# NHNC_Write_up
## A Gift from the Leader Organizer
NHNC{fishbaby1011sohandsome}
## 我的腳架在哪裡??
各位!
我有個朋友「fishbaby1011」,他跟我說他在這邊拍照
卻健忘的把我借給他的腳架忘在那附近了
叫我自己去拿,但我不知道這在哪裡
有人可以幫我找到圖片中的地方是哪裡嗎?
作為報酬我將送你250分。
flag格式:
NHNC{three.position.words}
範例:
NHNC{positive.verse.remedy}
https://www.mobile01.com/topicdetail.php?f=345&t=2344123
24.595135, 121.853366
///results.monkeys.commands
## NHNC, but C0LoRfUl
https://discord.gg/BhrD6sPtNs
Everyone is welcome here!
I felt that the original server was too old-fashioned, so I added a new coloring function!
Whether you are an administrator, a worker, or a participant, you can color your fonts!
歡迎大家來這邊!
我覺得原本的伺服器太古板了,所以新增了上色功能!
無論你是管理員、工人、還是參與者,都可以為你的字體上色!
## Blog 2
## Where is this
這在哪裡?
Flag 格式:NHNC{緯度_經度}
(無條件捨去取到小數後三位)
ex:NHNC{12.345_114.514}
google河堤上的貓
## MagicButton
檸檬茶某天從商店下載了一個感覺很莫名其妙的APP
好像只要按下APP中的按鈕就會跳出不該看的東西
```bash=
grep -r NHNC
```
## Kohiro
他說了什麼?
註:答案不在 Discord 伺服器裡
https://gchq.github.io/CyberChef/#recipe=To_Hex('Space',0)From_Hex('Auto')Render_Image('Raw')
## Suspicious GIF
## Challenge under construction
出題過程的封包側錄。在出題之前我還順便玩了一下我最喜歡的 終端機小遊戲!
```python=
import base64
def decode_base64_strings(encoded_strings):
decoded_results = []
for string in encoded_strings:
# Remove any whitespace
string = string.strip()
try:
# Add padding if needed
padding_needed = len(string) % 4
if padding_needed:
string += '=' * (4 - padding_needed)
# Decode the string
decoded = base64.b64decode(string).decode('utf-8')
decoded_results.append(decoded)
except Exception as e:
decoded_results.append(f"Error decoding: {string} - {str(e)}")
return decoded_results
# Your encoded strings
encoded_strings = """
TkhOQ3tmbjdPcGM3T1kzUn0=
TkhOQ3tUdXU1dzJodFl9
TkhOQ3tzVkhoUEhQcnRsMFhWQVVOenBlfQ==
TkhOQ3tfXzNDckdiZm19
TkhOQ3s2RTNjM00zb1VCdGV0YVl9
TkhOQ3tLVjBNcnBwQX0=
TkhOQ3tPRTkzazhLWX0=
TkhOQ3tMemc3T2trYldXcnB1dFN9
TkhOQ3tYamNmWWxUeHV9
TkhOQ3sxSXZNWjVPbzlXQXp4ZTlESGFsYX0=
TkhOQ3tENzVlc2RhMFdSWlRjYX0=
TkhOQ3t0TXd6TTdPNzhUN0F3SU9nZzh9
TkhOQ3s5ZHZNdkJIcn0=
TkhOQ3toa0NNUkQ5WG1mZFVjMmZjUFF9
TkhOQ3sycVdwR1A3ZGRNcX0=
TkhOQ3swckQxbFp4YXd1TFB9
TkhOQ3swbkx6Q3VkRXRKR3QxcWNmfQ==
TkhOQ3t6V2VYX1E1WmVpTnI3fQ==
TkhOQ3tVandURHpoZTJUaVdQfQ==
TkhOQ3twZ25TVFF1cWVKX2ExaTJMfQ==
TkhOQ3tBaldteXZwR0xVZjlEM0t9
TkhOQ3tBVGlqZ1RiYWl9
TkhOQ3tQcXVDOWRNTjhOR3V1ejZWaGF9
TkhOQ3tyUXczT1ZHWUFsWFZzUnJaT30=
TkhOQ3tQZ2daTVlIaWttSjNsZnZLXzc2fQ==
TkhOQ3tSQUhBUXVTbTIzUzVOfQ==
TkhOQ3tySHVHUVhzYUs2aXFxWVRjYlFXfQ==
TkhOQ3syeG5LdWs5OXVHfQ==
TkhOQ3tfWHNUdGZENVY4Q2x6ZX0=
TkhOQ3t2TFhmTWgzSG5KTWRtY0hsYm44N30=
TkhOQ3tOb3FrZTRFOWlSSHM5N2NMcn0=
TkhOQ3tOMTdPdVdFSjR9
TkhOQ3tVZjRpMzBPTGc2ZURwYWs5fQ==
TkhOQ3tadFdLRUxRZ2w3THJkQkljeX0=
TkhOQ3tSRjN6ZExtNX0=
TkhOQ3s5dDYzeGRTYkdWZlh4V0R5aHd2fQ==
TkhOQ3ttOWVYR0twcUd3cVR0Z1BuRzZ9
TkhOQ3s0ekQ2bndnU1NSZ2xVbn0=
TkhOQ3toOE5JVHJxcDBucHR2RjZIU21BfQ==
TkhOQ3tOdDU2ZGNYN3JTbDlYfQ==
TkhOQ3tvUkFrOEowdn0=
TkhOQ3tpbnRlcmNlcHRfYW5kX3JldmVyc2V9Cg==
TkhOQ3tfNGhIVmdpTUdCfQ==
TkhOQ3tPeU5xeXhzYldydn0=
TkhOQ3tBMl80dkd4OU5ia0NlV0hia1Z9
TkhOQ3tSdmJ3Tzg3clF9
TkhOQ3tOTHZ4QzlFMEQ5bER9
TkhOQ3szYW5WME44aFB9
TkhOQ3tqbjBaMlhxNHltM1p9
TkhOQ3tlRXBkV3VSUEN9
TkhOQ3tLUHNFRWl6WVFOWUVaelp9
TkhOQ3tGVWJUb2pfOU9PNWZkYzFqMDVBfQ==
TkhOQ3tDZnVVM3JkQ3FOeFRFcEZRfQ==
TkhOQ3trNVhwOUZHUn0=
TkhOQ3tZTzZ2ZVJJMH0=
TkhOQ3t1V3Q5QlVFbTRUeWVsdHhXfQ==
TkhOQ3tMX0x4T2ZtbFd0T1BXdzl9
TkhOQ3syT1ZRWEpSU299
TkhOQ3tubjYzTXVtMU4wSn0=
TkhOQ3t6ekdVT2I1M3VIYUR5Um05NWlyfQ==
TkhOQ3tidmVaMVc4RVF9
TkhOQ3tnVEdvZlZjc0p6S1I5RmozfQ==
TkhOQ3tSMDk3RkZwMWZQQURHajNufQ==
TkhOQ3t0VFBabEt0VH0=
TkhOQ3taNHo4aFNnWnpiYjVoZktLQ3h5cX0=
TkhOQ3tlZHgxX1Z4YUlXN3phVDJxWk9LfQ==
TkhOQ3t6anZUMkFqTWl3SEpsWDg0Nm19
TkhOQ3tGNU0wNHlLaH0=
TkhOQ3tYN2pQbXdhWUFWaHJ3V3pqQ30=
TkhOQ3taVWdqTFZuaFF4V30=
TkhOQ3tfbkRNTG5yU30=
TkhOQ3tVM2xNYnM4dU11TVpEN30=
TkhOQ3t1a0dib1FNcGZJTWl9
TkhOQ3tWNV9IUTVMSHBjUH0=
TkhOQ3s1Rnp5aWw2U199
TkhOQ3tWX1lseFFBU2R0bWJaMUVZRX""".split('\n')
# Remove empty strings
encoded_strings = [s for s in encoded_strings if s.strip()]
# Decode all strings
decoded_results = decode_base64_strings(encoded_strings)
# Print results
print("Decoded strings:")
print("-" * 50)
for i, result in enumerate(decoded_results, 1):
print(f"{i}. {result}")
```
## bot1
Some bad bots (uhh...maybe contracts) are trading on Sepolia Ethernaut test net, the first bot's address is 0xAD840c4c2F869896EfE0891614faA1908dcD0153, find it's pal's address and wrap it in NHNC{}!
0x3e9e0e9cee22Ccd0ac94604A72394B0A1CCdb27A
## AES?
一段加密的訊息,需要破解加密才能解開。
```bash
Enter IV: 1234567890987654
Secret Key: 1234567890987654
output: TkdU8sqjliuakA+nj2aEmbDf+AaJwASfPuooaKadCqg=
```
## Secret ROT13
一段加密的訊息,需要破解加密才能解開。
```python=
def decrypt(encrypted_text, key):
decrypted_text = ""
for i, char in enumerate(encrypted_text):
offset = ((i + 1 + key) * (i + 1)) % 26
if 'A' <= char <= 'Z':
new_char = chr((ord(char) - ord('A') - offset) % 26 + ord('A'))
elif 'a' <= char <= 'z':
new_char = chr((ord(char) - ord('a') - offset) % 26 + ord('a'))
else:
new_char = char # 非字母保持不變
decrypted_text += new_char
return decrypted_text
# 測試範例
key = 7
ciphertext = "VZRU{Y0k_yd0w_Z0o_ti_rsslyxli}"
plaintext = decrypt(ciphertext, key)
print("解密後的明文:", plaintext)
```
## 哥布林保衞部公告
為保護我哥布林族同胞,本保衛部特出此公告以保護我們免於精靈族的誘惑!
Unlock Hint for 0 points
~~用Burp suite抓看看嗎 要這麼麻煩嗎~~
## EASY METHOD
I "PUT" something in the website, could u find the "METHOD" to get it?
http://23.146.248.227:60001/
## need to get the C00kies
I am making a web that can show something but I can't become an admin and get the cookies can you help me?
http://chal.nhnc.ic3dt3a.org:60002/
## Login
Just login and get the flag
http://chal.nhnc.ic3dt3a.org:60003/
## 1 line php
1 line >w<a><</a>
http://chal.nhnc.ic3dt3a.org:60000
Unlock Hint for 0 points
Flag is at /
</a>
## Democracy
The Republic of Frank National Assembly needs your participation! Head over here
## END
整個假日大撞車 根本沒時間打 我哭我哭
但最後好像有學生組第10
好意外
Sign in with Wallet
Connect another wallet