Capture Point 5353 3.0

比赛地址:Capture Point 5353 3.0

比赛时间:31 Mar 2025 02:00 CST - 1 Apr 2025 16:10 CST

复现的题目用🔁标注

Misc

Easy - Peasy

Challenge

Easy - Peasy

Yet another beginner friendly problem designed to motivate you all. 🙂 The flag format for this problem is ctf{LOreM_IpsUM}.

#we care for you #happy hacking

motivate.pdf

Solution

CapturePoint535330_1

打开附件全选,发现这里有一行空白的文字,点击后发现是一个跳转到 let_us_learn_about_flutter.txt - Google 云端硬盘的链接

CapturePoint535330_2

直接搜索就找到了

1
ctf{now_you_see_me}

Phantom Flag

Challenge

Phantom Flag

Not all secrets are burried in dark !!

Hello

Solution

纯黑色 png 图片,图片隐写题,用 StegSolve 打开

CapturePoint535330_3

1
flag{H3ll0w_W0r1d_W3lc0m3_T0_C@pture_P01nt!}

Operation Blackout

Challenge

Operation Blackout

Hackers plan to attack the nuclear grid at 03:00 UTC. A secret payload is hidden in this image—decrypt it before it’s too late! Can you stop the cyber assault?

hacker

Solution

LSB 隐写

CapturePoint535330_4

1
flag{nucl3@r_Gr!d_@ttacK_03UTC_N0de7_c0mpr0mised}

Scenic View

Challenge

Scenic View

The beautiful morning hides a secret, can you reveal it ? The format of the flag is CTF{LoreM_IpSuM}.

gm

Solution

又是 LSB 隐写(?

CapturePoint535330_5

1
CTF{Go0d_m0rnING_hemKerS}

Happy Doctor’s Day

Challenge

Happy Doctor’s Day

silent strive to heal the weak,

tireless tend to those who seek.

endless effort to ease the pain,

guiding gifts that still remain.

caring comfort through the night,

lifting lives with gentle light.

oaths offer hope anew,

always aid with hearts so true.

kindness keeps their promise deep.

#On 30th March, we dedicate this to doctors, who are second to none. Their service a second lifeline to many and a beacon of hope.

dr_dEhpc19ub19mbGFnX29mYw.cbl

View Hint

The tool used to crack this is in the first and second letter of the words in the lines of the poem. There is one line in the COBOL file that looks weird. Use the tool, paste the line, and the password is numerical. Concatenate all the numbers that appear in the weird line to get the password.

Solution

这题不看提示还真想不到… 就算想到了隐写工具也很难想到密码

首先根据提示看每行的首字母,连起来是 StegCloak

经过搜索发现了这个项目 KuroLabs/stegcloak,大概就是融合了零宽字符和加密(原来是加密了,我就说怎么零宽字符隐写解出来的不对,原来是加密了啊)

接下来在这个项目的简介找到了它的 Demo 可以在线使用 StegCloak

然后打开这个程序,第 549 行比其他行都要长,十分明显

CapturePoint535330_6

复制下它要 display 的内容

1
NATIONAL DOCTORS' DAY IS OBSERVED ANNUALLY ON MARCH 30 IN THE UNITED STATES TO HONOR ⁣‍‌‌⁤⁡‍‌⁤⁡⁢‌⁢⁡⁣⁢⁡‍‌⁡‌‍⁢⁣‍⁢⁡⁢‌‍⁡‍⁡⁡⁡‌⁢‍‌‍‌‍⁤⁢⁡⁡⁤⁢‌⁡⁡⁢⁣‌‍⁤⁢⁡⁢⁡⁡⁢‌⁤⁡‍⁡‍⁢‌⁡‍⁢⁡‍⁡⁣⁢⁡⁣‌⁡‌⁣‌⁤⁤⁡⁡‍⁡‌‌⁢⁡‍⁡‌‌⁢⁡‍⁤‌⁡⁢⁡⁡‍⁢‌‌⁢⁣‌⁣⁢‍⁡‍⁢⁣‌‌PHYSICIANS' CONTRIBUTIONS TO SOCIETY. THE INAUGURAL CELEBRATION TOOK PLACE IN 1933 IN WINDER, GEORGIA, INITIATED BY EUDORA BROWN ALMOND, THE WIFE OF DR. CHARLES B. ALMOND. THIS DATE COMMEMORATES DR. CRAWFORD W. LONG'S FIRST USE OF ETHER ANESTHESIA DURING SURGERY ON MARCH 30, 1842. IN INDIA, NATIONAL DOCTORS' DAY IS CELEBRATED ON JULY 1, MARKING THE BIRTH AND DEATH ANNIVERSARY OF DR. BIDHAN CHANDRA ROY, A RENOWNED PHYSICIAN AND FORMER CHIEF MINISTER OF WEST BENGAL.

先根据提示从中提取出所有数字作为密码

1
3019333018421

然后打开网页解密

CapturePoint535330_7

1
flag{M@gicL_W0oRld#caPturE}

后记

很糟糕的比赛体验。赛题是一坨💩,比赛官方没有 Discord😑,赛后还找不到 wp🙃,真的服了。