# IWCON CTF 2023

> Start Time: 14th December 2023, 5:30 PM IST

> End Time: 15th December 2023, 5:30 PM IST

<br>

## Challenges

### WARMUP

* [Socialize](#socialize)
* [runme](#runme)

## Crypto

* [Rota23r](#rota23r)
* [c0l0rcrypt](#c0l0rcrypt)

## MISC

* [D3CODE2](#D3CODE2)
* [Decrypt the Hidden Message](#decrypt-the-hidden-message)
* [QueueAre](#QueueAre)
* [Into The Shadows](#into-the-shadows)
* [Survival](#survival)

<br>

***

<br>

## WARMUP

### Socialize

* Learn to socialize!
* <https://discord.gg/H7sQx76n>
* Flag format: IWCON{}

Flag is in `iwcon-ctf` channel

![image](https://github.com/Aftab700/Writeups/assets/79740895/89de8ffe-c4e1-421f-9fb8-f0d591c9f2fc)

Flag: `IWCON{y0u_w3r3_h3r3_f!rst}`

### runme

* code me!
* Flag format: IWCON{}
* [runme.class](https://github.com/Aftab700/Writeups/blob/main/CTF/files/runme.class)

using online decompiler we get [java code](https://www.decompiler.com/jar/6ae10a74e255424f99b8b8b431e7975b/runme.java)

<details>

<summary>Click to see code :diamond_shape_with_a_dot_inside:</summary>

```java

import java.util.Arrays;
import java.util.Base64;

public class iwcon {
   public static String get_flag() {
      byte[] var0 = "YPSiRhFjpXbIfgVc]NnHoeWlJ_mOEUQT[L`^kKGMda\\Z".getBytes();
      byte[] var1 = "c54h1dW2z1yVNTdfzRITS9MJMnj53ByM3Xz0D7azN9Xe".getBytes();
      byte[] var2 = new byte[var1.length];

      for(int var3 = 0; var3 < var1.length; ++var3) {
         var2[var3] = var1[var0[var3] - 69];
      }

      System.out.println(Arrays.toString(Base64.getDecoder().decode(var2)));
      return new String(Base64.getDecoder().decode(var2));
   }

   public static void main(String[] var0) {
      System.out.println();
   }
}

```

</details>

in this code we modify main function to add call to `get_flag()`

```java
public static void main(String[] var0) {
      System.out.println(get_flag());
   }
```

![image](https://github.com/Aftab700/Writeups/assets/79740895/5887d9de-d232-4534-8825-6c621f3551bc)

Flag: `IWCON{y0u_4r3_a_r3v3rs3_3ngin33r}`

## Crypto

### Rota23r

```
📣Nggragvba unpxref!
VJPBA 2023 PGS fgnegf ba 🗓14gu Qrprzore 2023, ⌚5:30 CZ VFG.
Rkpvgvat cevmrf gb or jba🎁🏆
Vs lbh unira'g lrg ertvfgrerq, ertvfgre Abj: uggcf://pgs.vjpba.yvir
ernq gur ehyrf

Flag format: IWCON{}
```

this is rot13 and it decodes to

```
Attention hackers!
IWCON 2023 CTF starts on 🗓14th December 2023, ⌚5:30 PM IST.
Exciting prizes to be won🎁🏆
If you haven't yet registered, register Now: https://ctf.iwcon.live
read the rules
```

in the source code of rules page we can see this comment

![image](https://github.com/Aftab700/Writeups/assets/79740895/3318cae8-6b9f-4b78-8e7d-ab0e86514c56)

this is rot13 of `M0V_M3_T0_G3T_TH3_FL4G`

Flag: `IWCON{M0V_M3_T0_G3T_TH3_FL4G}`

### c0l0rcrypt

* Dive into the world of ChromaCrypt, a mysterious box that conceals messages within encoded color sequences. Unraveling the mapping between colors and characters to unveil the hidden message.
* Flag format: IWCON{}

![c0l0r](https://github.com/Aftab700/Writeups/assets/79740895/dc06dae6-c2d9-4ab7-8bdc-4e13e2c1a13b)

This is **Hexahue** cipher <https://www.dcode.fr/hexahue-cipher\\>
decoded value: HU3H3XACRYPT

Flag: `IWCON{HU3H3XACRYPT}`

## MISC

### D3CODE2

* What is it trying to convey? Can you help me understand it? 💻
* Flag format: IWCON{}

```
EUZGKJJSMUSTEZJFGJSSKMTFEUZDAJJSMUSTEZJFGJSSKMTEEUZGIJJSGASTEZRFGIYCKMTFEUZGKJJSMUSTEZJFGJSSKMRQEUZGIJJSMUSTEZJFGJSSKMTFEUZDAJJSMYSTEMBFGJSCKMTFEUZGKJJSMUSTEZJFGIYCKMTFEUZGKJJSMUSTEZJFGJSCKMRQEUZGMJJSGASTEZJFGJSSKMTFEUZGKJJSMQSTEMBFGJSSKMTFEUZGKJJSMUSTEZBFGIYCKMTGEUZDAJJSMUSTEZJFGJSSKMTFEUZGKJJSGASTEZJFGJSSKMTFEUZGKJJSMQSTEMBFGJTCKMRQEUZGKJJSMUSTEZJFGJSCKMTEEUZDAJJSMQSTEZBFGJSCKMTEEUZGIJJSGASTEZRFGIYCKMTFEUZGKJJSMUSTEZBFGJSCKMRQEUZGKJJSMUSTEZJFGJSSKMTFEUZDAJJSMYSTEMBFGJSSKMTFEUZGKJJSMQSTEZBFGIYCKMTEEUZGIJJSMUSTEZJFGJSSKMRQEUZGMJJSGASTEZBFGJSSKMTFEUZGKJJSMUSTEMBFGJSSKMTFEUZGKJJSMUSTEZJFGIYCKMTGEUZDAJJSMUSTEZJFGJSSKMTFEUZGKJJSGASTEZJFGJSSKMTFEUZGKJJSMQSTEMBFGJTCKMRQEUZGKJJSMUSTEZJFGJSSKMTEEUZDAJJSMUSTEZJFGJSCKMTEEUZGIJJSGASTEZRFGIYCKMTFEUZGKJJSMUSTEZBFGJSCKMRQEUZGKJJSMQSTEZBFGJSCKMTEEUZDAJJSMYSTEMBFGJSSKMTFEUZGKJJSMUSTEZJFGIYCKMTEEUZGIJJSMQSTEZJFGJSSKMRQEUZGMJJSGASTEZJFGJSSKMTFEUZGIJJSMQSTEMBFGJSSKMTFEUZGIJJSMQSTEZBFGIYCKMTGEUZDAJJSMQSTEZJFGJSSKMTFEUZGKJJSGASTEZJFGJSSKMTFEUZGIJJSMQSTEMBFGJTCKMRQEUZGIJJSMQSTEZJFGJSSKMTFEUZDAJJSMQSTEZBFGJSSKMTFEUZGKJJSGASTEZRFGIYCKMTEEUZGKJJSMUSTEZJFGJSSKMRQEUZGKJJSMUSTEZJFGJSSKMTEEUZDAJJSMYSTEMBFGJSSKMTFEUZGKJJSMUSTEZBFGIYCKMTEEUZGKJJSMUSTEZJFGJSSKMRQEUZGMJJSGASTEZJFGJSSKMTFEUZGIJJSMQSTEMBFGJSCKMTEEUZGIJJSMQSTEZJFGIYCKMTGEUZDAJJSMUSTEZJFGJSSKMTEEUZGIJJSGASTEZBFGJSCKMTEEUZGIJJSMQSTEMBFGJTCKMRQEUZGIJJSMUSTEZJFGJSSKMTFEUZDAJJSMUSTEZBFGJSCKMTEEUZGIJJSGASTEZRFGIYCKMTFEUZGKJJSMUSTEZJFGJSCKMRQEUZGKJJSMUSTEZJFGJSSKMTEEUZDAJJSMYSTEMBFGJSSKMTFEUZGKJJSMUSTEZJFGIYCKMTFEUZGKJJSMQSTEZBFGJSCKMRQEUZGMJJSGASTEZJFGJSSKMTFEUZGIJJSMQSTEMBFGJSCKMTEEUZGIJJSMQSTEZBFGIYCKMTGEUZDAJJSMUSTEZJFGJSSKMTFEUZGKJJSGASTEZBFGJSCKMTEEUZGKJJSMUSTEMBFGJTCKMRQEUZGKJJSMUSTEZJFGJSCKMTEEUZDAJJSMUSTEZJFGJSSKMTEEUZGIJJSGASTEZRFGIYCKMTFEUZGKJJSMUSTEZJFGJSCKMRQEUZGIJJSMQSTEZBFGJSCKMTFEUZDAJJSMYSTEMBFGJSCKMTEEUZGKJJSMUSTEZJFGIYCKMTEEUZGIJJSMQSTEZJFGJSSKMRQEUZGMJJSGASTEZJFGJSSKMTFEUZGKJJSMQSTEMBFGJSSKMRQEUZGMJJSGASTEZBFGJSSKMTFEUZGKJJSMUSTEMBFGJSCKMTFEUZGKJJSGASTEZRFGIYCKMTEEUZGKJJSMUSTEZJFGJSSKMRQEUZGIJJSMQSTEZJFGJSSKMTFEUZDAJJSMYSTEMBFGJSSKMTFEUZGKJJSMQSTEZBFGIYCKMTFEUZGKJJSMUSTEZBFGJSCKMRQEUZGMJJSGASTEZJFGJSSKMTFEUZGKJJSMQSTEMBFGJSCKMTEEUZGIJJSMQSTEZJFGIYCKMTGEUZDAJJSMUSTEZJFGJSSKMTFEUZGKJJSGASTEZBFGJSCKMTEEUZGKJJSMUSTEMBFGJTCKMRQEUZGKJJSMUSTEZJFGJSCKMTEEUZDAJJSMQSTEZBFGJSCKMTEEUZGIJJSGASTEZRFGIYCKMTFEUZGKJJSMUSTEZBFGJSCKMRQEUZGIJJSMUSTEZI
```

This is recursive encoding Base32 > URL Encoding > Morse Code > Hex > Base64

After decoding all these encodings we get the flag

Flag: `IWCON{y0u_g0t_th4t_r16h7!}`

### Decrypt the Hidden Message

* 🔍Howdy, Cyber Sleuths! Gather 'round for the "Crypto Starter Challenge" in the world of Codeburg. Two mysterious figures, Cipher Steve and Enigma Emily, have shared an image.Rumor has it there's more to it than meets the eye – a hidden treasure waiting to be discovered.
* Your Mission: If you choose to accept, is to break through the cryptographic cloak and unveil the concealed message. It's time to play "crypto detective" and decode the secrets these mysterious figures have tucked away.
* Flag Format: iwconctf{}
* Author: Priyatham
* File: [hidden.jpeg](https://github.com/Aftab700/Writeups/blob/main/CTF/files/hidden.jpeg)

open this file with text editor flag is in text format

Flag: `iwconctf{tr3asur3_9n_7h3_95land}`

### QueueAre

* Follow the 'R'abbit in a 'Q'
* Flag format: IWCON{}
* File: [QueueAre.zip](https://github.com/Aftab700/Writeups/blob/main/CTF/files/QueueAre.zip)

This zip file have 9 images of partial qr code, i used GIMP to organize qr code

![image](https://github.com/Aftab700/Writeups/assets/79740895/45e3c320-269e-4be4-a3a8-8a25daae195d)

This qr code decode to `https://pastebin.com/3UpH81pz`\
It have this following code at line 161 `<iframe src='SVdDT057WTBVXzRSM180X0czTjFVU30='>` It is Base64 encoded flag.

Flag: `IWCON{Y0U_4R3_4_G3N1US}`

### Into The Shadows

* Am I FUNCTIONing right?
* File: [javascript.zip](https://into-the-shadows.s3.eu-north-1.amazonaws.com/javascript.zip)

In this zip we have tons of js files, so based on my CTF experience i guessed that it would have Base64 of flag so i did recursive grep for `SVdDT05` which is Base64 of `IWCON` (from flag format) 😅

```
grep -ira "SVdDT05" *
```

![image](https://github.com/Aftab700/Writeups/assets/79740895/956b53e2-579c-488d-a94f-60ee00afb8b0)

Here we can see the Base64 encoded flag.

Flag: `IWCON{hi33d3n_in_th3_shad0ws}`

### Survival

* Survival of the fittest!
* Password hash: `5E536069E1B0D86997C06889B734BD8FAAFEECEC9083AAFECA79F787C875F787B740418D57E5B352`
* Hint: CVE-2022-25012

This CVE is about Argus Surveillance DVR 4.0 - Weak Password Encryption using this [PoC](https://github.com/s3l33/CVE-2022-25012/blob/main/CVE-2022-25012.py) we get the flag

Flag: `IWCON{y0u_survived?}`

<br>

:octocat: Happy Hacking :octocat:


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://aftab700.gitbook.io/writeups/ctf/ctfs/iwcon_ctf_2023.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.