This go around we have a short category but a fun one nonetheless. This one is Hunt! and is questions around cipher decoding techniques.
Question 1 - Good Advice (5 points)
Flag will be in format FLAG(something)
The given QR code results in the following text:
From experience, I had a feeling this looked like Base64 so I dropped it into CyberChef and viola, the answer is FLAG(Preparation).
Question 2 - One Off (5 points)
58 69 62 75 21 6A 67 21 4A 21 75 70 6D 65 21 7A 70 76 21 75 69 66 21 67 6D 62 68 21 78 62 74 3B 21 4E 6A 6E 6A 64
This is hex so we can go back to CyberChef to decode.
Question 3 - Success (5 points)
PJGXI zs t kvngrgiei egkcqxek htrnwifq ufv tlvcmzcaxt gdmdugqqnizsc. Hvrx, es hhv mi tf egkcqt wppg(khbvuf4j2wmcd).
This one looked familiar but I just couldn't place it to start. I tried it in CyberChef with not automatic results so scrolled through the different Encryption/Encoding items there to see if anything stuck out but nothing seemed right. A Google search of common ciphers led me to find Vigenere. Using https://www.dcode.fr/vigenere-cipher the results presented itself quickly.
Question 4 - Validation
Flag will be in format FLAG(something)4d6179626520697473206e6f74206120666c61672874316d333574346d70293f
Another fairly simple one with the use of CyberChef. Convert if from hex and you got the answer of flag(t1m35t4mp).
Question 6 - Comes Before Time (5 points)
At first glance this appears to be a Unix timestamp and indeed it is but that's not what they wanted here. As with the others, this is a cipher that needs decoded which will turn into some word or flag. Breaking each set of two numbers down, you can start to see a bit of a pattern. There is a cipher called A1Z26 (or letter number cipher) which gives a number from 1-26 to each letter of the alphabet. Using dCode to make this easy, we can see that the answer was "prime".
Question 5 - Spam (10 points)
Dear Business person , Especially for you - this cutting-edge intelligence ! This is a one time mailing there is no need to request removal if you won't want any more . This mail is being sent in compliance with Senate bill 2416 ; Title 7 ; Section 309 . This is a ligitimate business proposal . Why work for somebody else when you can become rich inside 14 DAYS ! Have you ever noticed nearly every commercial on television has a .com on in it & more people than ever are surfing the web ! Well, now is your chance to capitalize on this ! WE will help YOU SELL MORE and SELL MORE ! You are guaranteed to succeed because we take all the risk ! But don't believe us ! Prof Anderson of Indiana tried us and says "I was skeptical but it worked for me" ! We assure you that we operate within all applicable laws ! You have no reason not to act now ! Sign up a friend and you get half off . Thanks !
This sure does looks like spam you'd get in an email, but did you know there is a spam cipher too?! I didn't but https://www.spammimic.com/decode.shtml can decode pretty quickly. Don't ask me how it decodes or what process it does because I don't know but I do know the answer was "robotsarebad".