OWASP-LPU CTF February 2022

5 min readFeb 21, 2022

OWASP LPU Student Chapter came up with a Capture the Flag Challenge which varies in Different Categories like Web, Forensics, Crypto, Steganography, OSINT, and MISC.

Let me go through the walkthrough of my challenges from different categories. Starting with Cryptography.

Here comes with my first one Beep Beep Beep ……

Here I have given a wav file which you can pass it in the by listening to that you can get to know that is a morse code. By using this audio decoder you can decrypt it easily. you can upload and here’s what you will get

By keeping it in the Flag Format here is the flag OWASPLPU{1TSM0RS3C0D3DUD3}

Moving to the Next one I am you and you are me

From the Description its saying A is D and B is E which is a Kind of Substitution cipher but we don't see alphabets over here there are some numbers Its not binary and its getting incremented. We know the Flag format by trying that we could get that its Alphabetical Ranks Added Cipher using this online tool you can crack easily

You could see the meaningful text which can be wrapped in flag format got the flag wont worked so when we use the snake case it worked and the final flag is OWASPLPU{THIS_IS_JUST_A_SIMPLE_MAPPING}

We got a Flag image here which is

By the description we can get the point it’s saying about keypad phone and by that we could say it's keypad cipher using this online tool you could get the flag

here comes the flag keeping in the format it becomes OWASPLPU{be_strong_just_like_the_nokia} here case doesn't matter

The name and description sounds like related to the train and the cipher name is related to train is Rail-Fence-Cipher though the tool by code you can get the flag

Flag is OWASPLPU{YOUDIDHARDWORKDIDYOU}

And… the flag image is

through the description, we could get some information that related to ships and navy and here are the flags and the cipher is

Writing in the snake case and keeping in format makes OWASPLPU{WE_ARE_STUCK_IN_CYCLONE} the flag

U+4A U+42 U+4C U+45 U+32 U+56 U+4A U+57 U+47 U+56 U+46 U+45 U+57 U+53 U+4B U+5A U+4B U+5A U+43 U+45 U+4B U+56 U+43 U+44 U+47 U+4A U+45 U+44 U+4B U+53 U+53 U+58 U+4C U+46 U+4E U+45 U+47 U+4D U+53 U+49 U+47 U+56 U+46 U+46 U+4F U+57 U+4A U+55 U+47 U+49 U+33 U+55 U+53 U+57 U+4B U+53 U+49 U+35 U+49 U+56 U+45 U+4D U+32 U+47 U+4A U+41 U+32 U+55 U+34 U+55 U+32 U+4A U+4A U+55 U+5A U+45 U+49 U+53 U+4B U+4B U+4A U+42 U+4B U+46 U+53 U+56 U+4A U+53 U+4A U+35 U+44 U+55 U+45 U+56 U+53 U+48 U+49 U+34 U+5A U+44 U+45 U+55 U+53 U+48 U+49 U+5A U+44 U+55 U+4B U+54 U+32 U+4E U+4C U+49 U+32 U+55 U+53 U+53 U+53 U+54 U+4B U+59 U+33 U+46 U+41 U+55 U+53 U+44

This is the content the file has this is having multiple encryptions. First decoding from Unicode notation then base 32 and again base 32 at last Ascii 85 gives us the Output