My Tremendous Defender 2.0 (100pts) - 28 solves by AlphaTank
Description
Our company thought that keeping our moving target defense software closed source would deter hackers, sadly the controller was easily discovered. I was able to convince the board to implement an encryption and even make the software public, to show malicous actors our confidence in moving target defense and our software. I even implemented passwords and signing keys!
I wanted to create my own VM for once. Luckily I know that printf is turing complete and can use that as interpreter so I don't have to write one myself! (Not intended to be pwned)
See the attached hello world program for an example. Enter %1$254s%9$hhn to turn on debug mode.
Where did it go? (100pts) - 27 solves by TheBadGod
Description
I just wanted my picture to be save, so I encrypted all the RGBA values with AES-ECB using a random string... Then, I didn't see it coming, I forgot that string. At least I remember that it was exactly 1000 pixels wide.
Have you seen how volatile bitcoin is? Anyway, we arrested the bad guy and got a memory dump of the pc. We need the flag. I think he stored it in a file called 'flag.txt'. Not sure what folder, but that's enough.
Here's a picture of some nice colors! These colors also happen to make up the flag! If only there was something about these colors that we could use to retrieve the flag :rooThink: ... (If the flag you get looks a little off, try a different tool (if you choose to use one))
BagelBot is the greatest gambling bot ever to be made. It's so good, that BagelBot is giving everyone 1,000 free bagels when to anyone when they initialize a profile with b.bal to celebrate its release! Try it out by dming the bot b.help to see a list of commands! (I promise this is less guessy than ImaginaryBot v2)
Oh no, roo discovered the Fisher-Yates shuffle and decided the shuffle all my good advice.
Please help me restore everything so that I know what I learned about classical cryptanalysis?
Note: The solution will give you instructions on how to get the flag, there will be no ictf{} in the plaintext directly.
