JohnHammond
/
ctf-katana
mirror of https://github.com/JohnHammond/ctf-katana.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

First commit, starting list!

pull/1/head
John Hammond 2018-02-02 00:40:53 -05:00
commit a4911883e1
1 changed files with 105 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

105
README.md Normal file
View File

@ -0,0 +1,105 @@
CTF-Katana
===============
> John Hammond | February 1st, 2018
--------------------------
This repository, at the time of writing, will just host a listing of tools and commands that may help with CTF challenges. I hope to keep it as a "live document," and ideally it will not die out like the old "tools" page I had made ([https://github.com/USCGA/tools](https://github.com/USCGA/tools)).
Hopefully, at some point I will develop software that will run through a lot of the low-hanging fruit and simple command-line tools, generate a report and have all the output in one place.
---------------
Steganography
---------------------
* [`steghide`][steghide]
A command-line tool typically used alongside a password or key, that could be uncovered some other way when solving a challenge.
* [`zsteg`][zsteg]
* Morse Code
Always test for this if you are seeing two distinct values... _it may not always be binary!_
* Whitespace
Tabs and spaces could be representing 1's and 0's and treating them as a binary message... or, they could be whitespace done with `snow` or
* `snow`
A tool for whitespace steganography (see above)
Cryptography
-----------------
* XOR
ANY text could be XOR'd. Techniques for this are Trey's code, and XORing the data against the known flag format.
* Caesar Cipher
https://www.dcode.fr/caesar-cipher
* Vigenere Cipher
* Beaufourt Cipher
[https://www.dcode.fr/beaufort-cipher](https://www.dcode.fr/beaufort-cipher)
* Transposition Cipher
* RSA: Classic RSA
* RSA: Multi-prime RSA
* RSA: Weiner's Little D Attack
The telltale sign for this kind of challenge is an enormously large `e` value. Typically `e` is either 65537 (0x10001) or `3` (like for a Chinese Remainder Theorem challenge)
* RSA: Chinese Remainder Attack
These challenges can be spotted when given mutiple `c` cipher texts and multiple `n` moduli. `e` must be the same number of given `c` and `n` pairs.
* Elgamal
* Affine Cipher
* Substitution Cipher
[https://quipqiup.com/](https://quipqiup.com/)
* Railfence Cipher
[http://rumkin.com/tools/cipher/railfence.php](http://rumkin.com/tools/cipher/railfence.php)
* Playfair Cipher
[https://en.wikipedia.org/wiki/Playfair_cipher](https://en.wikipedia.org/wiki/Playfair_cipher)
* Polybius Square
[https://www.braingle.com/brainteasers/codes/polybius.php](https://www.braingle.com/brainteasers/codes/polybius.php)
* The Engima
[http://enigma.louisedade.co.uk/enigma.html](http://enigma.louisedade.co.uk/enigma.html),
[https://www.dcode.fr/enigma-machine-cipher](https://www.dcode.fr/enigma-machine-cipher)
* AES ECB
The "blind SQL" of cryptography... leak the flag out by testing for characters just one byte away from the block length.
*
[steghide]: http://steghide.sourceforge.net/
[snow]: http://www.darkside.com.au/snow/
[cribdrag.py]: https://github.com/SpiderLabs/cribdrag