookstore/static/bookstore.zip -------------------------------------------------------------------------------- /web/honksay/.gitignore: -------------------------------------------------------------------------------- 1 | # Dependency directories 2 | node_modules/ 3 | # Fuckin hate mac 4 | .DS_Store -------------------------------------------------------------------------------- /web/honksay/hosted/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM node:alpine 2 | 3 | # Create app directory 4 | WORKDIR /usr/src/honksay 5 | 6 | # env values 7 | ENV PORT=9988 8 | ENV FLAG="maple{g00segoHONK}" 9 | 10 | RUN apk add --no-cache \ 11 | chromium \ 12 | nss \ 13 | freetype \ 14 | harfbuzz \ 15 | ca-certificates \ 16 | ttf-freefont \ 17 | nodejs 18 | 19 | ENV PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=true \ 20 | PUPPETEER_EXECUTABLE_PATH=/usr/bin/chromium-browser 21 | 22 | # Install rest of the packages 23 | COPY package*.json ./ 24 | RUN npm install 25 | 26 | # App src 27 | COPY . . 28 | 29 | # Expose port 30 | EXPOSE 9988 31 | 32 | # User 33 | RUN addgroup -S ctf && adduser -S ctf -G ctf 34 | USER ctf:ctf 35 | 36 | # Start 37 | CMD [ "node", "app.js"] 38 | -------------------------------------------------------------------------------- /web/honksay/hosted/goose.js: -------------------------------------------------------------------------------- 1 | const puppeteer = require('puppeteer'); 2 | const FLAG = process.env.FLAG || "maple{fake}"; 3 | 4 | async function visit(url) { 5 | let browser, page; 6 | return new Promise(async (resolve, reject) => { 7 | try { 8 | browser = await puppeteer.launch({ 9 | headless: true, 10 | args: [ 11 | '--no-sandbox', 12 | '--disable-default-apps', 13 | '--disable-dev-shm-usage', 14 | '--disable-extensions', 15 | '--disable-gpu', 16 | '--disable-sync', 17 | '--disable-translate', 18 | '--hide-scrollbars', 19 | '--metrics-recording-only', 20 | '--mute-audio', 21 | '--no-first-run', 22 | '--safebrowsing-disable-auto-update' 23 | ] 24 | }); 25 | page = await browser.newPage(); 26 | await page.setCookie({ 27 | name: 'flag', 28 | value: FLAG, 29 | domain: process.env.HOST || 'localhost', 30 | samesite: 'none' 31 | }); 32 | await page.goto(url, { waitUntil: 'networkidle2' }).catch(e => console.log(e)); 33 | console.log(page.cookies()); 34 | await new Promise(resolve => setTimeout(resolve, 500)); 35 | console.log("admin is visiting url:"); 36 | console.log(url); 37 | await page.close(); 38 | 39 | console.log("admin visited url"); 40 | page = null; 41 | } catch (err) { 42 | console.log(err); 43 | } finally { 44 | if (page) await page.close(); 45 | console.log("page closed"); 46 | if (browser) await browser.close(); 47 | console.log("browser closed"); 48 | //no rejectz 49 | resolve(); 50 | console.log("resolved"); 51 | } 52 | }); 53 | }; 54 | 55 | 56 | module.exports = { visit } -------------------------------------------------------------------------------- /web/honksay/hosted/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "honksay", 3 | "author": "vie", 4 | "version": "0.0.0", 5 | "private": true, 6 | "scripts": { 7 | "start": "echo ERR" 8 | }, 9 | "dependencies": { 10 | "cookie-parser": "^1.4.6", 11 | "express": "^4.18.1", 12 | "puppeteer": "^16.2.0", 13 | "xss": "^1.0.14" 14 | } 15 | } -------------------------------------------------------------------------------- /web/honksay/hosted/public/images/goosevie.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/web/honksay/hosted/public/images/goosevie.png -------------------------------------------------------------------------------- /web/honksay/static/honksay.tar.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/web/honksay/static/honksay.tar.gz -------------------------------------------------------------------------------- /web/pickle-factory/challenge-description.md: -------------------------------------------------------------------------------- 1 | Challenge description: My cousin said he once got fired for putting his pickle into the pickle slicer at his old workplace. Can you confirm that it's true for me? 2 | 3 | Note: flag lives on the local filesystem -------------------------------------------------------------------------------- /web/pickle-factory/docker-compose.yml: -------------------------------------------------------------------------------- 1 | services: 2 | pickle-factory: 3 | container_name: pickle-factory 4 | build: 5 | context: ./hosted 6 | dockerfile: ./Dockerfile 7 | ports: 8 | - "9229:9229" 9 | -------------------------------------------------------------------------------- /web/pickle-factory/hosted/.gitignore: -------------------------------------------------------------------------------- 1 | __pycache__/ -------------------------------------------------------------------------------- /web/pickle-factory/hosted/Dockerfile: -------------------------------------------------------------------------------- 1 | # thanks vie 2 | 3 | FROM python:3 4 | 5 | COPY ./requirements.txt /app/requirements.txt 6 | 7 | WORKDIR /app 8 | 9 | RUN pip install -r /app/requirements.txt 10 | 11 | COPY . . 12 | 13 | EXPOSE 9229 14 | 15 | RUN groupadd ctf 16 | RUN useradd -g ctf ctf 17 | RUN chmod 775 /app 18 | USER ctf:ctf 19 | 20 | CMD ["python3", "-u", "app.py"] 21 | -------------------------------------------------------------------------------- /web/pickle-factory/hosted/flag.log: -------------------------------------------------------------------------------- 1 | Employee Termination Form 2 | Date: 2022/06/09 3 | Name of Terminated Employee: XXXX 4 | Address: XXXXXXXX 5 | Reason: Stuck his pickle into the pickle slicer. maple{he_was_fired_and_so_was_she} 6 | -------------------------------------------------------------------------------- /web/pickle-factory/hosted/requirements.txt: -------------------------------------------------------------------------------- 1 | jinja2 == 3.1.2 -------------------------------------------------------------------------------- /web/pickle-factory/hosted/templates/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Pickle Factory 6 | 7 | 8 | 9 |

Send code for processing!

10 |
11 | 12 | 13 |
14 |

View previously submitted pickles!

15 |
16 | 17 | 18 | 19 | 20 | -------------------------------------------------------------------------------- /web/pickle-factory/static/pickle-factory.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ubcctf/maple-ctf-2022-public/3252b12190523fd107d3cfe2ad5e713dcefc9597/web/pickle-factory/static/pickle-factory.zip --------------------------------------------------------------------------------