TryHackMe - CTF collection Vol.1

Task 2 What does the base said?

VEhNe2p1NTdfZDNjMGQzXzdoM19iNDUzfQ==

The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis → https://gchq.github.io/CyberChef/
have capital - small - and at the end == → base64
https://gchq.github.io/CyberChef/ → base64 decode
THM{ju57_d3c0d3_7h3_b453}

Task 3 Meta meta

Meta! meta! meta! meta................................…

ExifTool is a powerful command-line tool for reading, writing, and editing metadata (EXIF, IPTC, XMP, and more) in various types of digital files, including images and documents.

THM{3x1f_0r_3x17}

Task 4 Mon, are we going to be okay?

Something is hiding. That's all you need to know.

Steghide is a command-line utility for hiding and extracting data within image and audio files through steganography techniques, allowing for covert information storage and retrieval.

THM{500n3r_0r_l473r_17_15_0ur_7urn}

Task 5 Erm......Magick

Huh, where is the flag?

THM{wh173_fl46}

Task 6 QRrrrr

Such technology is quite reliable.

Zbarimg is a command used for decoding barcodes and QR codes from image files using the Zbar library, which can be useful for automating the extraction of information from images with barcodes or QR codes.

THM{qr_m4k3_l1f3_345y}

Task 7 Reverse it or read it?

Both works, it's all up to you.

strings command is a utility in Unix and Linux operating systems that extracts and displays human-readable text from binary files, typically locating and printing sequences of printable characters.
grep is a command-line utility in Unix and Linux operating systems used to search and filter text or regular expressions within files.

THM{345y_f1nd_345y_60}

Task 8 Another decoding stuff

Can you decode it?
3agrSy1CewF9v8ukcSkPSYm3oKUoByUpKG4L

click om magic button → detect the decode automatically

THM{17_h45_l3553r_l3773r5}

Task 9 Left or right

Left, right, left, right... Rot 13 is too mainstream. Solve this
MAF{atbe_max_vtxltk}

ROT13 ("rotate by 13 places", sometimes hyphenated ROT-13) is a simple letter substitution cipher that replaces a letter with the 13th letter after it in the latin alphabet. ROT13 is a special case of the Caesar cipher which was developed in ancient Rome.

THM{hail_the_caesar}

Task 10 Make a comment

No downloadable file, no ciphered or encoded text. Huh ....…

Inspect mode allows you to select a particular element during session playback, and browse through recordings in which users have interacted with the element you have selected.
inspect (Q)

THM{4lw4y5_ch3ck_7h3_c0m3mn7}

Task 11 Can you fix it?

I accidentally messed up with this PNG file. Can you help me fix it? Thanks, ^^

The "image header" in digital images holds essential metadata like format, dimensions, and color depth, instructing software how to display the image. Formats like JPEG, PNG, BMP, and GIF have unique header structures.
go to → https://en.wikipedia.org/wiki/PNG

Hexedit is a command-line hexadecimal editor used to view and edit the hexadecimal content of binary files, enabling low-level manipulation of data within these files.

THM{Y35_W3_c4n}

Task 12 Read it

Some hidden flag inside Tryhackme social account.

inurl: This operator refines searches by finding keywords or phrases in webpage URLs, e.g., "inurl:technology."
intext: "intext" locates web pages with specific keywords or phrases in their main body text, such as "intext:"climate change."
intitle: It helps find web pages with specific keywords or phrases in their titles, like "intitle:"healthy recipes."

THM{50c14l_4cc0un7_15_p4r7_0f_051n7}

Task 13 Spin my head

What is this?

💡

++++++++++[>+>+++>+++++++>++++++++++<<<<-]>>>++++++++++++++.------------.+++++.>+++++++++++++++++++++++.<<++++++++++++++++++.>>-------------------.---------.++++++++++++++.++++++++++++.<++++++++++++++++++.+++++++++.<+++.+.>----.>++++.

Can you decode it?

Brainfuck is an esoteric programming language with an extremely minimalistic set of eight commands, designed for its simplicity and difficulty of use. It operates on a memory tape and is Turing complete, capable of performing any computation.
search for brainfuck decoder → this is brainfuck programming

THM{0h_my_h34d}

Task 14 An exclusive!

Exclusive strings for everyone!
S1: 44585d6b2368737c65252166234f20626d S2: 1010101010101010101010101010101010

XOR, short for "exclusive or," is a logical operation that returns true (or 1) if an odd number of true values are given as input.
https://xor.pw/#

THM{3xclu51v3_0r}

Task 15 Binary walk

Please exfiltrate my file :)

Binwalk is a command-line tool used for analyzing and extracting data from binary files, such as firmware images, executables, and other binary data. It's commonly used for identifying embedded files and file signatures within larger binary files.

THM{y0u_w4lk_m3_0u7}

Task 16 Darkness

There is something lurking in the dark.

Stegsolve is a tool used for analyzing and extracting hidden information from images. It's particularly useful for uncovering hidden messages or data concealed within images using various steganographic techniques

$ sudo su
$ wget http://www.caesum.com/handbook/Stegsolve.jar -O stegsolve.jar
$ chmod +x stegsolve.jar
$ mkdir bin
$ mv stegsolve.jar bin/
$ java -jar stegsolve.jar

THM{7h3r3_15_h0p3_1n_7h3_d4rkn355}

Task 17 A sounding QR

How good is your listening skill?
P/S: The flag formatted as THM{Listened Flag}, the flag should be in All CAPS

https://sclouddownloader.net/download-sound-track

THM{SOUNDINGQR}

Task 18 Dig up the past

Sometimes we need a 'machine' to dig the past
Targetted website: https://www.embeddedhacker.com/ Targetted time: 2 January 2020

Wayback Machine → Internet Archive's tool for viewing archived versions of websites.

THM{ch3ck_th3_h4ckb4ck}

Task 19 Uncrackable!

Can you solve the following? By the way, I lost the key. Sorry >.<
MYKAHODTQ{RVG_YVGGK_FAL_WXF}
Flag format: TRYHACKME{FLAG IN ALL CAP} Answer the questions below
The deciphered text

The Vigenère cipher → is a method of encrypting alphabetic text where each letter of the plaintext is encoded with a different Caesar cipher, whose increment is determined by the corresponding letter of another text, the key.

TRYHACKME{YOU_FOUND_THE_KEY}

Task 20 Small bases

Decode the following text.
581695969015253365094191591547859387620042736036246486373595515576333693

Decimal: The standard base-10 numbering system (0-9) we use daily for counting and calculations.
Hexadecimal (Hex): A base-16 numbering system (0-9 and A-F) often used in computing to represent binary data more conveniently.
ASCII: A character encoding standard that assigns decimal values to characters, enabling standardized text storage and communication.
decimal to hex → https://www.rapidtables.com/convert/number/decimal-to-hex.html

hex to ASCII → https://www.rapidtables.com/convert/number/decimal-to-hex.html

THM{17_ju57_4n_0rd1n4ry_b4535}

Task 21 Read the packet

I just hacked my neighbor's WiFi and try to capture some packet. He must be up to no good. Help me find it.

PCAP stands for Packet Capture, which is a file format used to store network packet data captured from a network interface. It is commonly associated with network analysis and troubleshooting activities. PCAP files contain the raw data of network packets, including the headers and payloads of each packet.

follow HTTP stream

THM{d0_n07_574lk_m3}