- 1. Capture the flag!
- 2. cheap cipher
- 3. cheap cipher (revenge)
- 4. directories
- 5. The flag is a lie.
- 6. Game #1
- 7. alphabet?
- 8. Horizontal line
- 9. encode-encode
- 10. easy crackme
- 11. hiragana
- 12. ASCII Art
- 13. Yet Another G00913
- 14. from login form
- 15. ZIP is zip
- 16. medium crackme
- 17. Fragments of gzip
- 18. Which is the flag?
- 19. stairs
- 20. searcher
- 21. loop
- 22. hidden 1
- 23. Picross
- 24. Gyazo
- 25. HEYYEYAAEYAAAEYAEYAA
- 26. retro crackme
- 27. Online banking
- 28. feel the rhythm
- 29. jpeglitch
- 30. tell me a message
- 31. hidden 2
- 32. simple sqli
- 33. from secure login form
- 34. CAPTCHA the Flag
- 35. console
- 36. iRC
- 37. steg noobs
- 38. super secret notes
- 39. giveme_shellcode
- 40. sudden_death
- 41. Pokemon battle
- 42. unreadable message
Category: misc
Point: 10
Solved: 1682 / 2216
Writeup
Q1RGCg==
CTF
Category: crypto
Point: 50
Solved: 1357 / 2216
Writeup
Source code
==AVoVGImxWYnBSazByUzMkUzQ1XLNTW
S3CR3T_K3Y
Category: crypto
Point: 80
Solved: 294 / 2216
Writeup
Source code
rKrUl+/clKHb4u/sm6sgnaPfnO/XkO=ewqPU45bRjp4gwa7NntoM467Onu/enqPRlakgj6Egjp0e1gAA
All your Base64 are belong to us
Category: for
Point: 60
Solved: 671 / 2216
Writeup
directories.zip-22a823d589b0c0b6560cfbae6f6f89c1
snakebites
Category: misc+guessing
Point: 200
Solved: 18 / 2216
Writeup
TheFlagIsALie-8f3cce5cc4d27fcd822437c53f7c8e6b
Someone broke the beginning of the file.
HELLO 6502
Category: web
Point: 70
Solved: 463 / 2216
Writeup
Source code
YIPPEE
Category: crypto
Point: 80
Solved: 123 / 2216
Writeup
Source code
This message is a certain game's monologue. The flag is name of the game in capital letters.
ΥΔΗΖΙΝΔJΙ-ΧJΙΟΜJGGΔΙΒ ΑJΜΟ "ΥJΓ" ΓΥΝ ΙJΡ WΖΖΙ ΥΖΗJGΔΝΓΖΥ, ΥΙΥ ΟΔΗΖ ΝΟΥΜΟΖΥ ΑGJΡΔΙΒ ΜΖQΖΜΝΖGΤ. "QΥΠΝ" ΗΥΙΥΒΖΥ ΟJ ΖΝΧΥΚΖ ΑΜJΗ ΟΓΖ ΥΔΝΟJΜΟΖΥ ΝΚΥΧΖ. WΠΟ ΟΓΖ ΜΖΥG QJΤΥΒΖ JΑ "ΥΜFΥΙJΔΥ" ΔΙ ΟΓΖ ΒΥGΥΣΤ ΓΥΝ JΙGΤ ΝΟΥΜΟΖΥ......
ARKANOID
Category: misc
Point: 70
Solved: 313 / 2216
Writeup
Source code
hline.gif-74d643f5f6a94f4efba37b2d12c6af30
PIXEL
Category: misc
Point: 90
Solved: 193 / 2216
Writeup
Do not encode byte strings twice, you know. In UTF-8, double encoded bytes (bytes encoded twice) makes me sick.
# regular UTF-8 encode 漢 -> \346\274\242 # encode twice in UTF-8 漢 -> \303\246\302\274\302\242
What is this?
c3:a3:c2:81:c2:8d:c3:a3:c2:82:c2:83:c3:a3:c2:81:c2:b7:c3:a3:c2:81:c2:a1:c3:a3:c2:82:c2:83:c3:a3:c2:83:c2:bc:c3:83:c2:a3:c3:82:c2:83:c3:82:c2:bb:c3:83:c2:a3:c3:82:c2:82:c3:82:c2:b6:c3:83:c2:a3:c3:82:c2:83:c3:82:c2:bb:e3:81:b5:e3:82:89:e3:81:a3:e3:81:90
きゃぷちゃー・ザ・ふらっぐ
Category: bin
Point: 70
Solved: 311 / 2216
Writeup
Source code
easy_crackme-47c32e7cc8eae23d1d8ef5948b3dce4a
旗RM7RF4o2
Category: trivia
Point: 90
Solved: 99 / 2216
Writeup
あいうえおかきくけこさしすせそたちつてとなにぬねのはひふへほまみむめもらりるれろがぎぐげござじずぜぞばびぶべぼぱぴぷぺぽやゆよわん
りろみるむのしきむなきしぴぎいきむごばうばけしみむぐぼうざがしきむげじうぺがさぎむじまさぷぴしぜりたてうぜのさゆむげきうぞがしすむごもうがぎこしむごひうびのしほむずきうばこまろるきもうばこかこらじもうぞのさべむげぼいちがさずむじぐうぞぴしむもそぐつびけれゆむごばつてのぽがむげぺうぜのさゆむごばうぐのぺおむごぼうぷがさざりれぼうぺけしへむげれうやのかうらるさなとけしもむざばうばぴさぞむぐぐちねけさべむざばうざのさゆむぐぐそとぷいごむごぼうじぴしぐむごぼうじぴしぐむごぼそぜけしこるろじしちぴしすもぺそつもけしぜむげぬうぞけさもむげぼうびけさよむげじうぎけしかむげまいちがらぐりへばこずのしすもぺそつもけしぜむげぬうぞけさもむげぼうびけさぎむなきそめけしせらりよちふけさぐむごもうぷぴしぞむごぬうぐのさずむじれたもがしむらされうぱけさぷむずきうざのぎぱらにぐうびけぺそらしきうぞのらぐるせてとやはとならりよなべけしきむぐじうぱぴしろむじぐうずのさぞむごひうぴこぬぱむぐじうぱけさぷむずきいちがらぐりへばこずのしすもぺそつもけしぜむげぬうぞけさもむげぼうびけしかむげぬうぷのさりむなきてほよぬいむごぼそぺけしむりひじうぴこえなむぐぼうぞこさぱむぐぼいちのじぷむごれうびのかべむぼれえりぴせぷむねひうぞがよつむぐさうずはこぱぷのきにざがぺひむごばえみのかふむぶぺうやけしうむぐようぞけさもむざばうざのさゆむげぬうばけしみむぐぼうざがしせむぐさうぜがしむもよさうががしげむごばえなぴそあむごばすちぴさざむごさうやけしせむぐさうぞけさもむざばうざのさゆむなさぬるけしへむげぼててぴしせらぺぼうざのさぞむじぼうぺがしおむごぼうががしへむげぬうずのさぐもにぺとげがせぬむぴそえのがせやむずううぐのしなむごきうぞけさもむざばうざのさゆむなさうげぴしぐむごまうぴけしきむごれうぐのさざらりよちふけしきむじうそむけしこむざばうざのさゆむなさてほよぬいむごぼてほよぬいるよようげのしむむじぐうぐぴぷたりそまなぐぎにとるおぺうびけびへらけぺうばははぼむごもうげのしけむじもしぴぎいきむごばうばけしみむぐぼうざがさぐむげじうびけぺみむごばなとがかいりりじうぐぎひなむげじうびけぺみむごばなとがぺあむごれうぱけさべむげぼいちがぷたりきばうびこせむもぶばうやけさぱむげきうざのしれむぐぼてごがしねむごてすぐのしへむげぬうぷのさりむなけん
蜘蛛となめくじと狸
Category: trivia
Point: 60
Solved: 258 / 2216
Writeup
Source code
Who is this?
''=~('('.('?').
'{'.('['^'+').("\["^
')').('`'|')').('`'|'.').
('[' ^'/'
).(( '"')
).+( '`'^
'$') .''.
('`' |'!'
).+( '`'|
'-') .''.
('`' |((
')') )).(
'`'| '!').( '`'|
'.') .''. ( '{'
^(( '[' ))).('`' ^ '#'
).( ( '`') |(( ( '/'
))) ) .('`'|'.'). ( '['
^(( ( ( ','
))) ) ) .+(
'`' | ( '!'
)). ( ( '['
)^+ ( ( '"'
)) ) . '"'
. (( ( ( ((
( (( ( ( ((
( '}') ))))))))) )))).+ ')'
) ;$: =(( '.' ))^ '~' ;$~
= (( (( '@'))))| '(';$^= ((
( ( (( (( ')') )) ) )) ))^+ (( (
( ( '[' )))));($/) = '`'|'.';$,= (
( ( (( ( (
( (( ( ((
( '(' ) ))
) ))) ) )))
)))^'}' ; $\=
"\`"| ( ( ( '!'
)));( ( ( ( $:)
)))=(( ')'))^'}';$~ ='*'
|"\`"; ($^)
=('+')^ '_';$/='&'|"\@";$,= '['&
"\~";$\= ','^'|';$:='.'^('~');$~= '@'|
"\(";$^= (( "\)"))^
'[';$/="\`"| '.';$,='('^'}';$\= ('`')|
'!';$:=')' ^'}';$~="\*"| "\`";
$^='+'^'_' ;($/)=
'&'|('@');$,= '['&"\~";
$\=','^'|';$:='.'^'~';$~='@'|'('
;$^=')'^'[';$/='`'|'.';$,=('(')^
'}';$\='`'|'!';$:=')'^('}');$~=
'*'|'`';$^='+'^'_';$/='&'|'@';
$,='['&'~';$\=','^'|';$:='.'
^'~';$~='@'|'(';$^=(')')^
'[';$/='`'|'.';$,="\("^
'}';$\='`'|('!');$:=
')'^'}';$~=('*')|
'`';$^='+';
Damian Conway
Category: PPC
Point: 100
Solved: 119 / 2216
Writeup
FLAG_Q13_{first 200-digit prime found in consecutive digits of π}
FLAG_Q13_54882046652138414695194151160943305727036575959195309218611738193261179310511854807446237996274956735188575272489122793818301194912983367336244065664308602139494639522473719070217986094370277053921717
Category: web
Point: 120
Solved: 114 / 2216
Writeup
Source code
Update: I fixed q14, and it was broken since Apr 26. Sorry ;(
FLAG_hogee_fuga_piyopiyopiyo
Category: misc
Point: 110
Solved: 44 / 2216
Writeup
Source code
You can capture the flag by sorting.
zip.zip-ded3b0a45d60b9d834025daab478e1a1BDVNCpguUQSjsZJ
Category: bin
Point: 130
Solved: 70 / 2216
Writeup
Source code
The flag is **********.
gD0Fbs3642
Category: misc
Point: 80
Solved: 133 / 2216
Writeup
I'm missing gzip header. But there is only compressed data:
d3:2d:03:03:85:dc:fc:7c:2e:00:22:4a:78:e2:0c:00:00:00:0a
-vvvvvv moo
Category: web
Point: 90
Solved: 130 / 2216
Writeup
Source code
RegularExpression
Category: crypto
Point: 80
Solved: 69 / 2216
Writeup
Source code
G NrD NdeyM muNaHnh ZDpJtRSLp vypFhPXzxLB wVBISmyIhtMTQ XeLOfAFrVjAESSf lIzxxAnyangFlzLAQ VESahvDXtmnKNBRpIkf pSMRLNFnHViPJhqvuhrrp fymLjhBJlZFdNlYswhNlImR lKzWwzjlpigqOHVSnNxxgpScc wyoHPACOBPTGZfmXDBAHdWDHrcV pXIZwFMTQuWdSgGHgtUtiBXcGEDGh gMaGyanBffyKcGFiQjRnqSrvOrlJYFb vHCWLsqPRiUcCwMuzioVrOmEjQwffudND wnkDeijzqzRHzNVwZaWsZvMrhlsLjRGUFbe
GreatPyramidOfGiza
Category: web
Point: 180
Solved: 36 / 2216
Writeup
Source code
CREATE TABLE IF NOT EXISTS user (
user_id INTEGER NOT NULL PRIMARY KEY,
name VARCHAR(255) NOT NULL,
password VARCHAR(255) NOT NULL,
UNIQUE (name)
);
ADMINIMDA
Category: web
Point: 70
Solved: 182 / 2216
Writeup
Source code
Do not attack :)
6890c6f34d3c3ad95cfa13ab321943d7
22. hidden 1
Category: web
Point: 100
Solved: 63 / 2216
Writeup
:)
xcomglobal
Category: PPC
Point: 250
Solved: 11 / 2216
Writeup
Source code
nc ctf.katsudon.org 17023
280fa17f505ccf7ee308cb5d021c5565
Category: web+guessing
Point: 210
Solved: 20 / 2216
Writeup
Source code
- flag.png
- accesscode = md5(salted_filename)
Ninjas can't catch you if you're on fire.
Category: steg
Point: 80
Solved: 87 / 2216
Writeup
The sound can not be heard.
HEYYEYAAEYAAAEYAEYAA.wav-a7cb9e1dc56ef5597a9535ae353dcb13HEYSPECTROGRAM
Category: bin
Point: 150
Solved: 13 / 2216
Writeup
Source code
retro_crackme-96b844b59fbd6270ef03b510a3f21e3b
looking for l0ve s0ng
Category: web
Point: 270
Solved: 18 / 2216
Writeup
Source code
What is the initial amount of john?
- did you try to login as john?
- http://q27.ctf.katsudon.org/404
294307500
Category: misc
Point: 90
Solved: 46 / 2216
Writeup
Source code
rhythm.wav-d08530ac6de2a8601cef1a7b2a0dc6fa
CAMEL2
Category: misc
Point: 120
Solved: 71 / 2216
Writeup
Source code
The glitch algorithm is simple, like this:
perl -i -pe's/a/b/g' flag.jpgglitch.zip-06718696c3e01de29d4d8f577004f537
glitch_5157cc4572
Category: bin+guessing
Point: 230
Solved: 4 / 2216
Writeup
This program cannot print a character well... but it's simple :)
tellme-39079dcc9a39dfb72bc6f40842bdeac8
Update: This problem has a bug. You can solve it, but maybe unreasonable... I'm going to provide new binary, just a moment :)
you can get a message by brute-force attack. have you tried the input of all possible?
ミンナニハナイショダヨ
31. hidden 2
Category: guessing
Point: 120
Solved: 13 / 2216
Writeup
find the "flag" :)
not A
dead::beef
Category: web
Point: 160
Solved: 19 / 2216
Writeup
Source code
- I thought this validates 'id' as a number...
- and I'm using regexp.
700_51mpl3_27307d6c315d96bb5ea96b5830ca1e6a
Category: web
Point: 180
Solved: 17 / 2216
Writeup
Source code
r1v357
Category: PPC
Point: 150
Solved: 31 / 2216
Writeup
Source code
CcaaAPpTTTCccHhA
Category: web
Point: 240
Solved: 29 / 2216
Writeup
Source code
available commands: login, register, ...
p4zzw0rd_m0n573r_willin9ly_347z_saltimbocca
Category: web
Point: 150
Solved: 6 / 2216
Writeup
Source code
<akiym> I'm thinking about Q36... <evilhacker> how about irc bot? <akiym> evilhacker: good idea. why don't you make a irc bot with me? <evilhacker> sounds good <akiym> :) <akiym> have you ever made a irc bot? <evilhacker> no <akiym> okay. I'll give you source code <akiym> but you don't discover the flag, right? <evilhacker> of course ;) <akiym> I sent <evilhacker> akiym++ akiym has left #akictf-meeting <evilhacker> his source code is perfect <evilhacker> so I made a vulnerability, hahaha
akictf-q36 is in irc.freenode.net.
Note: You DO NOT access/attack ctf.katsudon.org:6669. This is unrelated. (my personal IRC bouncer :-)
Update: akictf-q36 is unstable. It replies to such message: akiym++ If it doesn't reply, please send an email or just a moment.
I <3 SQLite!
Category: steg
Point: 180
Solved: 18 / 2216
Writeup
steg_noobs.zip-5d05a159662f59e65b1f9c3113832f7c
d0_y0u_like_stegan0__i_hate~~
Category: web
Point: 300
Solved: 6 / 2216
Writeup
Source code
find the flag.
1) 1st flag in source
2) 
7rAv3r5AL_w17H_8yPA55_f0R_1nJ3c710n
Category: pwn
Point: 200
Solved: 35 / 2216
Writeup
Source code
nc pwnable.katsudon.org 17039giveme_shellcode-eebca4141478c0dc649459a2d897bc2a
5H3LLC0D3_G0Lf_15_345Y
Category: web+pwn
Point: 320
Solved: 13 / 2216
Writeup
Source code
http://pwnable.katsudon.org:17040/
5UDD3n_539M3N74710N_f4ul7~
Category: web
Point: 250
Solved: 12 / 2216
Writeup
Source code
pokemon!
http://q41.ctf.katsudon.org/
DO NOT BRUTE FORCE!
Update: Sorry, I fixed a mistake. see source again :P
Update: So sorry, Marumain and Mewtwo was too weak. see source again again ;(
w4NN483_p0k3MON_M4573R
Category: misc
Point: 180
Solved: 9 / 2216
Writeup
Here is unreadable message. Could you try to restore my message?
download unreadable_message.zip-a2bed73cbd988469a22cde41320bbcf4
brute_it_if_you_could_not_read