ACE CTF
wave 2 ga sempet ikut :c
Web
Web
Web
Web
Forensics
Forensics
Forensics
Forensics
Forensics
Steganography
Steganography
Steganography
Osint
Osint
Cryptography
Reverse Engineering
Misc
Misc
Buried Deep
"I’m not a hacker. I’m just someone who wants to make the world a little better. But the world isn’t going to change itself."
Submit your answer in the following format: ACECTF{3x4mpl3_fl4g}
The flag content should be in lowercase letters only.
then after simple enumeration we can find something interesting in the css
we found the 3rd part of the flag? thats weird lol so lets just continue then i found
then i tried going in one by one and we can find the other 2 parts of the flags that are only encoded inside of those endpoints so you can just decode and craft the flag
Webrypto
I think we can all agree that most of us grew up watching the iconic cartoon Tom & Jerry. Every kid would feel that surge of adrenaline during the thrilling chases and chaotic conflicts between the mischievous mouse and the ever-determined cat. The excitement of those scenes—the heart-pounding moments of escape—sometimes felt almost real.
But then, I heard a little rumor: what if all those chases were fake? What if Tom and Jerry were actually friends all along? That revelation shook me. I had no one to ask about this mind-bending twist, so I decided to take matters into my own hands—I created a web app to settle this question once and for all.
I know the truth now. Do you think you can uncover it too?
so this challenge just reveals the backend logic of the challenge so first it will compare the value of tom and jerry and then also compare the md5 values after appending the values of tom and jerry to ACECTF
exploit :
so we can actually break the logic of the machine just buy inputting arrays to the php like endpoint/?tom[]=1&jerry[]=2
so when they check the values of the array [1] and [2] are still different and then when they check the values of the md5 from tom / jerry should be possibly an array or NULL so imagine if it returns NULL if im not wrong then it will check if ACECTFNULL == ACECTFNULL ofcouse this will return true and the server will give us the flag
Token Of Trust
At first, this web app seems straightforward, but there’s something more lurking beneath the surface. It relies on a token for user authentication, but not everything is as secure as it seems. Look closely, and you might discover that the system’s trust can be manipulated.
The secret is hidden within the way this token is used. Can you find the key to unlock what’s been concealed? The challenge is waiting for you to crack it.
Submit your answer in the following format: ACECTF{3x4mpl3_fl4g}
coming in the website we are getted by the main page that told us about going the /login with a POST header
going inside the login page he gave use a json payload for us to send to the website
after doing what he told us to do the server will return us a token that by experience we can already tell that this is a jwt cookie exploit after checking the /robots.txt we found the other endpoint called /flag that accepts the jwt cookie so changing the alg to none and changing the username to admin then removing the 3rd part of the jwt we have crafted our payload
Flag Fetcher
Hey guys, I created a flag fetcher using some web stacks & technologies. It was supposed to fetch the flag.webp image file which contains the flag but there was some kind of error in doing that. Can you verify it? Maybe just get the flag I don't really care if you fix it or not.
after coming in the link i saw that the web was suspicious after coming into the endpoint it has a delay then it automaticly redirects us to picture isnt this weird? talking about the redirect but also the delay so i went to intercept and check what was happening
after intercepting then a slight enumeration we can see that the server is taking lots of network that contains the flag and we solved the challenge
Bucket List
You know what's a bucketlist? In simple terms, it's just a list of wishes people want to achieve before the leavee this world. I found it to be very limiting & ironic because how can you know when you'll leave the world behind? It's better to enjoy every moment and take on every opportunity you can. One of my whishes though is to pet a cat, do you mind checking this one out. So cute.
so we were greeted by this cute cat but looking at the url this is not normal it was using AWS bucketlist thing i forgot about the name but we can go to the original page
we can see that the server lists all of the endpoints now we just need to find the flag
just a simple search for txt we found this secret.txt file
we found a base64 data
simple decode and we got the flag
Broken Secrets
You’ve found a suspicious file, but it seems broken and cannot be opened normally. Your goal is to uncover its secrets.
Submit your answer in the following format: ACECTF{3x4mpl3_fl4g}
when we check the file type it says 7z so i tried using 7z to extract the data
well this is weird word files?
going inside the /media folder we can find a not suspicious folder literally
when we xxd we can see the IHDR chunk this is something thats common in pngs so lets try to fix it
we only need to fix the first byte of the picture then we can open the picture
Hidden in the traffic
A whistleblower tipped us off about a secret communication between two devices. We managed to intercept the network traffic, but the flag is hidden within the data. Your task is to analyze the provided PCAP file, uncover the hidden message, and extract the flag.
Submit your answer in the following format: ACECTF{3x4mpl3_fl4g}
starting off the challenge we have to understand what the challenge is asking for it saying about a secret communication between two devices
when we first open the file in pcap and when check the data theres a huge load of icmp data thats suspicious from that we can already suspect that icmp is the primary target cause we also know that icmp a protocol makes a devices can comminucate with other devices
i will be using pyshark to get the data from the icmp packets in the capture file
this will take all the data from the icmp packets
AABCDEFGHIJKLCABCDEFGHIJKLEABCDEFGHIJKLCABCDEFGHIJKLTABCDEFGHIJKLFABCDEFGHIJKL{ABCDEFGHIJKLpABCDEFGHIJKL1ABCDEFGHIJKLnABCDEFGHIJKL6ABCDEFGHIJKL_ABCDEFGHIJKL0ABCDEFGHIJKLfABCDEFGHIJKL_ABCDEFGHIJKLDABCDEFGHIJKL3ABCDEFGHIJKL4ABCDEFGHIJKL7ABCDEFGHIJKLhABCDEFGHIJKL}ABCDEFGHIJKLAABCDEFGHIJKLCABCDEFGHIJKLEABCDEFGHIJKLCABCDEFGHIJKLTABCDEFGHIJKLFABCDEFGHIJKL{ABCDEFGHIJKLpABCDEFGHIJKL1ABCDEFGHIJKLnABCDEFGHIJKL6ABCDEFGHIJKL_ABCDEFGHIJKL0ABCDEFGHIJKLfABCDEFGHIJKL_ABCDEFGHIJKLDABCDEFGHIJKL3ABCDEFGHIJKL4ABCDEFGHIJKL7ABCDEFGHIJKLhABCDEFGHIJKL}ABCDEFGHIJKL
this is the output that we get i was a bit confused but then when i asked deepseek he seems to know the answer and created this script
Virtual Hard Disk
One of the first things I learnt when I started learning to hack was linux. It was fun until I hit a ceiling of understanding about the differences in Operating Systems, what's a Shell, Kernel, etc.
But once I got better I started developing a liking towards the terminal and how the Linux operating system is
betterthan say Windows, orworsein some cases. How none of them is superior, nor the other inferior. We shall find out with this challenge.Be careful, a lot of fake galfs around.
cause we are going to work with disk things i forgot what its called im gonna use sleuthkit to solve it
then after we know where the offset it we can just do fls
we actually found some interesting stuff so lets try seeing what inside the so called flag
so the flag is not yet found so lets get a bit more info i saw one of the files also had a key
so theres also a key for this flag so i begin to think that this flag uses something like vigenere
and i was correct and solved the challenge
Fractured Frames
A forensic investigator retrieved this image from a suspect’s device, but something isn’t right. The structure shows unusual modifications. Could it be that vital information was concealed rather than erased?
Flag Format: ACECTF{3x4mpl3_fl4g}
we were given a picture of me JK but the picture looks kinda cut so we can try resizing the picture and maybe find something
cause this file is a jpg file we can go to the bytes after FF C0 after 8 bits we can resize the picture i just added another 08
we found the flag
Keyboard Echo
You have intercepted USB traffic from a device and captured the data in a .pcapng file. However, the keystrokes are encoded and need to be converted into readable text.
Your task is to analyze the provided packet capture, extract the keystrokes, and reconstruct the original input.
Flag Format: ACECTF{3x4mpl3_fl4g}
i actually never solved USB traffic thing ctf so i started by studying about the vulnerabilty
but then after i came across this web
we found this script that says it can convert the letters also? this is very handy so i used this payload
running the code i seem to only find a part of the flag so i saved the data from the reader to a file then use another script to read the text
and we found the flag
ACECTF{y0u_h4v3_f0und_17}
Tabs&Spaces
A mysterious ZIP file containing a collection of images and a file has been discovered.The task is to retrieve the flag.
atfirst we extract the file we can find a folder filled with hidden picture but there was one picture that was unique than the other
when doing steghide the file seems to give a txt this is where the actual ctf is lol
from what the challenge is called tabs and spaces we can try to get those and maybe change it to something like binary im just gonna use python to make stuff easier
Cryptic Pixels
This image looks normal at first, but something important is hidden inside. The secret is carefully concealed, making it hard to find.
Your task is to explore the image, uncover the hidden message, and reveal what’s concealed. Do you have what it takes to crack the code and unlock the secret?
Submit your answer in the following format: ACECTF{3x4mpl3_fl4g}
so from the desc we should read the desc carefully it says do you have what it takes to "crack" the code this will be useful later
there was embedded data inside the picture so after extracting
we were given 2 zips but im sure the flag is in the B8 file
so we actually need to crack the code to the zip we can just use zip3john then john using the most famous and overused wordlist
after cracking then extracting the password we actually got the flag
as usual in this ctf we still need to do extra stuff
using a rot13 bruteforce tool online we manage to get the flag and solved the challenge
HeaderHijack
A secret agent's intercepted video file refuses to play. A mysterious checksum file was found alongside it. Your task is to repair the file and retrieve the flag...
so first we were given a zip file and it gave us an mp4 when we do xxd we can see the moov byte so to fix this mp4 we also have to use the moov byte and fix the other parts of the header
we fixed the video and at the end of the video
thanks to peter breaking the stuffs we actually found the flag
Fall of 2022
It was a peaceful time — schools were over, college admissions were delayed, and COVID was slowly on the decline. It seemed like the perfect time to relax and check my phone for her txts.
The funny thing is, I never got any. So I considered it just another gloomy year.
Anyways, here’s the domain for this CTF: acectf.tech
What? You already knew this domain? Oh, I guess you’ll have no trouble finding the flag then.
Good Luck!
the way he gave us a domain and not just a full url is sus so i tried doing nslookup
and we found the flag
The Symphony of Greatness
Hey everyone, myself modernlouis. I remember starting to explore music outside of my native language years ago. Back then, I was just a kid, trying something completely new and unfamiliar. At first, I did it to feel included with others who were effortlessly singing along to the most popular songs of the time.
Over the years, I listened to a lot of artists, but for a long time, I couldn’t settle on an all-time favorite. That changed during the recent pandemic. With all the extra time on my hands, I dove deeper into my love for music. Slowly and without even realizing it, I found myself drawn to a specific kind of sound.
What kind of music, you ask? Well, not the ones filled with meaningless words just to make rhymes. Not the albums entirely focused on heartbreak stories. And definitely not the tracks made just to curse or diss someone—come on, let’s move past that.
I admire musicians who showcase raw vocal talent, seamlessly blend different genres, and have a a signature sound that was instantly recognizable and highly danceable.
Now, here’s the challenge: Your task is to figure out which band I’m talking about. The biggest hint? Me...
Flag Format: The Flag is the band's name followed by their most streamed song, in this format: ACECTF{band_name_song_name}
Example: If the band is One Direction and their most streamed song is Night Changes, then the flag would be: ACECTF{0n3_d1r3c710n_n16h7_ch4n635}
so at first glance we can already see that he uses a weird word called modernlouis
after looking it up we found a band called modern talking
after seeing that we can try to submit the flag and not forget the flag format and we actually solved the challenge
ACECTF{m0d3rn_74lk1n6_ch3r1_ch3r1_l4dy}
For The Fans
Yo, I’ve lowkey always been a Drake fan, that’s why my username’s "DrakeSaltyOVO". It was literally everywhere on my dashboard until I had to take it down 'cause people just kept hating. But, like, that’s one thing I’ve always related to with my guy Drake, and honestly, I’ve been an even bigger fan ever since. 😂 Ya, laugh all you want, but I’m literally the only one with the flag fr, rofl!
i lowkey was listening to not like us while listening to this
so after my teammate found the twitter i decided to continue and help in finding the flag in the twitter he was talking about a blog so i searched up his username online
after searching his name in the website we found an account with the same username
when doing a base64 from that file header we can already know that its a 7z file so i created a script to save that into a script
it was asking for a password i suddenly remembered that the twitter said something about the password and we can expect it was his birthday by confirming the time to crack
and we found it 2000914
and we solved the challenge
A Little Extra Knowledge Is Dangerous
Have you ever heard the quotes, A little knowledge is a dangerous thing and In the land of the blind, the one-eyed man is king? They strike me as deeply contradictory—one condemning the slightly knowledgeable, while the other exalts them.
This contradiction highlights something unsettling: fairness doesn’t seem to exist in this world. Everyone seems to twist things to suit their own agendas, leading to divisions—arbitrary ones—where people impose their ideologies on others.
What if we eliminated excess knowledge and these divisions altogether? Perhaps then we could live like illiterate cynics—but in peace.
That’s the essence of this challenge I’m presenting to you. Or should I call it a sermon?
we were given this file
QUNFQ1RGe/MV82dTM1NV95MHVfN3J1bmM0N/zNkXzdoM18zeDdyNF9rbjB3bDN/kNjNfcjRkMG1fNTdyMW42NjY2NjY2NjY2NjU1NTU1NTU1NV/94eHh4eHh4YmJieHh4eHh4Y2N/jY3h9
so i tried doing base 64
seems like this encoded are separated into parts to make it easier i made into parts too
by deleting the chars slowly and carefully i managed to extract the flag
ACECTF{1_6u355_y0u_7runc473d_7h3_3x7r4_kn0wl3d63_r4d0m_57r1n66666666666555555555_xxxxxxxbbbxxxxxxccccx}
and we solved the challenge
DONOTOPEN
A suspicious script file seems to be hiding something important, but it refuses to cooperate. It's obfuscated, tampered with, and demands a password. Unravel the mystery to uncover the hidden flag.
so we were given a file when i was checking the file using binwalk
thats weird so i extracted the data
we were given a script that has some useless stuff that we can filter out and also a web request thing that i also moved to the bottom
we can just print the above and we can actually get the actual flag without using any of the other distractions
Insanity Check
You might've breezed through the easy Sanity Check, but this challenge is for true contenders! If you want to prove your sanity is as unhinged as mine, you’ll have to earn it.
How, you ask?
Back when we were building these CTF challenges, everyone would upload their carefully crafted puzzles, and I was the one reviewing them. But me being me—I rejected a ton of them, tossing them straight into the bin for all sorts of reasons. Naturally, my teammates started questioning my sanity, some even calling me insane. But if there was one thing that remained constant, it was the bin. Now, it’s your turn to dig in and you already know where to start... The same place where you proved you were sane!
I think you must be in the Discord server by now - https://discord.gg/REDACTED
my friend managed to find a user called pastebin isnt this weird then after getting the hint
going inside the paste bin we found the flag
Hash Guesser
Welcome to the only cracking challenge of ACECTF1.0, here we have a Hash that we need to crack. The target hash has been taken from a very famous wordlist which has around what 14 million passwords? Yeah, but it's not that simple, the target hash has been
base32 encoded& thenreversedbefore generating theMD5 hash. I guess that's enough information for you to start, good luck.
so we are provided a code to reverse the stuff and we are provided a nc command to connect to the server so i tried stuffs weirdly the server tells us when a bit is right
like 0/32 when we submit 32 0s we will get 0/32 but when we do all a we will get 1/32 that reminds me of a bitflip attack in picoctf while its different in use but still it could work so after brute forcing the nc we obtained the flag
ACECTF{h45h_cr4ck1n6_r3qu1r35_4_l177l3_w17}
Last updated