Today was an interesting day. We are setting up a honeypot in the campus and I was asked to check if all the ports in the honeypot VM are accessible from the pubilc internet. ####The Problem The setup is pretty simple. The honeypot is run in an VM behind the campus NAT. Any IP packet addressed to the public IP of our VM should be NATed properly, rewritten and sent to the private address of the VM.

Another easy stego challenge. The challenge consists of a HTML file. Opening it up, reveals that there is a table present. There were various cells present with nearly-same background color. Original file link here - glasses.tar.gz. A sample from the original HTML file. <td style="width: 7.75757575757576px; background-color: rgb(255, 255, 255);"></td> <td style="width: 7.75757575757576px; background-color: rgb(255, 255, 255);"></td> <td style="width: 7.75757575757576px; background-color: rgb(255, 255, 254);"></td> <td style="width: 7.75757575757576px; background-color: rgb(255, 255, 254);"></td> <td style="width: 7.

This was a easy one. We are required to find the flag in this image. This is the original image. Running file, shows nothing suspicious. stego_50.jpg: JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 430x425, frames 3 Running a binwalk, we can see that there is a ZIP archive appended to the end of the JPEG image. DECIMAL HEXADECIMAL DESCRIPTION ——————————————————————————– 0 0x0 JPEG image data, JFIF standard 1.

Here is our original picture. It is a picture of Emma Watson in an event. We are to extract the flag from this image.  I checked for common anomalies in the picture but, couldn’t find any. No extra information in the metadata or the blob content of the image. Then I suspected if it is LSB steganography and checked for it too. But, there could be no meaningful data extracted from the LSB bits.

I could not participate in GiS CTF which was conducted around 10 days back. But, the one good thing about these people is that they always have an archive of all their past events. This is a 150 point Crypto challenge named as Knockers. Here is the question. Dude, here’s a knocker token that will let you access my service on port 80. One day I will let you see my cool stuff on port 7175.