Room Banner

CCT2019

Legacy challenges from the US Navy Cyber Competition Team 2019 Assessment sponsored by US TENTH Fleet

insane

180 min

Room progress ( 0% )

To access material, start machines and answer questions login.

Task 1CCT2019 - pcap1

This is a pcap-focused challenge originally created for the U.S. Navy Cyber Competition Team 2019 Assessment. Although the assessment is over, the created challenges are provided for community consumption here.

If you find the right clues, they will guide you to the next step. I did include some red herrings in this challenge, but you can stay on track by focusing on pcap-related skills.

HINT1: It's a pcap challenge. If you're doing stego or re, you're either down a rabbit hole or there's an easier way.

HINT2: It is very important to do the first step correctly. If you don't recover the first file in its entirety, you may not be able to complete steps later on in the challenge. The second pcap file has 4,588 packets in it. Contact me on Discord (send a DM to username zoobah) if you are struggling with this step.

HINT3: For the final step, the binary was built to run in an amd64 Kali Linux environment. If you are using a different Linux distro, you may run into some problems.

Answer the questions below

Find the flag.

There's some kind of a high security lock blocking the way. Defeat the GUI to claim your key!

NOTE: The key is a 32-character hex blob and doesn't follow the CCT{.*} format. It'll be apparent when you've found it.

If you need a Windows machine to help reverse engineering this, please use the Windows base room.

Answer the questions below

What is the key to re3? (Hey, that rhymes)

UPDATE: There was a bug found in cryptii that has now been fixed, but will cause issues on the final step of the challenge. For now, when you find the the cipher text FSXL PXTH EKYT DJXS PYMO JLAY VPRP VO, replace it with this cipher text instead: JHSL PGLW YSQO DQVL PFAO TPCY KPUD TF. Everything else at that step, e.g., the configuration file can remain as-is. I intend to update the challenge file to correct this issue, but this will serve as a temporary fix until that time.

Our former employee Ed is suspected of suspicious activity. We found this image on his work desktop and we believe it is something worth analyzing. Can you assist us in extracting any information of value?

HINT1: if you're not sure if a password is upper- or lower-case, try all lower-case.

HINT2: There are many steps that can be done concurrently in this challenge. If you find you need something, you may have not found the key to unlock it yet. If you have something useful and you're not sure where to use it, it's possible the file you need is still hidden somewhere.

HINT3: https://cryptii.com/ - Cool website, bro

HINT4: the flag will follow the format CCT{.*}

Answer the questions below

What is the flag?

Find ye some flags. There are three parts to this challenge, each with its own flag. Solve crypto1a obtain the crypto1a flag and to unlock crypto1b. Solve crypto1b to obtain the crypto1b flag and unlock crypto1c. Solve crypto1c and you'll have all three flags.

HINT1: crypto1a and crypto1b can be solved with freely available online tools

HINT2: For crypto1c, you probably have to code a solution to solve it as I'm not aware of any online tools for this variant. It's not complex to solve if you can figure out the scheme and it is possible to solve by hand although it could be a bit tedious.

HINT3: For crypto1c, start with "0" not "1".

Answer the questions below
What is the flag for crypto1a?

What is the flag for crypto1b?

What is the flag for crypto1c?

Created by

Room Type

Free Room. Anyone can deploy virtual machines in the room (without being subscribed)!

Users in Room

5,537

Created

1984 days ago

Ready to learn Cyber Security? Create your free account today!

TryHackMe provides free online cyber security training to secure jobs & upskill through a fun, interactive learning environment.

Already have an account? Log in

We use cookies to ensure you get the best user experience. For more information contact us.

Read more