Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
11 views4 pages

DT20234903988 HackQuest9 Report

The Round 1 report for the HackQuest 9 contest details the performance of participant Nisarga Kapde from Sb Jain University, who solved 3 out of 10 challenges. The report includes step-by-step approaches for three challenges: 'The Mask', 'Dussahas Dice', and 'A Bug’s Life', outlining methods for problem analysis, manipulation techniques, and debugging strategies. Each challenge culminates in a flag that participants need to capture as part of the competition.

Uploaded by

shashwat singh
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
11 views4 pages

DT20234903988 HackQuest9 Report

The Round 1 report for the HackQuest 9 contest details the performance of participant Nisarga Kapde from Sb Jain University, who solved 3 out of 10 challenges. The report includes step-by-step approaches for three challenges: 'The Mask', 'Dussahas Dice', and 'A Bug’s Life', outlining methods for problem analysis, manipulation techniques, and debugging strategies. Each challenge culminates in a flag that participants need to capture as part of the competition.

Uploaded by

shashwat singh
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 4

Round 1 report

Contest Date: - 25th January 2025

CT ID DT20234903988
Name Nisarga kapde
College/University Sb jain
City nagpur
Challenges solved & the total score 3/10
Anything else that you want us to
know

(Copy & paste the table x times if you solved x challenges and fill
in the steps)
HackQuest 9 Round 1 Report 1

Challenge Title: The Mask

Flag: HQ9FLAG{0c8270dedc7e8165d46c6decf9b01ff4c2957b68}

Approach (Step by Step):

Step-by-Step Approach:
1. Analyse the Problem Statement:
o Carefully read through the problem description. Pay attention to
specific keywords like “obfuscation,” “layers,” “message,” and
any other hints that could suggest a method of encoding or hiding
information.
o Look for any clues about the nature of the puzzle (is it a
cryptographic challenge, a pattern recognition task, or something
else?).
2. Understand the Mask's Role:
o Given that the challenge mentions Loki and “The Mask,” the task
could involve manipulating or decoding something hidden within
an object or a set of data. It might involve text or even binary
data hidden in plain sight.
3. Identify Obfuscation Techniques:
o Obfuscation typically refers to making something difficult to
understand. This could be anything from scrambling text, using
encryption, or applying a cipher (e.g., Caesar cipher, Vigenère
cipher, etc.).
o Check if there’s any encoded string or piece of text in the problem
statement, or even in the example inputs/outputs.
4. Reverse Engineering the Layers:
o If the problem mentions "layers," it might mean you have to
decode or undo the obfuscation step by step. Look for any
repetitive patterns or clues hidden in the structure of the text.
o Try different common encoding methods like Base64,
hexadecimal, or ASCII-based tricks. Online tools or scripting can
help automate this process.
5. Handling the “Smokin’!” Threat:
o The mention of “Smokin’!” suggests that there’s a consequence if
you make a mistake, potentially leading to an error or an invalid
solution. Ensure each step is thoroughly tested before progressing
to the next one to avoid that penalty.
6. Coding Solutions:
o Once you have an understanding of the method to decipher the
layers or the code, write a script in Python, JavaScript, or another
language of your choice to decode or solve the puzzle.
o Use string manipulation techniques, regular expressions, or
libraries to help extract hidden data.

HACKQUEST 9 ROUND 1 REPORT PAGE | 2


HackQuest 9 Round 1 Report 1

Challenge Title: Dussahas Dice

Flag: HQ9FLAG{dba13cef45048193073a904c831f1e140a07a207}

Approach (Step by Step):

1. Understand the Rules:


 Carefully read the problem statement to identify the rules of the dice
game. Does the dice have any special properties, such as biased
outcomes or manipulation by the "Shakuni" figure?
 Is the game being played between two players, or are you simply trying
to predict or manipulate the outcomes?

2. Identify the Trick/Manipulation:


 Shakuni's dice are usually portrayed as rigged. In programming
challenges, this may manifest in dice rolls being manipulated in some
way.
 Are there specific conditions where the dice might not behave
randomly? For example, are there patterns in the numbers that are
rolled, or does the dice behavior change based on inputs or previous
rolls?
3. Simulate Dice Rolls:
 If you need to simulate dice rolls, use the random library in Python (or a
similar library in another language) to generate random numbers.
 Ensure that the dice follows the correct number of sides (usually 6,
unless specified otherwise).
4. Analyze Possible Patterns or Strategy:
 If there’s an underlying trick, try to detect patterns or sequences in the
rolls. Does the dice favor certain outcomes after certain events or
inputs?
 If you're given inputs that influence the dice (e.g., previous rolls, player
decisions), you might need to develop a strategy to "counter" the rigged
behavior.
5. Optimize Your Approach:
 If the game involves strategy and multiple moves, consider using
dynamic programming or other optimization techniques to ensure you
always make the best move to outsmart the manipulation.
Find the Flag:
 Once you’ve simulated the game correctly or figured out the
manipulation, you should be able to reach the final state or outcome
where the flag is revealed. This might involve taking certain actions or
correctly predicting a sequence of dice rolls.

Challenge Title: A Bug’s Life

HACKQUEST 9 ROUND 1 REPORT PAGE | 3


HackQuest 9 Round 1 Report 1

Flag: HQ9FLAG{878ce322c56450aa062c88ed6b593d7e4ca26038}

Approach (Step by Step):

1.Explore the Environment:


 If the challenge involves a web application, open it up and interact with
it. Look for any broken functionality, unusual behavior, or inputs that
could trigger errors.
 If the environment is a piece of code, inspect it for potential
vulnerabilities.
2.Debug the Application:
 If there’s JavaScript, check for any logic errors or unfiltered user inputs.
 For web challenges, inspect the page source or use developer tools (F12
in most browsers) to look for hidden elements or clues that could reveal
the flag.
 If the challenge is a local program, debug it to find any exceptions, logic
flaws, or areas where input can cause a failure.
3.Look for Clues in Error Messages:
 Sometimes, an error message may contain a subtle clue—like a stack
trace or a message about an unexpected input.
 In case of a web challenge, try submitting unexpected input (such as
special characters, long strings, or invalid data) and see if the
application behaves unusually.
4.Check for Known Exploits:
 If it's a web app, test common attacks like SQL injection, XSS,
Command Injection, or File Upload vulnerabilities.
 If it's a more general challenge, try reverse engineering or running the
program with various inputs.
5.Capture the Flag:
 Once you've exploited the bug or understood the trick, there will likely
be an output (a flag) that you need to capture.

HACKQUEST 9 ROUND 1 REPORT PAGE | 4

You might also like