Weekly Challenges
Cyber security related challenges made by Kevin Wong
Cyber security related challenges made by Kevin Wong
Here is week 1's weekly challenge.
The challenge is broken down into both beginner and
intermediate levels where the goal is to retrieve the password somewhere
in these lines of code.
Post the uncovered passwords under #💡kevins-weekly-chal-solutions in our discord
496620796f75206172652072656164696e6720746869732c20796f752776652066696775726564206f75742074686174207468652066697273742070617274206f66206d79206d65737361676520697320626173652d313628206865782f68657861646563696d616c2920656e636f6465642e20436f6e74696e7565206f6e20746f20746865207365636f6e6420636f6465
9-6 25-15-21'18-5 1-2-12-5 20-15 18-5-1-4 20-8-9-19; 20-8-5-14 25-15-21 6-9-7-21-18-5-4 15-21-20 20-8-1-20 20-8-9-19 20-25-16-5 15-6 5-14-3-18-25-16-20-9-15-14 9-19 1-26126. 15-14-20-15 20-8-5 6-9-14-1-12 18-5-22-5-1-12
WW91J3ZlIHVuY292ZXJlZCB0aGUgbGFzdCBtZXNzYWdlISBJdCBpcyBiYXNlLTY0IGVuY29kZWQgYW5kCm15IHBhc3N3b3JkIGlzOiAzbmNyeXB0X3RoMSQK
My super-duper encrypt-o-matic system messed up the algorithm to encrypt my password in.
Can you help me reclaim my password?
DtdnF25tGtwpGELnktF6PNGuXOI4E3wHQNjgGX==
If you are reading this, you've figured out that the first part of my message is base-16( hex/hexadecimal) encoded. Continue on to the second code <= (base-16 encoded) if you're able to read this; then you figured out that this type of encryption is a261z. onto the final reveal <= (A261Z encoded) You've uncovered the last message! It is base-64 encoded and my password is: 3ncrypt_th1$ <= (base-64 encoded)
DtdnF25tGtwpGELnktF6PNGuXOI4E3wHQNjgGX== (Caesar Cipher - shift 7)
WmwgY25mZmpiZXEgdmY6IGZnQHB4X3pAJGczZQ== (base 64)
Zl cnffjbeq vf: fg@px_z@$g3e (ROT-13)
Final Solution:
My password is: st@ck_m@$t3r
Week 2 / 3 is Wireshark analysis! Here are some challenges to dive right in!
Since its break week; we'll take these up during October 22nd's meeting!
See BeginnerChal.pcapng (under resource tab) Find the password, HTTP version and request type in your answer, formatted as followed: flag {myP@ss_2.0_GET}
See InterChall_pita.pcapng
Clue: It looks like someone dumped our database. Please help us know what has been leaked...