Ctf

Event Information Event: Stranger’s CTF - Techtrix ‘26 URL: https://ctftime.org/event/3188 Summary Challenges solved: i forgot :D Categories: Crypto Forensics Web Reverse Steganography Writeups Crypto Forensics Grid → strangers-ctf-2026-forensics-grid Web Recovered Logs → strangers-ctf-2026-web-recovered-logs The Fav Controversy → strangers-ctf-2026-web-the-fav-controversy The Gate → strangers-ctf-2026-web-the-gate Reverse SecurePad → strangers-ctf-2026-reverse-secure-pad The Kamchatka Taps → strangers-ctf-2026-reverse-the-kamchatka-taps Steganography The Max Mayfield Tape → strangers-ctf-2026-steganography-the-max-mayfield-tape

Challenge Information Name: Grid Category: Forensics Difficulty: Easy Description: Easy once you figure out the trick :) Initial Analysis The provided file (1f407) does not have a recognizable extension. Running basic file identification tools does not immediately reveal its format. However, attempting to load it with NumPy works: import numpy as np arr = np.load("1f407") print(arr.shape) Output: (484, 484) This indicates the file is a NumPy array. Observations The array is square (484 × 484). Values are in the set { -1, 0, 1 } and the matrix is symmetric with a zero diagonal ...

Challenge Name: RECOVERED LOGS - HAWKINS NATIONAL LABORATORY Category: Web Target: nc 140.245.25.63 8005 (Accessible via curl --http0.9) 1. Description The challenge provides a Dr. Brenner themed terminal service. Attempts to access via standard curl fail with an HTTP/0.9 error, indicating it’s a raw TCP service or uses a legacy protocol. 2. Analysis Service Investigation Connecting to the terminal reveals a restricted menu: View Previous Messages (Logs) Send Message to Command Initiate Upside Down Protocol (Admin) Disconnect Log Analysis Using option 1 to view logs provides the following critical information: ...

Challenge Name: SecurePad Category: Reverse Engineering / Crypto Description: SecurePad™ — “Security Through Obscurity… and Comic Sans.” A custom encryption algorythm powered notepad. 1. Description The challenge provides a Windows executable SecurePad.exe and an encrypted file flag.enc. The goal is to reverse the “custom encryption algorythm” and decrypt the flag. 2. Analysis Binary Overview File Type: PE32 executable for MS Windows (GUI) Architecture: Intel i386 Symbols: None (Stripped) Static analysis using strings revealed: ...

Challenge Name: The Fav Controversy Category: Web Target: http://140.245.25.63:8003/ 1. Description The challenge description mentions: “Every time you search for a ‘controversial’ topic, the site whisks you through a series of hidden doorways before showing you a blank result. The flag isn’t at the destination…it’s scattered across the journey itself.” It also hints at checking the browser history. 2. Analysis Redirection Chain When a “controversial” search term (like everything, truth, or admin) is entered into the search bar, the server initiates a chain of HTTP 302 redirects instead of directly serving the results. ...

Challenge Name: The Gate Category: Web Target: http://140.245.25.63:8004/ 1. Description The challenge presents a page with two options: “CHOOSE EARTH” and “CHOOSE UPSIDE”. The hint emphasizes: “It’s not about what you’re asking for, but who is asking and how you’re asking it. Legend says only a ‘Wizard’ knows the true way through.” 2. Analysis Identification Who is asking: Initial probes with various methods revealed a hidden header when using the HEAD method. How you’re asking it: Using curl -I (which sends a HEAD request) to the root or index.php resulted in an interesting response header: Error: Access Denied. You are not WizardWill. This revealed both the required identity (WizardWill) and the fact that the server responds differently to the HEAD method. ...

Challenge Information Category: Reverse / Audio Forensics Description: Joyce and Murray intercepted a faint audio signal originating from a high-security Russian prison in Kamchatka. It sounds like someone is rhythmically banging on a heating pipe. Decode the message to find out who is trapped inside. Files Provided kamchatka_taps.wav Analysis The “rhythmically banging” description is a clear hint for Morse code. The WAV file contains sharp, impulsive tapping sounds separated by varying intervals. ...

Challenge Information Category: Steganography Description: Max was listening to her favorite song on loop to keep Vecna out of her mind. However, we intercepted her walkman and noticed a strange, high-pitched anomaly in the background of the track. What is Vecna’s message? Files Provided cursed_tape.wav Analysis The challenge description hints at a “high-pitched anomaly” in the background of a WAV file. This is a common indicator for audio spectrogram steganography, where data is hidden visually in the frequency domain. ...