[Pragyan CTF] The Vault



[!@# a-z $%^ A-Z &* 0-9] [1,3]
All we got is a file and regular expression.
Lets run file command on the file to determine its type:

The file is KDB file which is Keepass password database. Keepass is a famous opensource password manager.

I tried open it using KeePassX for windows, but we need a password to open the database. The password probably should match the regex, so I generated a dictionary with all the possible passwords (more then 300,000 words).


And I the ran John the Ripper to crack the password and went to eat lunch.

When I came back I saw that John found the password, now lets open the file:


The flag was pragyanctf{closed_no_more}

[Pragyan CTF] Lost Friends



Lost Friends Stego 300

Moana and her friends were out on a sea voyage, spending their summer joyously.
Unfortnately, they came across Charybdis, the sea monster. Charybdis, furious over having
unknown visitors, wreaked havoc on their ship. The ship was lost.

Luckily, Moana survived, and she was swept to a nearby island. But, since then, she has not seen her
friends. Moana has come to you for help. She believes that her friends are still alive, and that you are the
only one who can help her find them


Moana has lost her friends and we need to help her find them. We are given with an image which is absolutely blank. I opened it in Photoshop and saw that it’s completely transparent. So I grabbed python and Pillow and canceled the alpha channel (which is responsible for transparency).

I got this image:

Wooho, Chipmunks! It seems like every chipmunk is on another channel, lets split the channels:

Now we have three images of chipmunks:

I played with them, trying to find the flag but found nothing. So I got back to the original image and opened it with Hex Editor. At the bottom of the file I found this hint: “Psssst, Director, maybe ??”. So the flag is probably the name of the director of chipmunks. According to Wikipedia, Chipmunks has 4 movies, I tried to submit with each director and found that the director of the third movie is the flag.

The flag was praganctf{MikeMitchell}

[Pragyan CTF] Evil Corp



fsociety has launched another attack at Evil Corp. However, Evil Corp has decided to encrypt the .dat file with a CBC cipher. Reports reveal that it is not AES and the key is relatively simple, but the IV might be long. And remember, fsociety and evilcorp are closely linked.

Hint! Snakes serve the fsociety. Hmmm.

Hint! fsociety and evilcorp are too close, even 16 characters long together. Damn


This challenge was tricky for lot of people, the riddle was hiding in the questions itself. The challenge doesn’t require high skills, just understanding the meaning behind the words and hints.

From the question we know it’s a CBC cipher, but which? I got it just after the first hint was released, something to do with snakes. hmm… Serpent! Serpent is another term for Snake, and there’s Serpent-CBC cipher.

What about the IV? We know several things about the IV:

  1. The length of Serpent-CBC IV must be 32 bytes,
    2. Most of the Serpent decrypters are taking the IV as hex sequence
    3. in the question: “but the IV might be long”
    4. in the Hint: “even 16 characters long together…fsociety and evilcorp are closely linked”.

So, this made me believe that the IV is “fsocietyevilcorp” because len(hex("fsocietyevilcorp"))==32.

So we now know the algorithm and the IV, what is the Key? The question says “the key is relatively simple”. So I tried online with some simple and “obvious” keys until I recognize a valid header of file and found that the key was “fsociety“.

We got a leet JPEG image with the flag:

The flag was pragyanctf{hellofriend}

[Pragyan CTF] Supreme Leader



North Korea reportedly has a bioweapon in the making. Hack into their database and steal it.

Link :

For the second web challenge we’re given with a URL, lets open it.

Cute Kim 🙂

Now let’d dump the headers of the response using curl:


We can see an interesting cookie:  KimJongUn=2541d938b0a58946090d7abdde0d3890_b8e2e0e422cae4838fb788c891afb44f. The value of the cookie is looking like 2 MD5 hashes combined with “_”. Let’s try to crack them online using my favorite site.

That’s it! Here is the flag: pragyanctf{send_nukes}

[Pragyan CTF] Answer To Everything



Shal has got a binary. It contains the name of a wise man and his flag. He is unable to solve it.

Submit the flag to unlock the secrets of the universe.


In this challenge we have a binary, I ran file command on it:


Haha, weird. It is actually an ELF file and not exe. Lets execute the binary and give it the answer to everything (’42’) as an input:

At first I though that “#kdudpeh” is the flag but it isn’t, neither “kdudpeh”. The name of the person in the question is Shal, looking like SHA1, and the binary says “submit without any tags”, so “hashtagkdudpeh” without the tag is just “hashkdudpeh”. So I tried to submit the result of SHA1(“kdudpeh”) as answer but failed again. Then I tried Caesar cipher on “kdudpeh” and find “harambe”.

So I again tried submit the flag, this time with Sha1(“harabe”).

The flag was pragyanctf{31a0d851ea10ad886ad4e99ed05892de06998ab9} which is SHA1("harambe")