Kashi CTF

Managed to solve all the web challenges

91/753

Challenge	Category	Status
Corporate Life 1	Web	Solved
Corporate Life 2	Web	Solved
SuperFastAPI	Web	Solved
Lost Frequencies	Cryptography	Solved
Key Exchange	Cryptography	Solved
Easy Jail 1	Misc	Solved
Restaurant	Forensics	Upsolved

For Pwn, Rev and more Misc checkout my teammate writeup : https://mikimiku.gitbook.io/more-more-pwn/contests/ctf-tours/kashi-ctf-2025

---

1

Corporate Life 1

The Request Management App is used to view all pending requests for each user. It’s a pretty basic website, though I heard they were working on something new.

Anyway, did you know that one of the disgruntled employees shared some company secrets on the Requests Management App, but it's status was set denied before I could see it. Please find out what it was and spill the tea!

starting off the challenge we were greeted by a weird app that gave us pending data in the challenge description we were told that there was an employee that shared some company secrets on the request management app and the status was set to denied this will be very helpful in the future

enumeration

when we check the network of the web page we can see lots of interesting files

self.BUILD_MANIFEST=function(e,r,s){return{rewrites:{afterFiles:[],beforeFiles:[],fallback:[]},routerFilterStatic:{numItems:0,errorRate:1e-4,numBits:0,numHashes:null,bitArray:[]},routerFilterDynamic:{numItems:0,errorRate:1e-4,numBits:e,numHashes:null,bitArray:[]},"/":["static/chunks/pages/index-6413244cd5618b98.js"],"/_error":["static/chunks/pages/_error-fde50cb7f1ab27e0.js"],"/v2-testing":["static/chunks/pages/v2-testing-fb612b495bb99203.js"],sortedPages:["/","/_app","/_error","/v2-testing"]}}(0,0,0),self.BUILD_MANIFEST_CB&&self.BUILD_MANIFEST_CB();

in the code above there is an interesting endpoint called /v2-testing

(self.webpackChunk_N_E=self.webpackChunk_N_E||[]).push([[415],{3906:(e,t,s)=>{(window.__NEXT_P=window.__NEXT_P||[]).push(["/v2-testing",function(){return s(4708)}])},4708:(e,t,s)=>{"use strict";s.r(t),s.d(t,{default:()=>l});var a=s(4848),r=s(6540);function l(){let[e,t]=(0,r.useState)("All"),[s,l]=(0,r.useState)(""),[n,i]=(0,r.useState)([]);async function x(){let t="All"===e?"":e,a=s?{name:s}:{filter:t},r=await fetch("/api/list-v2",{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(a)});i(await r.json())}return(0,r.useEffect)(()=>{x()},[e,s]),(0,a.jsx)("div",{className:"min-h-screen bg-gray-50 p-8",children:(0,a.jsxs)("div",{className:"max-w-4xl mx-auto",children:[(0,a.jsx)("h1",{className:"text-3xl font-bold text-center mb-6 text-blue-600",children:"Pending Tasks List"}),(0,a.jsx)("p",{className:"text-red-500 font-mono text-sm my-2",children:"Notice: The v2 is currently being tested and is not yet ready for production use. Please report any issues to the development team."}),(0,a.jsx)("div",{className:"flex space-x-4 mb-4",children:["All","Finance","IT","Legal","Engineering","Operations","Compliance","HR","Executive"].map(s=>(0,a.jsx)("button",{onClick:()=>t(s),className:"px-4 py-2 font-mono text-sm rounded ".concat(e===s?"bg-blue-700 text-white":"bg-gray-200 text-gray-700 hover:bg-gray-300"),children:s},s))}),(0,a.jsx)("div",{className:"mb-6",children:(0,a.jsx)("input",{type:"text",value:s,onChange:e=>l(e.target.value),placeholder:"Search employee name",className:"w-full font-mono text-sm border-2 border-gray-300 p-3 rounded bg-white text-gray-900"})}),(0,a.jsxs)("div",{className:"bg-white rounded-lg shadow-md overflow-hidden",children:[(0,a.jsxs)("table",{className:"min-w-full divide-y divide-gray-200",children:[(0,a.jsx)("thead",{children:(0,a.jsxs)("tr",{children:[(0,a.jsx)("th",{className:"px-2 py-2 text-left text-xs font-medium text-gray-500 uppercase tracking-wider",children:"Employee Name"}),(0,a.jsx)("th",{className:"px-2 py-2 text-left text-xs font-medium text-gray-500 uppercase tracking-wider",children:"Request Details"}),(0,a.jsx)("th",{className:"px-2 py-2 text-left text-xs font-medium text-gray-500 uppercase tracking-wider",children:"Status"}),(0,a.jsx)("th",{className:"px-2 py-2 text-left text-xs font-medium text-gray-500 uppercase tracking-wider",children:"Department"}),(0,a.jsx)("th",{className:"px-2 py-2 text-left text-xs font-medium text-gray-500 uppercase tracking-wider",children:"Role"}),(0,a.jsx)("th",{className:"px-2 py-2 text-left text-xs font-medium text-gray-500 uppercase tracking-wider",children:"Email"})]})}),(0,a.jsx)("tbody",{className:"bg-white divide-y divide-gray-200",children:n.map((e,t)=>(0,a.jsxs)("tr",{children:[(0,a.jsx)("td",{className:"px-2 py-2 text-sm text-gray-700",children:e.employee_name}),(0,a.jsx)("td",{className:"px-2 py-2 text-sm text-gray-700",children:e.request_detail}),(0,a.jsx)("td",{className:"px-2 py-2 text-sm text-gray-700",children:e.status}),(0,a.jsx)("td",{className:"px-2 py-2 text-sm text-gray-700",children:e.department}),(0,a.jsx)("td",{className:"px-2 py-2 text-sm text-gray-700",children:e.role}),(0,a.jsx)("td",{className:"px-2 py-2 text-sm text-gray-700",children:e.email})]},t))})]}),0===n.length&&(0,a.jsx)("p",{className:"mt-4 text-center text-gray-500",children:"No results to display."})]})]})})}}},e=>{var t=t=>e(e.s=t);e.O(0,[636,593,792],()=>t(3906)),_N_E=e.O()}]);

from the code above we learnt how the /v2-testing endpoint works by doing a POST request into the /api-v2 and we can filter data from the request this makes sql injections a possibility in the web app

this is an example of filtering the department of the api

if we try to make an error as you can see the error message said error databse communication this is interesting

i tried doing injections in the name but im not sure if its vulnerable now i tried the other data in the filter part as you can see when we tried to do it' OR '1'='1 it actually works and theres nothing wrong this means that we found an sqli

knowing that we can try to get the flag by giving the status denied

and look at that we actually found the flag

2

Corporate Life 2

The disgruntled employee also stashed some company secrets deep within the database, can you find them out?

this is the second part of the corporate life challenge and its saying about a new secret that the employee saved deep within the database this means we have to try access the database more

the first thing i did was try to find how any columns were used

we can use UNION to try and select the columns after using 7 it will give an error this makes us knkow the total of column used and we can continue to gain data now i want to know which sql is the server using

when using sqlite_version() the server actually returned the sql version that they are using this means we found what sql the server is using

after searching about sqlire sqli i found this github that is really helpful at solving the challenge

PayloadsAllTheThings/SQL Injection/SQLite Injection.md at master · swisskyrepo/PayloadsAllTheThingsGitHub

and i selected sql from the sqlite_schema to gain more information about the database and i found an interesting table called flags which had a secret_flag knowing this we can just select the flag from the table

and we can just combine the parts of the flag to get the flag

KashiCTF{b0r1ng_old_c0rp0_l1f3_am_1_r1gh7_WHjIa3tZ}

3

SuperFastAPI

Made my verty first API!

However I have to still integrate it with a frontend so can't do much at this point lol.

starting off the challenge we were greeted by a weird flag we can try to find other endpoints and found out theres an endpoint called /docs after getting that info i immediately went to that endpoint

well this is interesting a place to access the apis i created a user called test and then tried to get the flag but the website said only admins can get the flag

so i tried creating updating my user and giving it the role admin unexpectedly it actually worked then i tried to get the flag again

and as easy as that we solved all the web challenges

4

Lost Frequencies

Zeroes, ones, dots and dashes Data streams in bright flashes

111 0000 10 111 1000 00 10 01 010 1011 11 111 010 000 0

NOTE: Wrap the capitalized flag in KashiCTF{}

from the chall desc we can already expect that this is a morse code by zeroes -> dots and ones -> dashes

flag = "111 0000 10 111 1000 00 10 01 010 1011 11 111 010 000 0"
new = ""
for i in flag:
    if i == '1':
        new += "-"
    elif i == '0':
        new += "."
    else:
        new += " "
print(new)

the code above will do just that

and then a simple cyber chef and we got the flag

KashiCTF{OHNOBINARYMORSE}

5

Key Exchange

```
from redacted import EllipticCurve, FLAG, EXIT
from Crypto.Cipher import AES
from Crypto.Util.Padding import pad
import hashlib
import random
import json
import os

def encrypt_flag(shared_secret: int):
    sha1 = hashlib.sha1()
    sha1.update(str(shared_secret).encode("ascii"))
    key = sha1.digest()[:16]
    iv = os.urandom(16)
    cipher = AES.new(key, AES.MODE_CBC, iv)
    ciphertext = cipher.encrypt(pad(FLAG, 16))
    data = {}
    data["iv"] = iv.hex()
    data["ciphertext"] = ciphertext.hex()
    return json.dumps(data)

#Curve Parameters (NIST P-384)
p = 39402006196394479212279040100143613805079739270465446667948293404245721771496870329047266088258938001861606973112319
a = -3
b = 27580193559959705877849011840389048093056905856361568521428707301988689241309860865136260764883745107765439761230575
E = EllipticCurve(p,a,b)
G = E.point(26247035095799689268623156744566981891852923491109213387815615900925518854738050089022388053975719786650872476732087,8325710961489029985546751289520108179287853048861315594709205902480503199884419224438643760392947333078086511627871)

n_A = random.randint(2, p-1)
P_A = n_A * G

print(f"\nReceived from Weierstrass:")
print(f"   Here are the curve parameters (NIST P-384)")
print(f"   {p = }")
print(f"   {a = }")
print(f"   {b = }")
print(f"   And my Public Key: {P_A}")

print(f"\nSend to Weierstrass:")
P_B_x = int(input("   Public Key x-coord: "))
P_B_y = int(input("   Public Key y-coord: "))

try:
    P_B = E.point(P_B_x, P_B_y)
except:
    EXIT()

S = n_A * P_B

print(f"\nReceived from Weierstrass:")
print(f"   Message: {encrypt_flag(S.x)}")

```

the code elliptic curve cryptography and AES encryption the goal of the challenge is to exchange keys using ECC and then encrypt the flag using AES with a key derived from the shared secret then we can decrypt the flag

the curve follows the equation y^2= x^3 + ax + b (mod p)

the server generates a random private key called n_A creates a public key P_A using the base point G

this public key will be shared and we are going to provide our public key coordinates (P_B_x, P_B_y) and the server will take it

once our public key is accepted the server calculates a shared secret S by multiplying its private key n_A with the our public key P_B the shared secret x-coordinate S.x will be used in the next steps for encryption.

the shared secret x-coordinate is hashed using the SHA-1 algorithm AES in CBC mode is then used to encrypt the flag with a random IV then we will get the encrypted flag and the IV after the server makes it

after that we can solve the challenge and get the flag

# solver
import socket
import random
from hashlib import sha1
from Crypto.Cipher import AES
from Crypto.Util.Padding import unpad
from ecdsa import NIST384p, SigningKey, VerifyingKey
from ecdsa.ellipticcurve import Point
import json
import re

HOST = 'kashictf.iitbhucybersec.in'
PORT = 64697

with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
    s.connect((HOST, PORT))
    received = s.recv(1024).decode()
    print("Received from server:")
    print(received)

    sk = SigningKey.generate(curve=NIST384p)
    vk = sk.verifying_key
    P_B_x = vk.pubkey.point.x()
    P_B_y = vk.pubkey.point.y()

    s.sendall(f"{P_B_x}\n".encode())
    s.sendall(f"{P_B_y}\n".encode())
    print(f"Sent Public Key x-coord: {P_B_x}")
    print(f"Sent Public Key y-coord: {P_B_y}")

    data = ""
    while True:
        part = s.recv(1024).decode()
        if not part:
            break
        data += part

    print("Full response from server:")
    print(data)

    if "Message: " in data:
        encrypted_data = data.split("Message: ")[1]
        data = json.loads(encrypted_data)
        iv = bytes.fromhex(data["iv"])
        ciphertext = bytes.fromhex(data["ciphertext"])

        P_A_x = int(re.search(r"\((\d+),", received).group(1))
        P_A_y = int(re.search(r",(\d+)\)", received).group(1))

        P_A = Point(vk.curve.curve, P_A_x, P_A_y)

        S = sk.privkey.secret_multiplier * P_A

        shared_secret = S.x()
        sha1_hash = sha1()
        sha1_hash.update(str(shared_secret).encode("ascii"))
        key = sha1_hash.digest()[:16]

        cipher = AES.new(key, AES.MODE_CBC, iv)
        plaintext = unpad(cipher.decrypt(ciphertext), 16)

        print("Decrypted flag:", plaintext.decode())
    else:
        print("Error: 'Message: ' line not found in the server's response.")

print(f"IV: {iv.hex()}")
print(f"Ciphertext: {ciphertext.hex()}")

first we can connect to the netcat using socket then we will get the server data and put it in the received variable

then we can generate our own ECC private key using the SigningKey.generate() then our public key will be derived from our private key and the coordinates of P_B_x and P_B_y are extracted

then we are going to send the public key to ther server to initiate the process of sharing secret to the server

then we will take data from the server until we get "Message: "

then the encrypted data is parsed and decoded from JSON format from that the IV and ciphertext are extracted from the parsed data

the AES encryption key is derived by hashing the shared secret using the SHA-1 hash function. The first 16 bytes of the SHA-1 hash are used as the key for AES decryption the client then performs AES decryption in CBC mode using the derived key and the IV provided by the server The decrypted message, presumably a flag is unpadded and printed as the final result

└─$ python3 dec.py

Received from server:

Received from Weierstrass: Here are the curve parameters (NIST P-384) p = 39402006196394479212279040100143613805079739270465446667948293404245721771496870329047266088258938001861606973112319 a = -3 b = 27580193559959705877849011840389048093056905856361568521428707301988689241309860865136260764883745107765439761230575 And my Public Key: (3566202173137821722130092688383305924997463575472886405441749267614553800694432962044692633891912189270771281119570,20370024990198787978523063066932992609529336596289645449862709577314425763441145558827878335172048252128011578352787)

Send to Weierstrass: Public Key x-coord: Sent Public Key x-coord: 27871206782627841017690054619484714724887553500931550506348846946398623960977733778994851543914370573191638858627662 Sent Public Key y-coord: 848511266713431150848423780814604077994361267687146716818688105948906818181396067256876072795799500811233309902020 Full response from server: Public Key y-coord: Received from Weierstrass: Message: {"iv": "ddb97c1429c6ffe5ba471468187b71cc", "ciphertext": "e58652bc2e568027635549e2b41114873c66277867207745046994cb19c3b2dc25bc5bc08484b40c5fa699df5089b4493b315929009b4c86a49c3fc0a4452f80a13d3f77716550e063254e0a93df501bedc3bedcf7f062c784fc737575d637ea"}

Decrypted flag: NaeusGRX{L_r3H3Nv3h_kq_Sun1Vm_O3w_4fg_4lx_1_t0d_a4q_lk1s_X0hcc_Dd4J_slAQEbh3}

Hint: DamnKeys

after getting the encrypted flag the server also gave us a hint the flag the flag still looks like a cipher text so i began to think that the hint is actually the key to getting the real flag

after doing a vigenere decode we actually solved the challenge

6

Easy Jail 1

I made this calculator. I have a feeling that it's not safe :(

Suffering hasn't begun

```
#!/usr/bin/env python3

print("           _            _       _             ")
print("          | |          | |     | |            ")
print("  ___ __ _| | ___ _   _| | __ _| |_ ___  _ __ ")
print(" / __/ _` | |/ __| | | | |/ _` | __/ _ \| '__|")
print("| (_| (_| | | (__| |_| | | (_| | || (_) | |   ")
print(" \___\__,_|_|\___|\__,_|_|\__,_|\__\___/|_|   ")

def calc(op):
	try : 	
		res = eval(op)
	except :
		return print("Wrong operation")
	return print(f"{op} --> {res}")

def main():
	while True :
		inp = input(">> ")
		calc(inp)

if __name__ == '__main__':
	main()
```

we were given the source code of the server and as we can see the server will take our input and then put in the calc function which will use our input in eval() to run without filter this is very dangerous we can input import('os').system('cat /flag.txt')

and we solved the challenge

7

Restaurant

I just asked for my favourite pasta and they gave me this. Are these guys STUPID? Maybe in the end they may give me something real. (Wrap the text in KashiCTF{})

we were given a pasta picture then i tried checking if its a stegano file and i tried checking the metadata nothing was wrong but when i tried checking the hex i found something interesting

the file should finish in the ffd9 part but there were extra data after the file footer and this is weird i didnt notice until the event was over that this was a bacon cipher

KashiCTF{theywerereallllycooking}