Hack.lu 2011 CTF Write-up: Unknown Planet

This week we participated in the Hack.lu 2011 CTF, a Capture-The-Flag event organized by the FluxFingers team at Hack.lu. Even if we were only three with two other members playing at night, we placed 6th out of >100 teams! Congrats to FluxFingers for the wonderful work done, we enjoyed it so much.

This is our first write-up for this CTF, hopefully more will come.

The challenge consists of a single jpg file called “8c4f14e28155a2c3cf4b2538c1e0958b”:

and the following string:

“We got this file. Can you find the name of this planet?”

The jpg file name looks like an MD5 digest. Inside this file there’s a zip archive:

One of these files is a wav with some Morse code in it. The other files are just pieces of the whole wav file containing the planet name Morse-encoded. We created a python script to compute all the possible wav files and compared each md5 checksum with the original file name. There are only 8 files we need to compute, so the total permutations are 8! = 40320:

With this script, we got the correct wave file in a very short amount of time:

Using audacity the Morse code become easily readable, so:

can be translated to:

What a name for a planet 😉

Author: Marco Squarcina

Computer Science student and an Open Source enthusiast. My main interests are computer security (especially mandatory access control systems), Linux systems administrations and audio applications.

Leave a Reply

Your email address will not be published. Required fields are marked *