How to pass a cyber test on "Checkpoint"

 3r33464. 3r3-31. Hello everyone, I'm Nikita Curtin , curator of the Israeli IT and Security High School HackerU
 3r33464.
 3r33464. This summer, the leading Israeli company in the field of information security Checkpoint , has published a series of cyber tests.
 3r33464.
 3r33464. The tasks were divided into six categories:
 3r33464. • Logic 3r3452.  3r33464. • Web 3r3452.  3r33464. • Programming 3r3452.  3r33464. • Networking 3r3452.  3r33464. • Reversing
 3r33464. • Surprise
 3r33464.
 3r33464. Two tasks for each direction. In this post I will tell you how only four tests took place, in the following three others:
 3r33464.
 3r33464. Checkpoint I already managed to gain respect and interest on my part, so I decided to accept these challenges. However, in view of employment, I was able to allow myself to take on only 8 of 12 tasks (from four different categories). And I managed to solve 7 of them.
 3r33464.
 3r33464. The Challenge officially ended by the end of September 2018.
 3r33464. How to pass a cyber test on "Checkpoint"
 3r33464. Therefore, now I can, with a clear conscience, tell you step by step how I tried to solve the following tasks: 3r3452.  3r33464.
 3r33464. • Logical Challenge “PNG ++”
 3r33464. • Web Challenge “The Robots Are Returning” 3r3452.  3r33464. • Web Challenge "Diego Gallery" 3r3452.  3r33464. • Programming Task “Careful Steps” 3r3452.  3r33464. • The task of programming "Puzzle" 3r3452.  3r33464. • Networking challenge “Ping Pong”
 3r33464. • Networking Protocol Challenge 3r3452.  3r33464.
 3r33464. 3r33333. Challenge: PNG ++
 3r33464. [/u]
 3r33464. Description:
 3r33464.
 3r33464. This (link to an encrypted PNG file) is [i] The image was encoded using a custom cipher.
 3r33464. We managed to read most of this code here (link to python code).
 3r33464. Unfortunately, someone slow shed coffee on the entire key_transformator.py.
 3r33464. ???.219/csa_2018/diegos_gallery/_nwryqcttstvs/admin-panel/index.php?view=flag.txt
 3r33464.
 3r33464. And the flag was mine.
 3r33464. 3r33333.
 3r33464.
 3r33464. 3r33333. Challenge: “Careful steps” [/u]
 3r33464.

 3r33464. Description:
 3r33464.
 3r33464. [i] This (link to file) is a bunch of archives we found. We are sure that the secret flag is hidden somewhere inside them.
 3r33464. We are absolutely sure that the data we are looking for is hidden in the comments section of each file.
 3r33464. Could you go carefully between the files and find the flag?
 3r33464. Good luck! 3r3333391.
 3r33464.
 3r33464. After extracting the file, you get a directory called “archives” with two thousand files inside, entitled “unzipme.[номер]".
 3r33464.
 3r33464.
 3r33464. I used the binwalk program to check the first file. And that's what the program gave me: 3r3452.  3r33464. 3r3405.
 3r33464.
 3r33464. Yeah, so in the section with comments, we have letters and numbers. Hints again?
 3r33464. At first I wondered if I should link the letters with the given indexes from this zip file, and check the next file already with the index 245.
 3r33464. But then an unexpected one came out: the second file was not in zip, but in rar format.
 3r33464. 3r31616.
 3r33464.
 3r33464. So I had to “unravel” him in order to get to the comments:
 3r33464. 3r33434.
 3r33464.
 3r33464. 3r33434. 3r33434. My logic was to run the file through binwalk, and if I ran across RAR, unpack it to get to the comments. Otherwise, view the comments section directly to understand what to do next.
 3r33464.
 3r33464. My first guess: the number is the index of the file (each was numbered from 0 to 1999). However, I found that some numbers are negative, which means they cannot be an index.
 3r33464.
 3r33464. The second guess is that a number is a leap, which may well be negative. For each number I needed a jump to the next file. I knew that if my code would constantly jump to the next computed file, it could create a small trap in the form of a whirl and my code would get stuck in an infinite loop. So I wrote a python code with account limiting. And after several tests I found that the number 120 would be quite enough:
 3r33464. 3r33440.
 3r33464.
 3r33464.
 3r33464. And the flag was mine:
 3r33464.
 3r33464.
 3r33464. I have described the other three in the next post, read, try, I will be happy for your comments
3r33464. 3r33464.
3r33464. 3r33460. 3r33464. 3r33464. 3r33464. 3r33464.
+ 0 -

Add comment