NSA Codebreaker Challenge 2020

DISCLAIMER — The following is a FICTITIOUS story meant for providing realistic context for the Codebreaker Challenge and is not tied in any way to actual events.

“Two days ago, a renowned American journalist went missing while on assignment abroad. Although the city where the journalist was last seen has very few surveillance cameras on its streets, local authorities were able to provide us with some surveillance footage taken near the journalist’s hotel during the days leading up to the disappearance. From the footage, we see that the journalist was kidnapped from the front of their hotel and taken away in an unmarked van. Unfortunately, we can also observe the kidnappers destroying the journalist’s mobile phone making it impossible to track their route via GPS. Locals have also reported drone activity in the area leading up to the event. A criminal organization, well known for using drones in their kidnap-for-ransom schemes, has claimed responsibility for the incident.

Your mission is to:

  1. Locate the missing journalist and hostage takers’ current position.
  2. Facilitate the recovery of the journalist and take actions to prevent another incident from happening.

Each task in this year’s challenge will require a range of skills. We need you to call upon all of your technical expertise, your intuition, and your common sense to help us locate and rescue the journalist!

Good luck. We hope you enjoy the challenge!”

Don’t try to overthink this one like I did, lol. Everything you need is right there when you open up the file:

Username: AngieSerpen241

Encrypted Filename: keychain

I got excited and turned this one in before I snapped a screenshot of the question, but it asks something like, “What is the password used to decrypt the encrypted file?

We have all of Angie’s password hints in a plaintext file here:

For keychain, we need her pet’s name + pet’s birthday.

For the first part, check out Angie’s blog intro file. It has the line, “Outside of work, my two favorite things are traveling the world and getting to come home to my favorite furry little friend, and the best friend on the planet, Kaya.”

Then, look through the files and you will see a picture of a cat party:

If you use exiftool on that file, you can see the date it was created, 07–17–2019.

Password: Kaya0717

When I first decrypted the file, it looked very sloppy:

I organized it the best I could to help me interpret it further. It looks like the passwords are probably still encoded in some way.

So, I’ve got the correct username, I just need to figure out what’s going on with the password.

I got stuck here quite a few days, and spent a lot of time researching IoS Keychains. I found THIS, which seemed like it could be helpful, but it didn’t mention the second type of encryption I was looking for.

EVENTUALLY, I was able to figure out it was encoded with ASCII85 by searching for the <~ ~> symbols the passwords seemed to be enclosed in, and finding THIS Wikipedia page.

I used THIS decoder.

Username: Kaya_Serpen_0717

Password: VioletKaya10040912

I also went ahead an decrypted all her other passwords.

This is as far as I got with the NSA Codebreaker challenge this year, but I am pretty proud of myself for getting that IoS Keychain figured out! I learned a lot with that one. I will definitely recognize ASCII85 in the future.

Happy Hacking! ❤

CTF Writeups to facilitate cyber education.