feat: added GREP CTF 2023

GREP CTF 2023/Arctic Penguin/README.md

@@ -0,0 +1,34 @@
+# Arctic Penguin
+> I love penguins. They are so cute. One of my favourite penguin is missing. He was last seen under snow in north pole near arctic circle. There are news that he has been kidnapped by someone. Can you find him. Wait i've a picture, here you go. Please find him asap !
+
+> PS. He likes buildings. A MAN trapped him in a building of SNOW.
+
+## About the Challenge
+We have been given a file (You can download the file [here](pengu.jpg)) and we need to find the flag using that picture
+
+## How to Solve?
+To solve this, Im using `stegseek` first to extract hidden data from files by performing bruteforce attack. Here is the command to bruteforce the image using `rockyou.txt` wordlist
+
+```shell
+stegseek Missing.jpg /usr/share/wordlists/rockyou.txt
+```
+
+![stegseek](images/stegseek.png)
+
+We have a `txt` file now, but it contains only tabs and spaces. Afterwards, if we check the metadata of the picture
+
+![metadata](images/metadata.png)
+
+After searching about `Snow steganography`. Now im using stegsnow to get the flag, but we don't know the flag right? I came across this [tool](https://github.com/0xHasanM/SnowCracker) to brute stegsnow password. Here is the command that I used to crack the password
+
+```shell
+python3 snowcracker.py -c Y -f /home/kali/pengu\ \(5\).jpg.out -w /usr/share/wordlists/rockyou.txt | grep _ -B 1
+```
+
+So I performed brute-force attack using `rockyou.txt` wordlist and then grep the string that contain character `_`
+
+![flag](images/flag.png)
+
+```
+GREP{snowman,P3ngu1n_on_Burj}
+```

GREP CTF 2023/Birdseed/README.md

@@ -0,0 +1,55 @@
+# Birdseed
+> Now that my program is truly random, you'll never be able to guess the flag.
+
+## About the Challenge
+We have been given 2 files:
+* [encrypt.py](encrypt.py)
+* [out.txt](out.txt)
+
+Here is the content of `encrypt.py` file
+```python
+import random
+flag = open('flag.txt').read()
+
+rand_seed = random.randint(0, 999)
+random.seed(rand_seed)
+encrypted = ''
+
+for chr in flag:
+    encrypted += f'{(ord(chr) ^ random.randint(0, 255)):02x}'
+
+with open('out.txt', 'w') as f:
+    f.write(encrypted)
+```
+
+This Python code reads the contents of a file named 'flag.txt' and encrypts it using a simple XOR cipher with a random seed generated using the `random.randint()` function
+
+## How to Solve?
+As you can see in the `encrypt.py` file, the seed is not really random because that function only generate a random integer between 0 and 999. So to solve I have created the script to bruteforce the seed from 0 to 1000
+
+```python
+import random
+encrypted = "a282b415279f5aa08cd4649515268910b8968a1eabda7c1bb2898c"
+
+for rand_seed in range(1, 1001):
+    random.seed(rand_seed)
+
+    flag = ''
+    for i in range(0, len(encrypted), 2):
+        xor_val = int(encrypted[i:i+2], 16)
+        flag += chr(xor_val ^ random.randint(0, 255))
+
+    print("The flag is:", flag)
+```
+
+And im using `grep` too to find the flag. Here is the final command that I used
+
+```shell
+python3 solve_bird.py | grep "grepCTF" -a
+```
+
+![flag](images/flag.png)
+
+```
+grepCTF{n3v3r_tru1y_r4nd0m}
+```

GREP CTF 2023/Birdseed/encrypt.py

@@ -0,0 +1,12 @@
+import random
+flag = open('flag.txt').read()
+
+rand_seed = random.randint(0, 999)
+random.seed(rand_seed)
+encrypted = ''
+
+for chr in flag:
+    encrypted += f'{(ord(chr) ^ random.randint(0, 255)):02x}'
+
+with open('out.txt', 'w') as f:
+    f.write(encrypted)

GREP CTF 2023/Birdseed/out.txt

@@ -0,0 +1 @@
+a282b415279f5aa08cd4649515268910b8968a1eabda7c1bb2898c

GREP CTF 2023/Blind/README.md

@@ -0,0 +1,14 @@
+# Blind
+> Blinding.
+
+## About the Challenge
+We have been given a file (You can download the file [here](blind.txt)) and we need to decode it to obtain the flag
+
+## How to Solve?
+As you can see in the file, that is a `Braille Alphabet`. So we can use [dcode.fr](https://www.dcode.fr/braille-alphabet) to decode the msg
+
+![flag](images/flag.png)
+
+```
+grepCTF{t00_bl1nd_t0_s33}
+```

GREP CTF 2023/Blind/blind.txt

@@ -0,0 +1 @@
+⠞⠓⠑⠀⠋⠇⠁⠛⠀⠊⠎⠀⠞⠼⠚⠼⠚_⠃⠇⠼⠁⠝⠙_⠞⠼⠚_⠎⠼⠉⠼⠉

GREP CTF 2023/CaeX0R 2/README.md

@@ -0,0 +1,58 @@
+# CaeX0R 2
+> Ooops, i forgot the shift this time. Can you still figure out my flag.
+
+## About the Challenge
+We have been given a file to encrypt the flag (You can download the file [here](enc.py))
+
+Here is the content of `enc.py` file
+```python
+#enc.py
+from random import *
+flag="REDACTED"
+a=randint(1,1000)
+c=[]
+for f in flag:
+   c.append(str(ord(f)^a))
+print(c)
+print(a)
+
+#c=['313', '296', '295', '304', '274', '280', '263', '280', '263', '310', '315', '310', '316', '345', '268', '263', '310', '302', '345', '296', '276']
+#a=REDACTED
+```
+
+This Python code defines a script that performs a simple encryption on a flag using XOR cipher. The encryption key is a random integer between 1 and 1000 generated using the `randint()` function from the random module.
+
+## How to Solve?
+As you can see in the `enc.py` file, the seed is not really random because that function only generate a random integer between 0 and 1000. So to solve I have created the script to bruteforce the key from 0 to 1000
+
+```python
+from random import *
+import itertools
+
+c = ['313', '296', '295', '304', '274', '280', '263', '280', '263', '310', '315', '310', '316', '345', '268', '263', '310', '302', '345', '296', '276']
+
+for a in range(1, 1001):
+    flag = ""
+    for char_code in c:
+        char_code = int(char_code)
+        char = chr(char_code ^ a)
+        flag += char
+    
+    print(flag)
+```
+
+And im using `grep` too to find the flag. But in this case we can't find the flag directly, but I will search for the string containing the characters `{` and `_`
+
+```shell
+python3 solve_caex0r2.py | grep "{" -a | grep "_"
+```
+
+![grep](images/grep.png)
+
+As you can see `PANY{qnqn_R_U0en_G0A}` was interesting because it match with the flag structure, So i put that string into caesar cipher decoder (You can use [dcode.fr](https://www.dcode.fr/caesar-cipher) to do this)
+
+![flag](images/flag.png)
+
+```
+GREP{hehe_I_L0ve_X0R}
+```

GREP CTF 2023/CaeX0R 2/enc.py

@@ -0,0 +1,12 @@
+#enc.py
+from random import *
+flag="REDACTED"
+a=randint(1,1000)
+c=[]
+for f in flag:
+   c.append(str(ord(f)^a))
+print(c)
+print(a)
+
+#c=['313', '296', '295', '304', '274', '280', '263', '280', '263', '310', '315', '310', '316', '345', '268', '263', '310', '302', '345', '296', '276']
+#a=REDACTED

GREP CTF 2023/CaeX0R/README.md

@@ -0,0 +1,55 @@
+# CaeX0R
+> I pressed shift key 10 times and lost the flag. Can you find my flag.
+
+## About the Challenge
+We have been given a file to encrypt the flag (You can download the file [here](enc.py))
+
+Here is the content of `enc.py` file
+```python
+#enc.py
+from random import *
+flag="REDACTED"
+a=randint(1,1000)
+c=[]
+for f in flag:
+   c.append(str(ord(f)^a))
+print(c)
+print(a)
+
+#c=['162', '177', '188', '169', '136', '187', '138', '145', '172', '187', '138', '145', '172', '190', '152', '156', '187', '195', '177', '142']
+#a=REDACTED
+```
+
+This Python code defines a script that performs a simple encryption on a flag using XOR cipher. The encryption key is a random integer between 1 and 1000 generated using the `randint()` function from the random module.
+
+## How to Solve?
+As you can see in the `enc.py` file, the seed is not really random because that function only generate a random integer between 0 and 1000. So to solve I have created the script to bruteforce the key from 0 to 1000
+
+```python
+c=['162', '177', '188', '169', '136', '187', '138', '145', '172', '187', '138', '145', '172', '190', '152', '156', '187', '195', '177', '142']
+
+for a in range(1, 1001):
+    flag = ""
+    for char_code in c:
+        char_code = int(char_code)
+        char = chr(char_code ^ a)
+        flag += char
+    
+    print(flag)
+```
+
+And im using `grep` too to find the flag. But in this case we can't find the flag directly, but I will search for the string containing the characters `{` and `_`
+
+```shell
+python3 solve_caex0r.py | grep "{" -a | grep "_"
+```
+
+![grep](images/grep.png)
+
+As you can see the last result was interesting, So i put that string into caesar cipher decoder (You can use [dcode.fr](https://www.dcode.fr/caesar-cipher) to do this)
+
+![flag](images/flag.png)
+
+```
+GREP{Xor_Xor_CaeX0R}
+```

GREP CTF 2023/CaeX0R/enc.py

@@ -0,0 +1,12 @@
+#enc.py
+from random import *
+flag="REDACTED"
+a=randint(1,1000)
+c=[]
+for f in flag:
+   c.append(str(ord(f)^a))
+print(c)
+print(a)
+
+#c=['162', '177', '188', '169', '136', '187', '138', '145', '172', '187', '138', '145', '172', '190', '152', '156', '187', '195', '177', '142']
+#a=REDACTED

GREP CTF 2023/DOGE DOGE DOGE/README.md

@@ -0,0 +1,51 @@
+# DOGE DOGE DOGE
+> Doge
+
+## About the Challenge
+We have been given a file to encrypt the flag (You can download the file [here](doge.py))
+
+Here is the content of `doge.py` file
+```python
+from Crypto.Util.number import *
+from pwn import xor
+flag = b'REDACTED'
+key = b'REDACTED'
+enc = b''
+for i in range(len(flag)):
+    enc += xor(key[i], flag[i])
+print(enc)
+# enc = b'#="5\x07\x1b\x01>4#s<u! \x1a3~3-\x1b7w7\x1b&4\x1a":)8'
+```
+
+This Python code uses the PyCrypto library to perform bitwise XOR operations on the individual bytes of a given plaintext flag using a fixed XOR key. The resulting ciphertext `enc` is printed to the console in bytes format.
+
+## How to Solve?
+So in this case, I have created a script to perform a brute-force attack on a single-byte XOR encryption scheme. It uses the PyCrypto library to perform bitwise XOR operations on the individual bytes of a given ciphertext enc using a variable-length XOR key
+
+```python
+from Crypto.Util.number import *
+from pwn import xor
+import itertools
+
+alphabet = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890'
+enc = b'#="5\x07\x1b\x01>4#s<u! \x1a3~3-\x1b7w7\x1b&4\x1a":)8'
+
+for combination in itertools.product(alphabet, repeat=1):
+    test = ''.join(combination)
+    print(test)
+    key = test+'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'
+
+    flag = b''
+    for i in range(len(enc)):
+        flag += xor(key[i], enc[i])
+
+    print(flag)
+```
+
+So, for this script, I recover the keys manually by checking the output one by one. And the end, the key was `DOGEDOGEDOGEDOGEDOGEDOGEDOGEDOGE`
+
+![flag](images/flag.png)
+
+```
+grepCTF{pl4y1ng_w1th_x0r_is_fun}
+```

GREP CTF 2023/DOGE DOGE DOGE/doge.py

@@ -0,0 +1,9 @@
+from Crypto.Util.number import *
+from pwn import xor
+flag = b'REDACTED'
+key = b'REDACTED'
+enc = b''
+for i in range(len(flag)):
+    enc += xor(key[i], flag[i])
+print(enc)
+# enc = b'#="5\x07\x1b\x01>4#s<u! \x1a3~3-\x1b7w7\x1b&4\x1a":)8'

GREP CTF 2023/Missing Kitty/README.md

@@ -0,0 +1,30 @@
+# Missing Kitty
+> My kitty is missing. Can you find her ? Last seen saying meow meow under the blanket !!
+
+## About the Challenge
+We have been given a file (You can download the file [here](Missing.jpg)) and we need to find the flag using that picture
+
+## How to Solve?
+To solve this, Im using `stegseek` first to extract hidden data from files by performing bruteforce attack. Here is the command to bruteforce the image using `rockyou.txt` wordlist
+
+```shell
+stegseek Missing.jpg /usr/share/wordlists/rockyou.txt
+```
+
+![stegseek](images/stegseek.png)
+
+We got txt file. If we open the file, we got this message
+
+```
+Dk what's this, some kitten language
+
+memmemmmmeemmememeemeemmmeemeemmmeemeeeemmemmmmmmeemeememeeeemmemmemmmmmmeememeemeememmemeeememmmeeememmmeeeemmemmemeemmmmmmememmmmmememmemmmeemmeememmemeemeeemmeemmmmemeemeemmmeemeemmmeeeemmemmemmmmmmeeeemmemeemeeeemeeemememmemmmmmmeemmeemmeemeeeemeeemememeemeeemmeemmemmmmemmmmmmeememmmmeemmememeeemmemmmemeeemmmemmmmmmemmemmemmemmmmmmeemmmmemeemeememmemmmmmmeemmemmmeemmememeemeemmmeememmemeemmeeemeememmmmeeememmmeemmememeemmemmmmemeeemmmmmememmmmmememmemememmmeemmmmemeememeemeemmememmemmmmmmeememmemeeememmmmemeemmmmemmmmmmeememmmmeemmememeeemmemmeemmememmemmeeemeeemmeemmemmmmmmeeeemmemeemeeeemeeemememeeemmemmmemmmmmmeemmeeemeememmemeemmeemmeeememmmmmmememmeemmeemmeemeemmmeemmmmemeemmeeemmemmmmmmmeeememmmemmmmmmeeeemeemememmeemeeemeeemmeemmeemmeemmeemeeememmmemeeeeemeemeemmmmeemmmemeeememmmeeememmmeemeemmmeemmemememeeeeemeememeemmeemmmemeeememmmeeememmmmeemmeemeemeeemmeeeeeme
+```
+
+Change the character `m` to 0 and character `e` to 1. And then decode the binary to obtain the flag
+
+![flag](images/flag.png)
+
+```
+GREP{steghide,Sw33t_l1ttle_k1tt3n}
+```

GREP CTF 2023/NGGYU/README.md

@@ -0,0 +1,18 @@
+# NGGYU
+> .
+
+## About the Challenge
+We have been given a file (You can download the file [here](nggyu.wav)) and we need to find the flag using that sound
+
+## How to Solve?
+First, open the `Sonic Visualizer` and then import the file
+
+![sonic](images/sonic.png)
+
+Press `G` button to open Spectogram panel and you will obtain the flag
+
+![flag](images/flag.png)
+
+```
+grepCTF{r1ck_4stl3y_g1v1ng_m3_up}
+```

GREP CTF 2023/R36/README.md

@@ -0,0 +1,14 @@
+# R36
+> 36 different robots were used to generate this sound.
+
+## About the Challenge
+We have been given a file (You can download the file [here](r36.wav)) and we need to find the flag using that sound
+
+## How to Solve?
+To solve this, Im using this [reference](https://ctftime.org/writeup/22354) because the chall is similar. This challenge was about SSTV or Slow Scan Television where you can send static image using only sound. So im using `qsstv` and then run the audio.
+
+![flag](images/flag.png)
+
+```
+grepCTF{psych3d3l1c_fr0g}
+```

GREP CTF 2023/README.md

@@ -0,0 +1,18 @@
+# GREP CTF 2023
+CTF writeup for GREP CTF 2023. I took part in this CTF competition with the my friend, @dRe. And we got 32th place out of 251 teams
+
+| Category | Challenge |
+| --- | --- |
+| Reverse Engineering | [Simple rev](/GREP%20CTF%202023/Simple%20rev/)
+| Cryptography | [Blind](/GREP%20CTF%202023/Blind/)
+| Cryptography | [CaeX0R](/GREP%20CTF%202023/CaeX0R/)
+| Cryptography | [CaeX0R 2](/GREP%20CTF%202023/CaeX0R%202/)
+| Cryptography | [DOGE DOGE DOGE](/GREP%20CTF%202023/DOGE%20DOGE%20DOGE/)
+| Cryptography | [Birdseed](/GREP%20CTF%202023/Birdseed/)
+| Forensics | [Missing Kitty](/GREP%20CTF%202023/Missing%20Kitty/)
+| Forensics | [Arctic Penguin](/GREP%20CTF%202023/Arctic%20Penguin/)
+| Forensics | [Royal Steg](/GREP%20CTF%202023/Royal%20Steg/)
+| Forensics | [NGGYU](/GREP%20CTF%202023/NGGYU/)
+| Forensics | [R36](/GREP%20CTF%202023/R36/)
+| Misc | [esoF*ck](/GREP%20CTF%202023/esoFck/)
+| Misc | [esoF*ck 2](/GREP%20CTF%202023/esoFck%202/)

GREP CTF 2023/Royal Steg/README.md

@@ -0,0 +1,36 @@
+# Royal Steg
+> Then Jesus turned, and seeing them following, said to them, 'what do you SEEK?
+
+> - JOHN 1:38
+
+## About the Challenge
+We have been given a file (You can download the file [here](steg.jpg)) and we need to find the flag using that picture
+
+## How to Solve?
+To solve this, Im using `stegseek` first to extract hidden data from files by performing bruteforce attack. Here is the command to bruteforce the image using `rockyou.txt` wordlist
+
+```shell
+stegseek steg.jpg /usr/share/wordlists/rockyou.txt
+```
+
+![stegseek](images/stegseek.png)
+
+We got password-protected zip file. Now we need to crack the zip password to obtain the flag by using `JohnTheRipper`. Here is the command that I used
+
+```shell
+zip2john steg.jpg.out > hash_steg.txt
+john -w=/usr/share/wordlists/rockyou.txt hash_steg.txt
+john --show hash_steg.txt
+```
+
+The `zip2john` tool is used to extract the password hash from a password-protected ZIP file and then next step is  crack the password hash contained in the `hash_steg.txt` file using `rockyou.txt` wordlist
+
+![john](images/john.png)
+
+Open the password-protected zip file using `jesuslove` as the password and you will obtain the flag
+
+![flag](images/flag.png)
+
+```
+grepCTF{tw0_l3v3ls_0f_st3g}
+```

GREP CTF 2023/Simple rev/README.md

@@ -0,0 +1,20 @@
+# Simple rev
+> `-`
+
+## About the Challenge
+We have been given a file (You can download the file [here](outfile)) and we need to do reverse engineering to get the flag
+
+## How to Solve?
+The easiest solution is by using `strings` command and then find the flag using `grep`. Here is the command that you can used
+
+```shell
+strings outfile | grep "grepCTF"
+```
+
+Here is the output
+
+![flag](images/flag.png)
+
+```
+grepCTF{4p0g33_h1vem1nd_g3n3s1s}
+```

GREP CTF 2023/esoFck 2/README.md

@@ -0,0 +1,22 @@
+# esoF*ck 2
+> 2 levels of eso should make my message impossible to decipher.
+
+## About the Challenge
+We have been given a file (You can download the file [here](msg.txt)) and we need to decode it to obtain the flag
+
+## How to Solve?
+Im only using this [website](https://www.splitbrain.org/_static/ook/) to decode the msg file. Decode it by pressing `Brainfuck to Text` button
+
+![decode](images/decode.png)
+
+And then decode the output again by pressing `Ook! to Text` button
+
+![decode_2](images/decode_2.png)
+
+And you will obtain the flag
+
+![flag](images/flag.png)
+
+```
+grepCTF{3sot3r1c_l4ngu4g3s_4r3_0k!}
+```

GREP CTF 2023/esoFck/README.md

@@ -0,0 +1,18 @@
+# esoF*ck
+> I've heard about brainf#ck but what the f#ck js this?
+
+## About the Challenge
+We have been given a file (You can download the file [here](msg.txt)) and we need to decode it to obtain the flag
+
+## How to Solve?
+First, we need to remove `f#ck` keyword from the msg, and then here is the result
+
+![remove](images/remove.png)
+
+And then find JSFuck decoder (In this case, im using [dcode.fr](https://www.dcode.fr/jsfuck-language)) and here is the output
+
+![flag](images/flag.png)
+
+```
+grepCTF{3sot3r1c_l4ngu4g3s_ftw}
+```

README.md

@@ -36,3 +36,4 @@ List of CTF events that i have joined before
 | UMass CTF 2023 | 25 March, 06:00 WIB — 27 March 2023, 00:00 WIB | [Link](/UMass%20CTF%202023/) |
 | VishwaCTF 2023 | 31 March, 17:30 WIB — 02 April 2023, 17:30 WIB | [Link](/VishwaCTF%202023/) |
 | RITSEC CTF 2023 | 31 March, 23:00 WIB — 02 April 2023, 23:00 WIB | [Link](/RITSEC%20CTF%202023/) |
+| GREP CTF 2023 | 01 April, 18:00 WIB — 03 April 2023, 18:00 WIB | [Link](/GREP%20CTF%202023/) |