Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
1 contributor

Users who have contributed to this file

948 lines (676 sloc) 22.3 KB

Problem

Table of Content

1. Capture the flag!

Category: misc
Point: 10
Solved: 1682 / 2216
Writeup

Description

Q1RGCg==

Flag

CTF

2. cheap cipher

Category: crypto
Point: 50
Solved: 1357 / 2216
Writeup
Source code

Description

==AVoVGImxWYnBSazByUzMkUzQ1XLNTW

Flag

S3CR3T_K3Y

3. cheap cipher (revenge)

Category: crypto
Point: 80
Solved: 294 / 2216
Writeup
Source code

Description

rKrUl+/clKHb4u/sm6sgnaPfnO/XkO=ewqPU45bRjp4gwa7NntoM467Onu/enqPRlakgj6Egjp0e1gAA

Flag

All your Base64 are belong to us

4. directories

Category: for
Point: 60
Solved: 671 / 2216
Writeup

Description

directories.zip-22a823d589b0c0b6560cfbae6f6f89c1

Flag

snakebites

5. The flag is a lie.

Category: misc+guessing
Point: 200
Solved: 18 / 2216
Writeup

Description

TheFlagIsALie-8f3cce5cc4d27fcd822437c53f7c8e6b

Hint

Someone broke the beginning of the file.

Flag

HELLO 6502

6. Game #1

Category: web
Point: 70
Solved: 463 / 2216
Writeup
Source code

Description

q6.ctf.katsudon.org

Flag

YIPPEE

7. alphabet?

Category: crypto
Point: 80
Solved: 123 / 2216
Writeup
Source code

Description

This message is a certain game's monologue. The flag is name of the game in capital letters.

ΥΔΗΖΙΝΔJΙ-ΧJΙΟΜJGGΔΙΒ ΑJΜΟ "ΥJΓ" ΓΥΝ ΙJΡ WΖΖΙ ΥΖΗJGΔΝΓΖΥ, ΥΙΥ ΟΔΗΖ ΝΟΥΜΟΖΥ ΑGJΡΔΙΒ ΜΖQΖΜΝΖGΤ. "QΥΠΝ" ΗΥΙΥΒΖΥ ΟJ ΖΝΧΥΚΖ ΑΜJΗ ΟΓΖ ΥΔΝΟJΜΟΖΥ ΝΚΥΧΖ. WΠΟ ΟΓΖ ΜΖΥG QJΤΥΒΖ JΑ "ΥΜFΥΙJΔΥ" ΔΙ ΟΓΖ ΒΥGΥΣΤ ΓΥΝ JΙGΤ ΝΟΥΜΟΖΥ......

Flag

ARKANOID

8. Horizontal line

Category: misc
Point: 70
Solved: 313 / 2216
Writeup
Source code

Description

hline.gif-74d643f5f6a94f4efba37b2d12c6af30

Flag

PIXEL

9. encode-encode

Category: misc
Point: 90
Solved: 193 / 2216
Writeup

Description

Do not encode byte strings twice, you know. In UTF-8, double encoded bytes (bytes encoded twice) makes me sick.

# regular UTF-8 encode
漢 -> \346\274\242
# encode twice in UTF-8
漢 -> \303\246\302\274\302\242

What is this?

c3:a3:c2:81:c2:8d:c3:a3:c2:82:c2:83:c3:a3:c2:81:c2:b7:c3:a3:c2:81:c2:a1:c3:a3:c2:82:c2:83:c3:a3:c2:83:c2:bc:c3:83:c2:a3:c3:82:c2:83:c3:82:c2:bb:c3:83:c2:a3:c3:82:c2:82:c3:82:c2:b6:c3:83:c2:a3:c3:82:c2:83:c3:82:c2:bb:e3:81:b5:e3:82:89:e3:81:a3:e3:81:90

Flag

きゃぷちゃー・ザ・ふらっぐ

10. easy crackme

Category: bin
Point: 70
Solved: 311 / 2216
Writeup
Source code

Description

easy_crackme-47c32e7cc8eae23d1d8ef5948b3dce4a

Flag

旗RM7RF4o2

11. hiragana

Category: trivia
Point: 90
Solved: 99 / 2216
Writeup

Description

あいうえおかきくけこさしすせそたちつてとなにぬねのはひふへほまみむめもらりるれろがぎぐげござじずぜぞばびぶべぼぱぴぷぺぽやゆよわん
りろみるむのしきむなきしぴぎいきむごばうばけしみむぐぼうざがしきむげじうぺがさぎむじまさぷぴしぜりたてうぜのさゆむげきうぞがしすむごもうがぎこしむごひうびのしほむずきうばこまろるきもうばこかこらじもうぞのさべむげぼいちがさずむじぐうぞぴしむもそぐつびけれゆむごばつてのぽがむげぺうぜのさゆむごばうぐのぺおむごぼうぷがさざりれぼうぺけしへむげれうやのかうらるさなとけしもむざばうばぴさぞむぐぐちねけさべむざばうざのさゆむぐぐそとぷいごむごぼうじぴしぐむごぼうじぴしぐむごぼそぜけしこるろじしちぴしすもぺそつもけしぜむげぬうぞけさもむげぼうびけさよむげじうぎけしかむげまいちがらぐりへばこずのしすもぺそつもけしぜむげぬうぞけさもむげぼうびけさぎむなきそめけしせらりよちふけさぐむごもうぷぴしぞむごぬうぐのさずむじれたもがしむらされうぱけさぷむずきうざのぎぱらにぐうびけぺそらしきうぞのらぐるせてとやはとならりよなべけしきむぐじうぱぴしろむじぐうずのさぞむごひうぴこぬぱむぐじうぱけさぷむずきいちがらぐりへばこずのしすもぺそつもけしぜむげぬうぞけさもむげぼうびけしかむげぬうぷのさりむなきてほよぬいむごぼそぺけしむりひじうぴこえなむぐぼうぞこさぱむぐぼいちのじぷむごれうびのかべむぼれえりぴせぷむねひうぞがよつむぐさうずはこぱぷのきにざがぺひむごばえみのかふむぶぺうやけしうむぐようぞけさもむざばうざのさゆむげぬうばけしみむぐぼうざがしせむぐさうぜがしむもよさうががしげむごばえなぴそあむごばすちぴさざむごさうやけしせむぐさうぞけさもむざばうざのさゆむなさぬるけしへむげぼててぴしせらぺぼうざのさぞむじぼうぺがしおむごぼうががしへむげぬうずのさぐもにぺとげがせぬむぴそえのがせやむずううぐのしなむごきうぞけさもむざばうざのさゆむなさうげぴしぐむごまうぴけしきむごれうぐのさざらりよちふけしきむじうそむけしこむざばうざのさゆむなさてほよぬいむごぼてほよぬいるよようげのしむむじぐうぐぴぷたりそまなぐぎにとるおぺうびけびへらけぺうばははぼむごもうげのしけむじもしぴぎいきむごばうばけしみむぐぼうざがさぐむげじうびけぺみむごばなとがかいりりじうぐぎひなむげじうびけぺみむごばなとがぺあむごれうぱけさべむげぼいちがぷたりきばうびこせむもぶばうやけさぱむげきうざのしれむぐぼてごがしねむごてすぐのしへむげぬうぷのさりむなけん

Flag

蜘蛛となめくじと狸

12. ASCII Art

Category: trivia
Point: 60
Solved: 258 / 2216
Writeup
Source code

Description

Who is this?

                  ''=~('('.('?').
                '{'.('['^'+').("\["^
              ')').('`'|')').('`'|'.').
            ('['                     ^'/'
          ).((                         '"')
        ).+(                             '`'^
       '$')                                 .''.
      ('`'                                   |'!'
     ).+(                                     '`'|
    '-')                                       .''.
   ('`'                                         |((
   ')')                                         )).(
  '`'|                                    '!').( '`'|
  '.')                                .''.     (  '{'
  ^((    '['                  ))).('`'          ^  '#'
 ).(     (  '`')           |((                  (  '/'
)))      )      .('`'|'.').                     (  '['
^((      (                                      (  ','
)))      )                                      )  .+(
'`'      |                                       ( '!'
)).     (                                        ( '['
 )^+    (                                        ( '"'
 ))     )                                        . '"'
. ((    (                                        ( ((
(  ((  (                                         ( ((
(   '}')       )))))))))              )))).+     ')'
)    ;$:    =((         '.'        ))^      '~'  ;$~
= ((  ((        '@'))))|             '(';$^=      ((
( (   ((      ((  ')')  ))    )    )) ))^+  ((    (
( (  '['       )))));($/)     =    '`'|'.';$,=    (
(  (  ((                      (                  (
 (    ((                      (                 ((
 (    '('                     )                 ))
  )   )))                     )                )))
   )))^'}'                    ;                $\=
     "\`"|              (     (    (          '!'
     )));(              (     (    (          $:)
     )))=((             ')'))^'}';$~         ='*'
     |"\`";                                  ($^)
     =('+')^         '_';$/='&'|"\@";$,=    '['&
      "\~";$\=    ','^'|';$:='.'^('~');$~= '@'|
       "\(";$^=  ((                     "\)"))^
       '[';$/="\`"|  '.';$,='('^'}';$\=  ('`')|
        '!';$:=')'      ^'}';$~="\*"|    "\`";
         $^='+'^'_'                    ;($/)=
          '&'|('@');$,=            '['&"\~";
           $\=','^'|';$:='.'^'~';$~='@'|'('
           ;$^=')'^'[';$/='`'|'.';$,=('(')^
            '}';$\='`'|'!';$:=')'^('}');$~=
             '*'|'`';$^='+'^'_';$/='&'|'@';
              $,='['&'~';$\=','^'|';$:='.'
                ^'~';$~='@'|'(';$^=(')')^
                 '[';$/='`'|'.';$,="\("^
                   '}';$\='`'|('!');$:=
                     ')'^'}';$~=('*')|
                        '`';$^='+';

Flag

Damian Conway

13. Yet Another G00913

Category: PPC
Point: 100
Solved: 119 / 2216
Writeup

Description

FLAG_Q13_{first 200-digit prime found in consecutive digits of π}

Flag

FLAG_Q13_54882046652138414695194151160943305727036575959195309218611738193261179310511854807446237996274956735188575272489122793818301194912983367336244065664308602139494639522473719070217986094370277053921717

14. from login form

Category: web
Point: 120
Solved: 114 / 2216
Writeup
Source code

Description

q14.ctf.katsudon.org

Update: I fixed q14, and it was broken since Apr 26. Sorry ;(

Flag

FLAG_hogee_fuga_piyopiyopiyo

15. ZIP is zip

Category: misc
Point: 110
Solved: 44 / 2216
Writeup
Source code

Description

You can capture the flag by sorting.

zip.zip-ded3b0a45d60b9d834025daab478e1a1

Flag

BDVNCpguUQSjsZJ

16. medium crackme

Category: bin
Point: 130
Solved: 70 / 2216
Writeup
Source code

Description

The flag is **********.

medium_crackme-2dbaa2302bae56de6252defa96da2270

Flag

gD0Fbs3642

17. Fragments of gzip

Category: misc
Point: 80
Solved: 133 / 2216
Writeup

Description

I'm missing gzip header. But there is only compressed data:

d3:2d:03:03:85:dc:fc:7c:2e:00:22:4a:78:e2:0c:00:00:00:0a

Flag

-vvvvvv moo

18. Which is the flag?

Category: web
Point: 90
Solved: 130 / 2216
Writeup
Source code

Description

q18.ctf.katsudon.org

Flag

RegularExpression

19. stairs

Category: crypto
Point: 80
Solved: 69 / 2216
Writeup
Source code

Description

G
NrD
NdeyM
muNaHnh
ZDpJtRSLp
vypFhPXzxLB
wVBISmyIhtMTQ
XeLOfAFrVjAESSf
lIzxxAnyangFlzLAQ
VESahvDXtmnKNBRpIkf
pSMRLNFnHViPJhqvuhrrp
fymLjhBJlZFdNlYswhNlImR
lKzWwzjlpigqOHVSnNxxgpScc
wyoHPACOBPTGZfmXDBAHdWDHrcV
pXIZwFMTQuWdSgGHgtUtiBXcGEDGh
gMaGyanBffyKcGFiQjRnqSrvOrlJYFb
vHCWLsqPRiUcCwMuzioVrOmEjQwffudND
wnkDeijzqzRHzNVwZaWsZvMrhlsLjRGUFbe

Flag

GreatPyramidOfGiza

20. searcher

Category: web
Point: 180
Solved: 36 / 2216
Writeup
Source code

Description

q20.ctf.katsudon.org

source

Hint

CREATE TABLE IF NOT EXISTS user (
    user_id    INTEGER NOT NULL PRIMARY KEY,
    name       VARCHAR(255) NOT NULL,
    password   VARCHAR(255) NOT NULL,
    UNIQUE (name)
);

Flag

ADMINIMDA

21. loop

Category: web
Point: 70
Solved: 182 / 2216
Writeup
Source code

Description

q21.ctf.katsudon.org

Do not attack :)

Flag

6890c6f34d3c3ad95cfa13ab321943d7

22. hidden 1

Category: web
Point: 100
Solved: 63 / 2216
Writeup

Description

:)

Flag

xcomglobal

23. Picross

Category: PPC
Point: 250
Solved: 11 / 2216
Writeup
Source code

Description

nc ctf.katsudon.org 17023

Flag

280fa17f505ccf7ee308cb5d021c5565

24. Gyazo

Category: web+guessing
Point: 210
Solved: 20 / 2216
Writeup
Source code

Description

q24.ctf.katsudon.org

Hint

  1. flag.png
  2. accesscode = md5(salted_filename)

Flag

Ninjas can't catch you if you're on fire.

25. HEYYEYAAEYAAAEYAEYAA

Category: steg
Point: 80
Solved: 87 / 2216
Writeup

Description

The sound can not be heard.

HEYYEYAAEYAAAEYAEYAA.wav-a7cb9e1dc56ef5597a9535ae353dcb13

Flag

HEYSPECTROGRAM

26. retro crackme

Category: bin
Point: 150
Solved: 13 / 2216
Writeup
Source code

Description

retro_crackme-96b844b59fbd6270ef03b510a3f21e3b

Flag

looking for l0ve s0ng

27. Online banking

Category: web
Point: 270
Solved: 18 / 2216
Writeup
Source code

Description

What is the initial amount of john?

q27.ctf.katsudon.org

hint

Hint

  1. did you try to login as john?
  2. http://q27.ctf.katsudon.org/404

Flag

294307500

28. feel the rhythm

Category: misc
Point: 90
Solved: 46 / 2216
Writeup
Source code

Description

rhythm.wav-d08530ac6de2a8601cef1a7b2a0dc6fa

Flag

CAMEL2

29. jpeglitch

Category: misc
Point: 120
Solved: 71 / 2216
Writeup
Source code

Description

The glitch algorithm is simple, like this:

perl -i -pe's/a/b/g' flag.jpg
glitch.zip-06718696c3e01de29d4d8f577004f537

Flag

glitch_5157cc4572

30. tell me a message

Category: bin+guessing
Point: 230
Solved: 4 / 2216
Writeup

Description

This program cannot print a character well... but it's simple :)

tellme-39079dcc9a39dfb72bc6f40842bdeac8

Update: This problem has a bug. You can solve it, but maybe unreasonable... I'm going to provide new binary, just a moment :)

Hint

you can get a message by brute-force attack. have you tried the input of all possible?

Flag

ミンナニハナイショダヨ

31. hidden 2

Category: guessing
Point: 120
Solved: 13 / 2216
Writeup

Description

find the "flag" :)

Hint

not A

Flag

dead::beef

32. simple sqli

Category: web
Point: 160
Solved: 19 / 2216
Writeup
Source code

Description

http://q32.ctf.katsudon.org/

Hint

  1. I thought this validates 'id' as a number...
  2. and I'm using regexp.

Flag

700_51mpl3_27307d6c315d96bb5ea96b5830ca1e6a

33. from secure login form

Category: web
Point: 180
Solved: 17 / 2216
Writeup
Source code

Description

http://q33.ctf.katsudon.org/

Flag

r1v357

34. CAPTCHA the Flag

Category: PPC
Point: 150
Solved: 31 / 2216
Writeup
Source code

Description

http://q34.ctf.katsudon.org/

Flag

CcaaAPpTTTCccHhA

35. console

Category: web
Point: 240
Solved: 29 / 2216
Writeup
Source code

Description

available commands: login, register, ...

http://q35.ctf.katsudon.org/

Flag

p4zzw0rd_m0n573r_willin9ly_347z_saltimbocca

36. iRC

Category: web
Point: 150
Solved: 6 / 2216
Writeup
Source code

Description

<akiym> I'm thinking about Q36...
<evilhacker> how about irc bot?
<akiym> evilhacker: good idea. why don't you make a irc bot with me?
<evilhacker> sounds good
<akiym> :)
<akiym> have you ever made a irc bot?
<evilhacker> no
<akiym> okay. I'll give you source code
<akiym> but you don't discover the flag, right?
<evilhacker> of course ;)
<akiym> I sent
<evilhacker> akiym++
akiym has left #akictf-meeting
<evilhacker> his source code is perfect
<evilhacker> so I made a vulnerability, hahaha

akictf-q36 is in irc.freenode.net.

Note: You DO NOT access/attack ctf.katsudon.org:6669. This is unrelated. (my personal IRC bouncer :-)

Update: akictf-q36 is unstable. It replies to such message: akiym++ If it doesn't reply, please send an email or just a moment.

Flag

I <3 SQLite!

37. steg noobs

Category: steg
Point: 180
Solved: 18 / 2216
Writeup

Description

steg_noobs.zip-5d05a159662f59e65b1f9c3113832f7c

Flag

d0_y0u_like_stegan0__i_hate~~

38. super secret notes

Category: web
Point: 300
Solved: 6 / 2216
Writeup
Source code

Description

find the flag.

http://q38.ctf.katsudon.org/

Hint

1) 1st flag in source

2) hint

Flag

7rAv3r5AL_w17H_8yPA55_f0R_1nJ3c710n

39. giveme_shellcode

Category: pwn
Point: 200
Solved: 35 / 2216
Writeup
Source code

Description

nc pwnable.katsudon.org 17039

giveme_shellcode-eebca4141478c0dc649459a2d897bc2a

Flag

5H3LLC0D3_G0Lf_15_345Y

40. sudden_death

Category: web+pwn
Point: 320
Solved: 13 / 2216
Writeup
Source code

Description

http://pwnable.katsudon.org:17040/

Flag

5UDD3n_539M3N74710N_f4ul7~

41. Pokemon battle

Category: web
Point: 250
Solved: 12 / 2216
Writeup
Source code

Description

pokemon!
http://q41.ctf.katsudon.org/

DO NOT BRUTE FORCE!

Update: Sorry, I fixed a mistake. see source again :P
Update: So sorry, Marumain and Mewtwo was too weak. see source again again ;(

Flag

w4NN483_p0k3MON_M4573R

42. unreadable message

Category: misc
Point: 180
Solved: 9 / 2216
Writeup

Description

Here is unreadable message. Could you try to restore my message?

download unreadable_message.zip-a2bed73cbd988469a22cde41320bbcf4

Flag

brute_it_if_you_could_not_read
You can’t perform that action at this time.