Skip to content

Instantly share code, notes, and snippets.

Show Gist options
  • Save alirezaomidi/8f5b8e9daffafe6eaefb to your computer and use it in GitHub Desktop.
Save alirezaomidi/8f5b8e9daffafe6eaefb to your computer and use it in GitHub Desktop.
ctf.infosecinstitute.com CTF Challenge reviews

level 1 ($10)

url: http://ctf.infosecinstitute.com/levelone.php
flag: infosec_flagis_welcome
solution: Just see the first line of the source

level 2 ($20)

url: http://ctf.infosecinstitute.com/leveltwo.php
flag: infosec_flagis_wearejuststarting
solution:

  1. Download the image file from link
  2. base64 -d leveltwo.jpeg > 1
  3. cat 1

level 3 ($30)

url: http://ctf.infosecinstitute.com/levelthree.php
flag: INFOSECFLAGISMORSING
solution:

  1. Scan QRCode
  2. Decode morse

level 4 ($40)

url: http://ctf.infosecinstitute.com/levelfour.php
flag: infosec_flagis_welovecookies
solution:

  1. See the coockies, vasbfrp_syntvf_jrybirpbbxvrf
  2. ROT13

level 5 ($50)

url: http://ctf.infosecinstitute.com/levelfive.php
flag: infosec_flagis_stegaliens
solution:

  1. Prevent the page from creating additional dialogs using your browser.
  2. Disable javascript. Use Web Developer for Google Chrome. You can use the browser itself to disable it. Find the option in Developer Tools/Inspect Elements/... .
  3. Download the Image.
  4. Install Steghide tool. For Debian/Ubuntu/Mint use sudo apt-get install steghide.
  5. $ steghide extract -sf aliens.jpg. Enter empty passphrase.
  6. Convert the binary in all.txt to ASCII.

level 6 ($60)

url:
flag: ``
solution:

level 7 ($70)

url: http://ctf.infosecinstitute.com/404.php
flag: infosec_flagis_youfoundit
solution:

  1. Just use browser to see http://ctf.infosecinstitute.com/levelseven
  2. In status there is a base64 decoded string aW5mb3NlY19mbGFnaXNfeW91Zm91bmRpdA==
  3. Decode it

level 8

url: http://ctf.infosecinstitute.com/leveleight.php
flag: ``
solution:

level x

url:
flag: ``
solution:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment