[ASIS CTF] SecuPrim Writeup


Test your might.
secuprim.asis-ctf.ir 42738

Who doesn’t love a good PPC challenge? We provided with only a URL and Port so I ran Netcat and faced a bot detection system asking me for ‘X’. The message said that |X|=4. I gave the 2 possible options for absolute value of 4 and those were wrong answers.

Well, if |X| isn’t for ‘absolute value of()’ then it must be ‘length of()’. You can notice that both the string appended to X and the SHA256 result are changing in every connection. I wrote a python code to calculate the answer. You can find it in the script embedded below.  After answering I got another test which I’ve been asked to solve 30 times (with a different value each time):

I wrote the following script and got the flag:

[ASIS CTF] Sky Blue Writeup


Why is the sky blue?


We are given a PCAP file containing some Bluetooth traffic. The flag has probably been transmitted between the devices. Let’s see what files has been sent.

Binwalk found a PNG image but couldn’t export it. I opened Wireshark and searched for the string “PNG” in the packet bytes. I found the 7 packets containing the PNG and exported their packet bytes (i.e Only the DATA, without the header bytes of each packet: 02 0C 20 FC 03 F8 03 47 00 63 EF E6 07). I then concatenated the output files using HxD,


and deleted the extra data preceding the PNG file header.


We now have the PNG file which is the flag:


[ASIS CTF] CTF 101 Writeup


Watch your heads!

The description is telling the whole story. Simply look in the response’s header and you’ll find the flag. In order to do that open the browser’s Developer Tools (F12), bring to focus the Network tab and click the challenge. The HTTP requests will show up on the left panel. Select the request and the Flag header will be displayed on the right panel.


Decode the string with base64 and reveal the flag.