Deep Deeper - CTF 35

Abdullah Al Mamun
IHC Blog

CTF Name: Deep Deeper Deepest

Topic: Cryptography + OSINT + Web Exploitation

Flag Format: IHC_CTF{}

CTF Link: https://t.me/ctf_invisiblehc/61

Description:

Download the file and decrypt it & find the flag. 

Did you find the flag? This is not the end only beginning.

Solution:

Stage 1:

We opened the txt file and found a Base64 encrypted text. After using CyberChef to decrypt it, we got the flag and a link for Stage 2.

flag1: IHC_CTF{Simple_crypto} 

Stage 2:

When you open the stage2 URL, it might redirect to another link. 

To capture the web response more easily, you can use the following command:

curl -X GET https://site.invisiblehc.com/ctf/35/stage2.php

By executing this command, you can retrieve the flag2 and discover a hint for flag3 within the web response.

flag2: IHC_CTF{Capture_flag}

Stage 3: 

After accessing the robots.txt file by changing "/stage2.php" to "/robots.txt," we discovered the path for stage3 and a password. 

When we attempted to access the website, it displayed the message "You are in the wrong place." However, upon inspecting the website's cookies, we noticed a cookie named "Admin" with a value of "no." Changing this value to "yes" revealed the flag and hint for flag4 on the displayed web page.

flag3: IHC_CTF{Cookie_is_tasty}

Stage 4:

When we go to the Stage4 URL, we see an image. When we check the image's metadata, we find another URL in it. If we visit that link, we'll find a text that's Decimal Encrypted. After decoding it with CyberChef, we get "flag4" and a hint for flag5.

flag 4: IHC_CTF{Metadata_found}

Stage 5:

When we visit the Stage 5 URL, we receive a txt file. Opening the file, we discover a ciphertext.

After analyzing the ciphertext, we determine that it's a Vigenere cipher. However, the Vigenere cipher requires a password for decryption. 

Fortunately, we obtained a password in Stage3, which is "CTFfromIHC." Using this key to decrypt the Vigenere cipher, we ultimately uncover Flag5 and receive a hint for Flag6.

flag5: IHC_CTF{Vigenere_need_password}

Stage 6: 

When we visit the Stage6 URL, we discover an audio file. We decrypted it simply using the website: https://morsecode.world/international/decoder/audio-decoder-adaptive.html

and found Flag6 along with a hint for Flag7.

flag 6: IHC_CTF{Spectrogram_is_trickey}

Stage 7:

The hint for stage7 was "Go to flag 4 again." When we checked flag4 image's metadata, we found a username "@N0_N4M3_F0UND." This username might be a Telegram account. Upon visiting this account, we found the flag in the user's bio.

flag 7: IHC_CTF{3ND_J0URN3Y}

Join Our CTF Channel: https://t.me/ctf_invisiblehc