Briefly, this is a simple write up for what was happening during the CTF games. Been participated in the event to just have an enjoy weekend time even though busy with family and celebrating my birthday anniversary.
Cryptography : warming up 1
Question: jztl{y0y_f0_3nfl}
Answer: wmgy{l0l_s0_3asy}
Explaination: Use ROT13 to answer.
Cryptography : warming up 2
Question: ZHRuZntxYnphXzRfczFhYXMzX2kxYV9vNHlrM3l9
Answer: wmgy{just_4_l1ttl3_b1t_h4rd3r}
Explaination: Decode using normal Base64 and use ROT19 afterwards.
Cryptography : warming up 3
Question: https://gudang.wargames.my/9457d98ad0244eb114133832bf486e8755ef29bbb53aa33a4852d81b/lol.7z (Reference #1)
Answer: wmgy{was_1t_fun_t0_d0_l00p_rolls?}
Explaination: The huge text was encoded with base64 n (not sure) times. Use the script as per below:
<?php
$str = file_get_contents('lol.txt');
while(true) {
$str = base64_decode($str);
echo $str."\n";
}
Steganography : PEKIDA
Question: https://gudang.wargames.my/b711bad6b9d99dab1bde621eb4b4cfc64f7ef217fabfce31ed5a83f2/PEKIDA (Reference #1)
Answer: wgmy{m4ju_lu_s1n1_4nj1n9}
Explaination: Maybe obviously the title assist us to use IDA Pro (Reference #4) tool. PEK (pakai) IDA (IDA). ~= Pakai IDA lah. Change “Max number of nodes” under “Graph” tab option as many as possible, let say 100000. Right click and choose “Fit Windows”.
Note: Salutation to the question author.
Web : ScrewIt!
Question: https://screwit.wargames.my/ (not sure if the link will be deleted)
Answer: wgmy{did_u_brut3f0rc3-it?}
Explaination: Use LFI to get the content of /usr/lib/php/20121212/screwim.so (refer to php.ini) and flag.php files. Download and compile PHP 5.5 source codes. Configure php.ini to use downloaded screwim.so file as PHP extension. Use script as per below to decrypt.
<?php
$t = file_get_contents('flag.php');
echo screwim_decrypt($t);
The output as per below:
<?php
$flag = "wgmy{did_u_brut3f0rc3-it?}";
echo "<h2>The flag is encrypted</h2>";
echo "Its not that easy bois :P";
?>
Furthermore, use LFI URL as per below to get the server file content and decode using Base64 afterwards:
https://screwit.wargames.my/index.php?file=php://filter/convert.base64-encode/resource=flag.php
Thanks to CTF Overlords.