CrossCTF 2017

Last week, I took part in the qualifier round CrossCTF organized by NUS Greyhats and SMU Whitehat Society.

It was a really great experience for me, as it is the first local high school CTF that I took part in, after PicoCTF and PACTF.

At the first 4 hours, we managed to get the highest score alongside with a few other teams from other institutions. But it was midnight, so maybe most people are sleeping and decide to attempt the challenges in the morning.

After having a nice sleep, we continued attempting the challenges. However, there was not much progress as one of our teammates were busy and we were also stuck.

On Day 2, we see that the top teams are already almost 100 points ahead of us, and more challenges were released. We quickly solved the easy ones to catch up on ranking, and got back into the game.

Time passed pretty fast, and it was already dinner time, with around 5 hours left in the competition. We aimed to at least solve all the easy challenges in this short remaining period of time.

At the last hour, we managed to solve a pwn categorized challenge, and managed to move up to the top of the scoreboard. Man it felt so good when we see the shell opened for us.

At this point, we know based on our abilities we will not be able to solve any of the remaining reversing/pwn challenges. Our best bet is on a cryptography challenge. Unfortunately, we were working on the complete different direction and did not manage to crack it.

In the end, it was a really great experience and we managed to qualify for the on-site finals, which is an Attack-Defense (AD) CTF.

Writeups

Cryptography
Advertisements

CrossCTF – Paricle Collision Challenge – 5 points

Problem

Our large hadron collider feeds off files that produces the same SHA1 hashsum value. Could you help us power up our collider? We will give you a flag in return! Our collider can be found at http://128.199.98.78:8081/

Screenshot

sha1collision

Solution

Recently, a team from Google published a paper on how SHA1 is no longer secure, and collisions can be easily generated.

First, we tried using the example PDF files from here. But we got this message.

sha1collisionseen

I guess it’s not as simple as just downloading files from a website, or another team has submitted these files. After doing some research on Google, we found this tool.

By choosing 2 random images we found, we easily generated our PDF files with the same SHA1 hashsum value.

sha1flag.png