# GreyCTF 2024 - Backup Sheet This sheets are used in case of technical difficulties. This sheets might be outdated. Do access the challenges on the [official CTF site](https://ctfd.nusgreyhats.org) if it is up. ## Greycat's Adventure ### TimeLock Welcome to Greycat's Adventure, my totally original, well-coded and unhackable game! You will never get past my timelock! How can you wait for 50 hours in a 24-hour ctf!?? The flag is in all lower caps. Game download: https://1drv.ms/u/s!Ao8ftCMlnBEphBYG1Bv_Pi9RWcc6?e=ra4k9f https://storage.googleapis.com/greyctf-challs/greycat_adventure.zip SHA256 checksum: bb36de883b6ed9cd9f1c159ed767a8cd1a71da6cedb877e772746e656dbd404b ### Vault Welcome to Greycat's Adventure, my totally original, well-coded and unhackable game! Surely if I make it go by really fast nobody would be able to catch it... The flag is in all lower caps. Game download: https://1drv.ms/u/s!Ao8ftCMlnBEphBYG1Bv_Pi9RWcc6?e=ra4k9f https://storage.googleapis.com/greyctf-challs/greycat_adventure.zip SHA256 checksum: bb36de883b6ed9cd9f1c159ed767a8cd1a71da6cedb877e772746e656dbd404b ### Achievement 1 Welcome to Greycat's Adventure, my totally original, well-coded and unhackable game! Can you obtain all the achievements? Achievement 1 - Obtain a highscore of exactly 1337420. Game download: https://1drv.ms/u/s!Ao8ftCMlnBEphBYG1Bv_Pi9RWcc6?e=ra4k9f https://storage.googleapis.com/greyctf-challs/greycat_adventure.zip SHA256 checksum: bb36de883b6ed9cd9f1c159ed767a8cd1a71da6cedb877e772746e656dbd404b ### Achievement 2 Welcome to Greycat's Adventure, my totally original, well-coded and unhackable game! Can you obtain all the achievements? Achievement 2 - Purchase all items in the shop. Game download: https://1drv.ms/u/s!Ao8ftCMlnBEphBYG1Bv_Pi9RWcc6?e=ra4k9f https://storage.googleapis.com/greyctf-challs/greycat_adventure.zip SHA256 checksum: bb36de883b6ed9cd9f1c159ed767a8cd1a71da6cedb877e772746e656dbd404b Author: uhg ### Achievement 3 Welcome to Greycat's Adventure, my totally original, well-coded and unhackable game! Can you obtain all the achievements? Achievement 3 - There is a secret hidden in the credits. Just input the secret into the text field and click out of the text field to test your secret. Game download: https://1drv.ms/u/s!Ao8ftCMlnBEphBYG1Bv_Pi9RWcc6?e=ra4k9f https://storage.googleapis.com/greyctf-challs/greycat_adventure.zip SHA256 checksum: bb36de883b6ed9cd9f1c159ed767a8cd1a71da6cedb877e772746e656dbd404b ## Binary Exploitation / Pwn ### Baby Goods I have opened a new shop for baby goods! Feel free to explore around :) Author: uhg `nc challs.nusgreyhats.org 32345` https://storage.googleapis.com/greyctf-challs/dist-baby-goods.zip ### Baby fmtstr With this new service, you can format your dates in any language Author: jro `nc challs.nusgreyhats.org 31234` https://storage.googleapis.com/greyctf-challs/dist-baby-fmtstr.zip ### Heap Heap Heap I heard you like heap, so I made a heap using a heap based heap! Author: jro `nc challs.nusgreyhats.org 33456` https://storage.googleapis.com/greyctf-challs/dist-heap-heap-heap.zip ### Slingring Factory In following Greycat's adventures, you have stumbled upon a factory that produces weirdly-shaped rings. Upon closer inspection, you realise that the rings seem very familiar -- they looked exactly like the Sling Rings you saw from the Marvel Comics universe! Having some time leftover, you decide to explore the factory. Alas, you eventually come to realise that these Sling Rings were in fact not the same as those you knew: during forging, their destinations have to already be set. You wonder what you could do with these rings... Author: uhg `nc challs.nusgreyhats.org 35678` https://storage.googleapis.com/greyctf-challs/dist-slingring_factory.zip ### The Motorola i bet u wont guess my pin Author: Elma `nc challs.nusgreyhats.org 30211` https://storage.googleapis.com/greyctf-challs/dist-the-motorala.zip ### The Motorola 2 same source code, same bug, easy solve? Author: Elma `nc challs.nusgreyhats.org 30212` https://storage.googleapis.com/greyctf-challs/dist-the-motorala-2.zip ## Web Exploitation ### Markdown Parser I built this simple markdown parser. Please give me some feedback (in markdown), I promise to read them all. Current features include: bold, italics, code blocks with syntax highlighting! Author: ocean http://challs.nusgreyhats.org:33335 https://storage.googleapis.com/greyctf-challs/dist-markdown-parser.zip ### Fearless Concurrency Rust is the most safest, fastest and bestest language to write web app! The code compiles, therefore it is impossible for bugs! PS: This is my first rust project (real) 🦀🦀🦀🦀🦀 Author: jro http://challs.nusgreyhats.org:33333 https://storage.googleapis.com/greyctf-challs/dist-fearless-concurrency.zip ### GreyCTF Survey Your honest feedback is appreciated :) (but if you give us a good rating we'll give you a flag) Author: jro http://challs.nusgreyhats.org:33334 https://storage.googleapis.com/greyctf-challs/dist-greyctf-survey.zip ### No SQL Injection I asked My friend Jason to build me a new e-commerce website. We just finished the login system and there's already bugs 🤦 Author: jro http://challs.nusgreyhats.org:33336 https://storage.googleapis.com/greyctf-challs/dist-no-sql-injection.zip ### Baby Web I just learnt how to design my favourite flask webpage using htmx and bootstrap. I hope I don't accidentally expose my super secret flag. Author: Junhua http://challs.nusgreyhats.org:33338 https://storage.googleapis.com/greyctf-challs/dist-baby-web.zip ### Beautiful Styles I opened a contest to see who could create the most beautiful CSS styles. Feel free to submit your CSS styles to me and I will add them to my website to judge them. I'll even give you a sample of my site to get you started. Flag only consists of numbers and uppercase letters. Author: Junhua http://challs.nusgreyhats.org:33339 ## Reverse Engineering ### Cooking Mama im new to rust, so i cooked this :) Author: kestryix https://storage.googleapis.com/greyctf-challs/dist-cooking_mama.zip ### Pattern Enigma Matrix I made this program that checks if the flag is correct. However, I forgot the flag.... Can you help me recover it? Author: Daniel X Junhua https://storage.googleapis.com/greyctf-challs/dist-pattern-enigma-matrix.zip ### Mazeware finally... looks like a normal reversing challenge written in C... (or isit?) ( ͡° ͜ʖ ͡°) Author: Elma https://storage.googleapis.com/greyctf-challs/dist-mazeware.zip ### Phaser-JS I followed the phaserjs tutorial and made it a lot harder. Clear 10000000 waves and you will see the flag in the developer console (printed with console.log). Have fun :) Author: daniao https://storage.googleapis.com/greyctf-challs/dist-phaserjs-tutorial.zip ### Bee's Password In the dance of bits and shadows, Bee's password lies veiled, guarded by the cryptic embrace of encryption. Amidst the digital whispers, a script and notes beckon. Can you, the seeker, unveil the clandestine secret encrypted within? File: https://drive.google.com/drive/folders/1-ESaCvrU8MZTeTClygXDPzAPCtlC3Ru_?usp=sharing Alternative Download: https://storage.googleapis.com/greyctf-challs/Problem-20240420T014454Z-001.zip Author: ssp547 ## Blockchain ### Escrow Introducing NFT-based escrows - you can deposit assets and trade escrows by selling your ownership NFT! However, I accidentally renounced ownership for my own escrow. Can you help me recover the funds? Author: MiloTruck `nc challs.nusgreyhats.org 30101` https://storage.googleapis.com/greyctf-challs/dist-escrow.zip ### Greyhat's Dollar Worried about inflation? Introducing GreyHats Dollar (GHD), the world's first currency with deflation built-in! Backed by GREY tokens, GHD will automatically deflate at a rate of 3% every year. Author: MiloTruck `nc challs.nusgreyhats.org 30201` https://storage.googleapis.com/greyctf-challs/dist-greyhats-dollar.zip ### Simple Amm Vault ERC-4626 was too complex, so I made an AMM to swap between shares and assets. Author: MiloTruck `nc challs.nusgreyhats.org 30301` https://storage.googleapis.com/greyctf-challs/dist-simple-amm-vault.zip ### Voting Vault In the spirit of decentralization, GreyHats is now a DAO! Vote with your GREY tokens to decide how our funds are spent. Author: MiloTruck `nc challs.nusgreyhats.org 30401` https://storage.googleapis.com/greyctf-challs/dist-voting-vault.zip ## Cryptography ### Filter Ciphertext I rolled my own crypto. What could go wrong? *This challenge unlocks 1 other cryptography challenge.* Author: hadnot `nc challs.nusgreyhats.org 32222` https://storage.googleapis.com/greyctf-challs/dist-filter_ciphertext.zip ### AES Timeout: 5 minutes Author: mechfrog88 `nc challs.nusgreyhats.org 35100` https://storage.googleapis.com/greyctf-challs/dist-aes.zip ### PRG Timeout: 10 minutes Author: mechfrog88 `nc challs.nusgreyhats.org 35101` https://storage.googleapis.com/greyctf-challs/dist-prg.zip ### IPFE Timeout: 5 minutes Author: mechfrog88 nc challs.nusgreyhats.org 35102 https://storage.googleapis.com/greyctf-challs/dist-ipfe.zip ### Curve Author: mechfrog88 https://storage.googleapis.com/greyctf-challs/dist-curve.zip ### Coding Timeout: 3 minutes Author: mechfrog88 `nc challs.nusgreyhats.org 35103` https://storage.googleapis.com/greyctf-challs/dist-coding.zip ## Miscellaneous ### Cats at the Beach I lost my grey cat when we were overseas. This is the last picture I found of it, but I have no idea where it is. Can you help me identify this beach? The flag format is grey{name_of_beach_in_lower_case}. https://storage.googleapis.com/greyctf-challs/dist-Cats-At-The-Beach.zip ### Grey Divers Grey Cat has recently got into playing Hell Divers 2 before it disappeared and left this note behind: Eagle 500 Kg Bomb GL-21 Grenade Launcher MD-I4 Incendiary Mines Orbital Gas Strike Orbital Airburst Strike Eagle Rearm Eagle 110MM Rocket Pods Can you decipher what it is trying to say? Author: Junhua https://storage.googleapis.com/greyctf-challs/dist-Grey-Divers.zip ### Verilog Count I want to count from 0 Author: Hackin7 `nc challs.nusgreyhats.org 31114` https://storage.googleapis.com/greyctf-challs/dist-verilog_count.zip ### All About Timing I'm always late for class but my prof told me that time is relative Author: jloh02 `nc challs.nusgreyhats.org 31111` https://storage.googleapis.com/greyctf-challs/dist-All-About-Timing.zip ### Maze runner The maze trials were just the start. As a master of mazes, you find yourself still confined in a maze. At least you've got some superpowers this time... Author: jloh02 `nc challs.nusgreyhats.org 31112` ### Poly Playground Magicians love to create things out of thin air. This time our secret wizards have created a playground. Test out your wizardry here! Author: jloh02 `nc challs.nusgreyhats.org 31113` ### CashHat The Ripper If only there was a way to crack password-protected zip files... Author: glendoodle https://storage.googleapis.com/greyctf-challs/dist-CashHat-The-Ripper.zip ### Out in Plainsight mp4 files are a good way to send hiden messages too! @nus.greyhats the md5 hash of the flag is 36ed337d208d4d58679cbb5047885236 Author: Heretic275 ### Tones What kind of music is this? Warning: Audio file may be loud! https://storage.googleapis.com/greyctf-challs/dist-tones.zip ### No More Tones No more tones for you! Just noise? Warning: Audio file may be loud! https://storage.googleapis.com/greyctf-challs/nomoretones.flac ### Sanity Check https://discord.gg/Zh7TssXB9J