As part of Techparva 3.0, the Innovative Computer Engineering Students’ Society (i-CES) of WRC, Pokhara, hosted an exciting BabyPWN Capture The Flag (CTF) competition. I had the incredible opportunity to design a few challenges for this event. In this post, I’ll share the official write-up for three intriguing challenges: Text Behind, Magic Everywhere, and Betrayal. Dive in to explore the solutions and thought process behind these puzzles!

Text Behind:

The challenge contains a text file with text.

42dac71c4914db9587619c303e7b0cec

This is an MD5 hash. Since it's just a hash, cracking it with word lists might not be the best approach. Instead, you can try an online dictionary where people generate their hashes and choose to store the results for future reference.

One popular site for this is https://md5hashing.net. Simply paste the hash and wait for the magic to happen.

i-CES{0nl1n3_d1c7i0n3ry_15_w0r7h_l00k1ng}

Magic Everywhere:

The challenge consists of a image file which does not seem to open.

The file seems to be broken.

First lets try printing out the strings in the file.It has a fake flag.

Looking at the challenge name and the description, it hints towards Magic Byte. Most probably, we have to fix the magic byte to get this file working.

If you are curious about what Magic Byte is and what magic bytes are for different file formats, refer to https://en.wikipedia.org/wiki/List_of_file_signatures

The first thought, looking at the file error, is that it is a JPEG file and needs the file signature fixed. So, let's open the file and view its signature.

Note: You can view and edit the hex value online at https://hexed.it/

Comparing it with the signature of JPEG and fixing it does not seem to work.

The file still shows the same error as before.

What could be the solution here?

If it's not JPEG, could it be another format like PNG? Let's give it a try.

This fixed the file and revealed the flag.

i-CES{h4ck3r_C4n_f1x_3v3ry7hing}

Betrayl:

The challenge file is a text file with some strange-looking characters.

At first glance, it looks like Morse code. Let's try to decode it.

However, this doesn't seem to work. Let's revisit the challenge name and description. It suggests that this is something other than Morse Code. So, what could it be?

If you look closely at the symbols, they consist of . and -. What if they represent some kind of state, maybe a binary state of 0 and 1?

Since . are lower and - are slightly higher, replace . with 0 and - with 1.

You can easily do this using the sed command in Linux.

  sed -i 's/\./0/g; s/-/1/g' Betrayl

The file content will look like this:

Converting this binary to text reveals our flag.

i-CES{wh47_s33ms_t0_h4pp3n_d0sn't_h4pp3n}

Thank you for reading. If you took part in the competition, please feel free to share your feedback about the challenges.