• Donald Ashdown

NA CTF - Forensics/Web & General

Newark Academy CTF (NACTF) is an online jeopardy-style cybersecurity competition hosted by Newark Academy's Computer Science Club. Form teams with up to 5 members and win awesome prizes! Teams compete to decrypt, hack, or reverse engineer challenges in topics like cryptography, forensics, and binary exploitation.

Survey - 1 point

Summary: Fill out the survey

Join the Discord - 10 points

Summary: Join Discord

Intro to Flags - 10 points

Summary: Confirm flag entry process

Basics - 30 points


  • base64 decode string

Walk through

  1. Copy the base64 and decode within Linux or in an online decoder and we receive the flag. The lesson here can be a reminder of the differences between encoding, hashing and encryption.

Grep 0 - 50 points


  • Print out all strings within the binary and grep for the "CTF" string.

Walk through:

  1. Run strings and Grep for 'ctf' on the flag.zip file

Numbers - 50 points


  • Our string of numbers is shifted by a count of 1 on the ascii table.

Walk through

  1. We receive a file with the following string - 111 98 100 117 103 124 98 116 100 50 50 96 89 67 53 83 68 83 54 126

  2. Reviewing this string on the asci table initially shows nothing but upon further observation we noticed that the characters spell nactf when shifted by -1.

3. Re-writing the characters with a shift of -1 and because we had identified this string as decimal/ascii we run it through a dec to text converter.

Hashbrowns - 50 points

  • This challenge requires that we crack the md5 hash, which is done with rainbow tables.

  1. Copying and pasting the hash into a crack station yields the password.

Inspect - 50 points


  1. Visit the website and inspect the page. The page suggests HTML and CSS so the first place I went was to the CSS where I found the flag.

Missing Image - 75 points

Walk through:

We inspect the website with the hint in mind, which suggests images. Looking through the HTML showed nothing, but when I reviewed the network tab I noticed a .png and appended the directory and found the flag.

Forms - 125 points

We are presented with a website and upon visiting we seem tons of login forms.

Inspecting the web page we see a script at the bottom which shows us the script with plain text credentials. We still need to figure out which one of the many forms the credentials need to be entered. We notice the function that holds these credentials is called verify. Searching for the string verify on the webpage we find the function verify specified in the form 673.

We login and find our flag.

Calculator - 150

We are offered a hint about a flag variable that will come in handy.

We see the website not only calculates our numbers that we input, but it actually reflects what ever you input. So after some time and payload testing I thought to enter $flag as a variable and it output the contained string within the variable.

Cookie recipe - 150 points

We simple visit the web page and check our existing cookies of which there are none. Upon inspecting the website further, we see that a cookie is referenced.

If we just add that cookie to our browser we can login with any account and gain access to the flag.

Login - 175 points

We are given a login page, and trying standard payloads from a list eventually by passes the login page.

Gummies - 50 points

This challenge is a basic steganography challenge where the flag can be retrieved with the use of zsteg.

Metamorphizes - 75 points

This was an easy challenge that I solved on first instinct which was to run exif to exfiltrate attribute data and there was the flag.

Turnips - 100 points

This was another easy one and the flag was found within strings.

Turnips 2 - 150 points

This was a classic challenge that involved repairing a corrupted PNG.

Utilizing zsteg we are able to identify that the file is corrupted and has signs on PNG headers.

I opened the file with ghex and noticed the bottom of the file displayed IEND which suggests this png file uses IHDR chunking format. We can also see the G of the PNG header, and the I and D of the IHDR header in the initial Hex view.

Simply changing this provides our desired results.

10 views0 comments