Unfinished
Challenge: There seems to be something wrong with this code. Can you figure out how to make it return the flag? Modify the code to show the flag. Submit t...
DEADFACE 2021
DEADFACE CTF was a two day event organized by Cyber Hacktics that ran October 15-16, 2021.
My brother and I teamed-up for this year's CTF and placed 36th out of nearly 1200 teams, not too shabby, but our goal for next year is to be in the 20's…
Badges Awarded
 |
|---|
| Competitor |
The challenges are listed in the order we solved them.
Body Count
Challenge: One of our employees, Jimmie Castora, kept database backups on his computer. DEADFACE compromised his computer and leaked a portion of the data...
Occupation
Challenge: Which employee at De Monne Financial was the target of DEADFACE that resulted in a data leak? Submit the employee's job title as the flag: flag...
Monstrum ex Machina
Challenge: Our person on the "inside" of Ghost Town was able to plant a packet sniffing device on Luciafer's computer. Based on our initial analysis, we ...
Cereal Killer
Challenge: spookyboi is really into Serial Killers. He loves to watch Mindhunter on NetFlix. He can also SLAY a bowl of his favorite cereal. (Choose...
The SUM of All FEARS
Challenge: After hacking a victim's computer, Luciafer downloaded several files, including two binaries with identical names, but with the extensions .exe...
Blood Bash
Challenge: We've obtained access to a system maintained by bl0ody_mary. There are five flag files that we need you to read and submit. Submit the content...
Blood Bash 2
Challenge: We've obtained access to a system maintained by bl0ody_mary. We believe bl0ody_mary stole a sensitive document and is storing it on her Linux m...
Password Insecurities
Challenge: It looks like DEADFACE is going after the password of one of De Monne's customers: Haily Poutress. She has since changed her password, but De M...
Window Pains
Challenge: One of De Monne's employees had their personal Windows computer hacked by a member of DEADFACE. The attacker managed to exploit a portion of a ...
Keys
Challenge: One of De Monne's database engineers is having issues rebuilding the production database. He wants to know the name of one of the foreign keys ...
Poor MEGAN!
Challenge: Oh, NO! Poor Megan! She's just been bitten by a ZOMBIE! We can save her if we act fast, but the formula for the antidote has been scrambled ...
To Be Xor Not to Be
Challenge: .$)/3<'e-)<e':e&'<e<'e-)<5 Submit the flag as flag{here-is-the-answer}
Blood Bash 3
Challenge: There's a flag on this system that we're having difficulty with. Unlike the previous flags, we can't seem to find a file with this flag in it. ...
Window Pains 2
Challenge: Using the memory dump file from Window Pains, submit the victim's computer name. Submit the flag as flag{COMPUTER-NAME}.
File 101
Challenge: An email, containing a photo of pumpkin, was found in an employee's Gmail inbox. The photo looks normal, but looks can be deceiving sometimes.W...
Send in the Clowns
Challenge: There is a secret hidden somewhere in this image. Can you find it? Submit the flag as flag{this-is-the-flag}. Link to Image SHA1: 74eaae618...
The Count
Challenge: Apparently DEADFACE is recruiting programmers, but spookyboi is a little apprehensive about recruiting amateurs. He's placed a password hash in...
Blood Bash 4
Challenge: A sensitive file from De Monne was exfiltrated by mort1cia. It contains data relating to a new web portal they're creating for their consumers....
Scanners
Challenge: Luciafer started the hack of the Lytton Labs victim by performing a port scan. Which TCP ports are open on the victim's machine? Enter the ...
A Warning
Challenge: Luciafer is being watched! Someone on the inside of Lytton Labs can see what she is doing and is sending her a message. One of them says: "...
TheZeal0t's Cryptoware IOC 1
Challenge: The Zeal0t's cryptoware has a particular network signature that can be used as an "Indicator of Compromise" (IOC). This indicator is unique to...
Old Devil
Challenge: We found this program written by luciafer. She used it to hide a password in the form of a flag. See if you can find the flag in the program. ...
Meetup
Challenge: A member of DEADFACE suggested that they all meet up at some point. With this information, we'd be able to contact law enforcement to get them...
Release the Crackin'!
Challenge: Luciafer cracked a password belonging to the victim. Submit the flag as: flag{password}. Use the PCAP from LYTTON LABS 01 - Monstrum ex Mac...
Luciafer, You Clever Little Devil!
Challenge: Luciafer gains access to the victim's computer by using the cracked password. What is the packet number of the response by the victim's system...
Big Boss
Challenge: An anonymous tipster sent us this photo alleging that it's a note written by b3li3f1203. The tipster claims that the note was intended for som...
City Lights
Challenge: De Monne wants to know how many branch offices were included in the database leak. This can be found by figuring out how many unique cities the...
El Paso
Challenge: The regional manager for the El Paso branch of De Monne Financial is afraid his customers might be targeted for further attacks. He would like ...
Cereal Killer 3
Challenge: luciafer also has a favorite cereal. It is also spooky, and very delicious! This one, however, is a bit tricky. Download the program and de...
Jailbird
Challenge: It looks like authorities arrested a member of DEADFACE. But who was it? Submit the member's username as the flag: flag{username}
Behind the Curtain
Challenge: This image was intercepted from Ghost Town. We think Donnell has hidden information here, but there doesn't seem to be anything special about t...
V0icE
Challenge: A friend of mine sent me an audio file which supposes to tell me the time of our night out meeting, but I can't comprehend the voice in the aud...
He Thrusts His Fists Against the Post
Challenge: {ea-vetgaytereoreh-na}fan–wshbestpasslds-s-hm
Luciafer's Cryptoware IOC 2
Challenge: Luciafer's cryptoware causes even more ruckus by encrypting the victim's file names. Decrypt the filename and enter it as the flag: Example fl...
You Shall Not Pass
Challenge: DEADFACE has been targeting De Monne employees based on the recent De Monne financial database leak. De Monne has already changed their employe...
Trick or Treat
Challenge: A user on Ghost Town created a game that he claims no one can beat. Check out the game and find the flag hidden inside. Submit the flag as: fla...
Luciafer's Fatal Error
Challenge: Luciafer, consummate hacker, got cocky and careless. She made a fatal mistake, and in doing so, gave control of her computer to… someone. She...
Persistence Pays Off
Challenge: Luciafer might have just bit off more than she can chew! She has encountered an adversary that is counter-attacking her system! Luciafer's L...
All A-Loan
Challenge: De Monne has reason to believe that DEADFACE will target loans issued by employees in California. It only makes sense that they'll then target ...
The Root of All Evil… OR… Adding Insult to Injury
Challenge: Great news! Luciafer has been spotted at an internet cafe! She's using her laptop right now! We can catch her, if we act quickly. We need...
Dead Men Tell No Tales
Challenge: We've discovered a remote system used by DEADFACE. We're not sure what the password is, but we know Donnell Aulner has an account on that machi...
Luciafer's TOTAL Disaster
Challenge: Luciafer should learn to follow directions! Her "cryptoware" is a TOTAL disaster! She didn't realize that her choice of encryption algorithm,...
Boom
Challenge: DEADFACE actors will be targeting customers they consider low-hanging fruit. Check out Ghost Town and see who they are targeting. Submit the nu...
Not So Complicated
Challenge: Using the memory dump file from Window Pains, crack and submit Jimmie's password. Submit the flag as flag{cleartext_password}.
Window Pains 4
Challenge: We want to see if any other machines are infected with this malware. Using the memory dump file from Window Pains, submit the SHA1 checksum of ...
Window Pains 3
Challenge: Using the memory dump file from Window Pains, find out the name of the malicious process. Submit the flag as flag{process-name_pid} (include...
Scary Bunny
Challenge: What could be inside this creepy rabbit? Download image SHA1: 7ab2d9b1986ae12b780d0a2124a3adce6ed4c4e1
No One Ever Got Fired For…
Challenge: … BUT THEY SHOULD HAVE!!! We spent 20 MILLION DOLLARS for this refrigerator-sized BOX, and we have to pay money for every program that we run!...
Address Book
Challenge: It looks like DEADFACE is targeting one of De Monne's customers. Check out this thread in Ghost Town and submit the customer's name as the flag...
TheZeal0t's Fingerprints Are All Over This!
Challenge: A "hash" is a "digital fingerprint" of a file that is astronomically improbable to duplicate with other content by accident, and nearly impossi...
Spectres
Challenge: We intercepted this image from a suspected insider threat at De Monne Financial. It looks like parts of the image were cut out, but based on c...
Depths
Challenge: DEADFACE talks about having a potential buyer for the database leak on Ghost Town. Figure out where they're keeping the wallet info for cryptoc...
Treats
Challenge: There is another flag associated with the site found in Depths. Find the flag and submit it as: flag{flag-goes-here}.