IJCTF 2020 - adventure | Ulisse

Description

Three hidden keys open three secret gates
Wherein the errant will be tested for worthy traits
And those with the skill to survive these straits
Will reach The End where the prize awaits

Flag is in form IJCTF{copper key + jade key + crystal key}

Author: Harsh

Hint

The first clue is hidden on the website …
File names and titles are useful

Solution

All this challenge is a reference to the film Ready player one as we can see in the description of the challenge. We used this information to our advantage.

Steganography

In the main page of the challenge we found a long HTML comment:

Form this comment when we deleted spaces and new line and converted to ASCII:

I created three keys. Three hidden challenges test for worthy traits revealing three hidden keys to three hidden gates. The keys aren’t just laying around under a rock somewhere. I suppose you could say they’re invisible, hidden in a dark room that’s at the center of a maze that’s located somewhere up here. Maybe you should take a closer look at our logo………………………………………………

So we started looking at the logo.

We found in the logo image at ijctf.ml some text.

With the help of steghide we extracted a file:

steghide --extract -sf logo.jpg

content of the hidden File :

https://pastebin.com/Ue2VUDjk
> https://www.ijctf.ml/themes/core/static/img/QjMvUzIz.png
> https://pastebin.com/dbQXYRvZ

Since the description of the challenge said that there were three parts of the key it was safe to assume every link was a different challenge.

Copper key - Merkle–Hellman knapsack cryptosystem

Description

M.H. is an asymmetric cryptosystem. The public key is composed of n integer values, with n corresponding to the number of bits of the message

We define the n bits -> $b_{i} \forall i \in \{1, ..., n\} , b_{i} \in \{0, 1\}$
We define the knapsack -> $k_{i} \forall i \in \{1, ..., n\} , k_{i} \in \Z$

cipher text = $\sum_{i=1}^{n} k_{i} * b_{i}$

The private key is a superincreasing knapsack, with a multiplier and a modulus used to transform the private key in into public key. Anyway, we don’t need the private key to solve this one

We had a file containing many knapsacks of public key and the ciphertext encoded. Every knapsack was a list of 16 integers.

Solution

Simply trying every possible combination was an 2^16 iterations problem, so quite an easy one.

Some code

That was it.

kn4ps4ck_brut3_f0rrc3_f0rrc3

Jade key - Game of life

Description

Image not found!

The filename of the image was base64 encoded:

$ ls | cut -d '.' -f1 | base64 -d
B3/S23

B3/S23 stands for a set of rules for the game of life.
We used golly to import the png file after editing the colour map with GIMP.

Running golly gave us the flag:

Image not found!

u1t1m4t3_g4m3_0f_l1f3

Crystal key - Fourier series

Description

The name of the file redirected us to a YouTube video about drawing with the Fourier series.

The file contained a malformed Fourier series. After formatting the series and added the time variable that was missing we plotted it with a numpy function.

Image not found!

With some imagination, you can see the text IROK , a character of Ready player one.

The final flag can now be submitted: IJCTF{kn4ps4ck_brut3_f0rrc3_u1t1m4t3_g4m3_0f_l1f3_IROK}

Description#

Solution#

Steganography#

Copper key - Merkle–Hellman knapsack cryptosystem#

Description#

Solution#

Jade key - Game of life#

Description#

Crystal key - Fourier series#

Description#

Participants#

Description

Solution

Steganography

Copper key - Merkle–Hellman knapsack cryptosystem

Description

Solution

Jade key - Game of life

Description

Crystal key - Fourier series

Description

Participants