Added redpwn ctf

Author: 0xf4b1

README.md

@@ -18,6 +18,7 @@ My solutions for various CTF challenges
 - [pase.ca](pase.ca)
 - [hackcon.online](hackcon.online)
 - [ctf.sec.army](ctf.sec.army)
+- [ctf.redpwn.net](ctf.redpwn.net)
 
 Capturing flags for self-education in information security since July 2019.
 

ctf.redpwn.net/README.md

@@ -0,0 +1,30 @@
+# ctf.redpwn.net
+
+## cryptography
+
+- [dunce-crypto](cryptography/dunce-crypto)
+- [super-hash](cryptography/super-hash)
+- [trinity](cryptography/trinity)
+
+## forensics
+
+- [msb](forensics/msb)
+
+## misc
+
+- [tux-trivia-show](misc/tux-trivia-show)
+
+## pwn
+
+- [babbypwn](pwn/babbypwn)
+- [bronze-ropchain](pwn/bronze-ropchain)
+- [dennis-says](pwn/dennis-says)
+- [penpal-world](pwn/penpal-world)
+- [rot26](pwn/rot26)
+- [zipline](pwn/zipline)
+
+## reverse-engineering
+
+- [generic-crackme](reverse-engineering/generic-crackme)
+- [generic-crackme-redux](reverse-engineering/generic-crackme-redux)
+

ctf.redpwn.net/cryptography/dunce-crypto/README.md

@@ -0,0 +1,22 @@
+# Dunce Crypto
+
+## Cryptography - Points: 50
+
+> Written by: blevy
+>
+> 
+>
+> Emperor Caesar encrypted a message with his record-breaking high-performance encryption method. You are his tax collector that he is trying to evade. Fortunately for you, his crown is actually a dunce cap.
+>
+> 
+>
+> ```
+>
+> mshn{P_k0ua_d4ua_a0_w4f_tf_ahe3z}
+>
+> ```
+>
+
+Shift with key 7.
+
+flag: `flag{i_d0nt_w4nt_t0_p4y_my_tax3s}`

ctf.redpwn.net/cryptography/super-hash/README.md

@@ -0,0 +1,38 @@
+# Super Hash
+
+## Cryptography - Points: 50
+
+> Written by: NotDeGhost
+>
+> 
+>
+> Does hashing something multiple times make it more secure? I sure hope so. I've hashed my secret ten times with md5! Hopefully this makes up for the fact that my secret is *really* short. Wrap the secret in `flag{}`.
+>
+> 
+>
+> Note: Follow the format of the provided hash exactly
+>
+> 
+>
+> Hash: `CD04302CBBD2E0EB259F53FAC7C57EE2`
+>
+
+Brute-force all printable characters, hash them 10 times and compare with the target hash.
+
+```python
+import hashlib
+import string
+
+target = 0xCD04302CBBD2E0EB259F53FAC7C57EE2
+
+for c in string.printable:
+	m = hashlib.md5(c).hexdigest().upper()
+	for i in range(9):
+		m = hashlib.md5(m).hexdigest().upper()
+
+	if int(m, 16) == target:
+		print c
+		break
+```
+
+flag: `flag{^}`

ctf.redpwn.net/cryptography/super-hash/sol.py

@@ -0,0 +1,13 @@
+import hashlib
+import string
+
+target = 0xCD04302CBBD2E0EB259F53FAC7C57EE2
+
+for c in string.printable:
+	m = hashlib.md5(c).hexdigest().upper()
+	for i in range(9):
+		m = hashlib.md5(m).hexdigest().upper()
+
+	if int(m, 16) == target:
+		print c
+		break

ctf.redpwn.net/cryptography/trinity/README.md

@@ -0,0 +1,40 @@
+# Trinity
+
+## Cryptography - Points: 77
+
+> Written by: blevy
+>
+> 
+>
+> redpwn claims to have invented an unbreakable "trinity encoding."
+>
+> Security by obscurity!
+>
+> 
+>
+> ```
+>
+> 1202010210201201021011200200021121112010202012010210102012102021000200121200210002021210112111200121200002111200121102000021211120010200212001020020102000212
+>
+> ```
+>
+> 
+>
+> NB: This challenge does not use the flag{...} format. The flag is only lowercase letters.
+>
+> 
+>
+> Hint: The encoding is so simple, even your grandma knows about it!
+>
+
+Interpret the three numbers as morse code with the following mapping:
+
+	'0': '.', '1': '-', '2': ' '
+
+The resulting morse code:
+
+	- . .-. -. .- .-. -.-- .. ... -- --- .-. . .- .-. -.-. .- -. . -... ..- - .. -... . - -.-- --- ..- - .... --- ..- --. .... - --- ..-. .. - ..-. .. .-. ... - 
+
+Decode it with some online decoder gives the flag.
+
+flag: `flag{TERNARYISMOREARCANEBUTIBETYOUTHOUGHTOFITFIRST}`

ctf.redpwn.net/cryptography/trinity/sol.py

@@ -0,0 +1,9 @@
+code = '1202010210201201021011200200021121112010202012010210102012102021000200121200210002021210112111200121200002111200121102000021211120010200212001020020102000212'
+
+mapping = {'0': '.', '1': '-', '2': ' '}
+
+morse = ''
+for c in code:
+	morse += mapping[c]
+
+print morse

ctf.redpwn.net/forensics/msb/README.md

@@ -0,0 +1,28 @@
+# msb
+
+## Forensics - Points: 50
+
+> Written by: NotDeGhost
+>
+> 
+>
+> It's not LSB, its MSB!
+>
+> 
+>
+> Red is Random,
+>
+> Green is Garbage,
+>
+> Blue is Boring. 
+>
+> 
+>
+> Hint: Only one channel is correct. Also, I like doing things top down. 
+>
+> [lol.png](lol.png)
+>
+
+Flag is encoded in the MSB.
+
+flag: `flag{MSB_really_sucks}`

ctf.redpwn.net/forensics/msb/lol.png

@@ -0,0 +1,17 @@
+from PIL import Image
+
+def decode_binary_string(s):
+    return ''.join(chr(int(s[i*8:i*8+8],2)) for i in range(len(s)//8))
+
+im = Image.open('lol.png')
+pix = im.load()
+x, y = im.size
+
+bits = ''
+
+for i in range(x):
+    for j in range(y):
+        r,g,b,a = pix[i,j]
+        bits += str(b >> 7 & 1)
+
+print(decode_binary_string(bits))