Sebastian's Blog

software developer. security enthusiast.

Category: Challenges

HV19.07 Santa Rider

Santa is prototyping a new gadget for his sledge. Unfortunately it still has some glitches, but look for yourself. Challenge Description This was very easy, we got 8 LEDs, so 8 bit = 1 byte. Looks like ASCII. I split the video into frames using ffmpeg to go through the pictures by hand while noting […]

HV19.H1 Hidden One

Sometimes, there are hidden flags. Got your first? Challenge Description Hidden One came out the same time as HV19.06 bacon and eggs came out, so I thought it might be about the extra information added below the bacon cipher ciphertext. Born: January 22 Died: April 9 Mother: Lady Anne Father: Sir Nicholas Secrets: unknown The […]

HV19.06 bacon and eggs

Francis Bacon was an English philosopher and statesman who served as Attorney General and as Lord Chancellor of England. His works are credited with developing the scientific method and remained influential through the scientific revolution. Bacon has been called the father of empiricism. His works argued for the possibility of scientific knowledge based only upon inductive reasoning and careful observation of events in nature. Most importantly, he argued science could be achieved by use of a sceptical and methodical approach whereby scientists aim to avoid misleading themselves. Although his practical ideas about such a method, the Baconian method, did not have a long–lasting influence, the general idea of the importance and possibility of a sceptical methodology makes Bacon the father of […]

HV19.05 Santa Parcel Tracking

To handle the huge load of parcels Santa introduced this year a parcel tracking system. He didn’t like the black and white barcode, so he invented a more solemn barcode. Unfortunately the common barcode readers can’t read it anymore, it only works with the pimped models santa owns. Can you read the Barcode Challenge Description […]

HV19.04 password policy circumvention

Santa released a new password policy (more than 40 characters, upper, lower, digit, special). The elves can’t remember such long passwords, so they found a way to continue to use their old (bad) password: merry christmas geeks Challenge Description Attached to this was the following file named HV19-PPC.ahk This was an AutoHotkey source file. Loading […]

HV19.03 Hodor, Hodor, Hodor

This was quite easy. I immediately thought that this must be a programming language. Apparently there is a programming language called Hodor Programming Language. Running the code reveals: Awesome, you decoded Hodors language! As sis a real h4xx0r he loves base64 as well. SFYxOXtoMDFkLXRoMy1kMDByLTQyMDQtbGQ0WX0= Base64 decode reveals the flag: HV19{h01d-th3-d00r-4204-ld4Y}.

HV19.02 Triangulation

Today we give away decorations for your Christmas tree. But be careful and do not break it. Attached to that we receive a STL file named Triangulation. This file is a 3D model. Opening this in blender and peeling the shell. Showed that it contains another shell. Peeling this again revealed an AZTEC code. Tweaking […]

HV19.01 censored

I got this little image, but it looks like the best part got censored on the way. Even the tiny preview icon looks clearer than this! Maybe they missed something that would let you restore the original content? Challenge Description “Even the tiny preview icon looks clearer” – Googled for exif viewer, got http://exif.regex.info/exif.cgi and […]

Challenge 03: Sloppy Encryption

Challenge 03 got as some sort of an encrypted password and a ruby script which was used to encrypt the password. Additionally we got another Egg-O-Matic to turn the password into a flag. So obviously, this challenge is about decrypting the password. K7sAYzGlYx0kZyXIIPrXxK22DkU4Q+rTGfUk9i9vA60C/ZcQOSWNfJLTu4RpIBy/27yK5CBW+UrBhm0= So, I went backwards through the encryption code, line by line, splitted […]

Challenge 02: Just Watch

The second challenge got the name just watch. We got a gif containing a password and an Egg-O-Matic to decrypt the flag. Clearly, the gif is about sign language. So googling for a sign language alphabet got me this. To have enough time to search for the right sign and to get the order straight, […]