Weekly Challenges

Cyber security related challenges made by Kevin Wong


Weekly Challenge #1

Here is week 1's weekly challenge. The challenge is broken down into both beginner and intermediate levels where the goal is to retrieve the password somewhere in these lines of code.
Post the uncovered passwords under #💡kevins-weekly-chal-solutions in our discord

Beginner

496620796f75206172652072656164696e6720746869732c20796f752776652066696775726564206f75742074686174207468652066697273742070617274206f66206d79206d65737361676520697320626173652d313628206865782f68657861646563696d616c2920656e636f6465642e20436f6e74696e7565206f6e20746f20746865207365636f6e6420636f6465

9-6 25-15-21'18-5 1-2-12-5 20-15 18-5-1-4 20-8-9-19; 20-8-5-14 25-15-21 6-9-7-21-18-5-4 15-21-20 20-8-1-20 20-8-9-19 20-25-16-5 15-6 5-14-3-18-25-16-20-9-15-14 9-19 1-26126. 15-14-20-15 20-8-5 6-9-14-1-12 18-5-22-5-1-12

WW91J3ZlIHVuY292ZXJlZCB0aGUgbGFzdCBtZXNzYWdlISBJdCBpcyBiYXNlLTY0IGVuY29kZWQgYW5kCm15IHBhc3N3b3JkIGlzOiAzbmNyeXB0X3RoMSQK

Intermediate

My super-duper encrypt-o-matic system messed up the algorithm to encrypt my password in. Can you help me reclaim my password?

DtdnF25tGtwpGELnktF6PNGuXOI4E3wHQNjgGX==

Beginner Solution

If you are reading this, you've figured out that the first part of my message is base-16( hex/hexadecimal) encoded. Continue on to the second code <= (base-16 encoded) if you're able to read this; then you figured out that this type of encryption is a261z. onto the final reveal <= (A261Z encoded) You've uncovered the last message! It is base-64 encoded and my password is: 3ncrypt_th1$ <= (base-64 encoded)



Intermediate Solution

DtdnF25tGtwpGELnktF6PNGuXOI4E3wHQNjgGX== (Caesar Cipher - shift 7)
WmwgY25mZmpiZXEgdmY6IGZnQHB4X3pAJGczZQ== (base 64)
Zl cnffjbeq vf: fg@px_z@$g3e (ROT-13)
Final Solution:
My password is: st@ck_m@$t3r


Weekly Challenge #2

Week 2 / 3 is Wireshark analysis! Here are some challenges to dive right in!
Since its break week; we'll take these up during October 22nd's meeting!

Beginner

See BeginnerChal.pcapng (under resource tab) Find the password, HTTP version and request type in your answer, formatted as followed: flag {myP@ss_2.0_GET}

Intermediate

See InterChall_pita.pcapng
Clue: It looks like someone dumped our database. Please help us know what has been leaked...