Write Up zh3r0 CTF 2020

here writeup for Knock Knock and Help me challenge .

Knock Knock — Master

From the title we know that there is something hidden in port ( Port Knocking ) . So the first step i do is try to do nmap scan on hackerit.zh3r0.ml

After i try to open port 3389 and it show something like dictionary .

After looking again at the scan result i realize that the open port is decimal ascii value . Finally i make a script to convert that dictionary i get with combination of port 48–125 (except port 80) . Here is the script.

Flag : zh3r0{You_n4iled1t}

Help Me — Crypto

Download disassembled_code and ciphertext.txt . Doing manual convert from python assembly to python script with reference from https://docs.python.org/3/library/dis.html

Here is the result

And ensuring that code by doing dis.dis(function_name) and it is same. So after that trying to figure out the key. The encoded_key is :

After doing many trials and error with my team, finally we found the correct encoding type which is base58 encoding. So decode with it and got this.

it looks like it’s still in the form of encoding , so i try to figure out it again and got the correct encoding which is rot47. Decode it with rot47 and got this.

Yeah exactly that is the key. Final step is writing script to automatically decode the encrypted flag. Here is the script.

Flag : zh3r0{pyth0n_di54ss3mbly_byt3c0d3_i5_s0_aw350m3}

CTF Player | Currently learning about Reverse Engineering and Cryptography