Hadassah PicoCTF 2023 writeups

We, members of the 2023 class of Information Security at Hadassah college solving multiple challenges in the PicoCTF 2023 CTF.

Who is doing what?

Here is the list of challenges we are solving and the student who solves.

Web exploitation

• GET aHEAD - Benyamin Hirschberg
• login - Yehuda Heller
• Search source- Sami Maron
• dont-use-client-side - Avigail Hagay
• Inspect HTML - Sari Erentreu
• [Some Assembly Required 2](writeups/web-exploitation/Some Assembly Required 2/) - Elad Menahem
• MatchTheRegex - Michael Basov
• [logon] - Idan Cohen
• where are the robots - Micha Briskman
• local authority - Doron Ben Simon
• picobrowser - Elie Taklifi
• Local Authority - Roje Habib
• [Includes] - Abedallah Joualny
• Who are you? - Shlomo Gulayev
• [It is my Birthday] (writeups/web-exploitation/It-is_my-Birthday/) - Racheli Benchamo
• [SOAP] - Pnina Yonayov
• [caas] - Moshe Namdar
• [findme] - Yooval Yosef

Cryptography

• Vigenere - Racheli Benchamo
• [Pixelated] - Sari Erentreu
• [substitution0] - Idan Cohen
• caesar - Micha Briskman
• [rotation] - Moshe Namdar
• [basic-mod1] - Elad Menahem
• [substitution2] - Yehuda Heller
• [13] - Yooval Yosef
• basic-mod2 - Avigail Hagay
• [HideToSee] - Pnina Yonayov
• [morse-code] - Michael Basov
• [ReadMyCert] - Shlomo Gulayev
• [easy1] - Doron Ben Simon
• Play Nice - Sami Maron
• credstuff - Abedallah
• Extraordinary-Max dunkel.
• transposition-trial - Roje Habib

Forensics

• [File types] - Idan Cohen
• Lookey here - Micha Briskman
• [what's a net cat?] - Yooval Yosef
• [Redaction gone wrong]- yooval yosef
• Enhance Racheli Benchamo
• hideme - Avigail Hagay
• who is it - Micahel Basov
• [Packets Primer] - Elad Menahem
• [Sleuthkit Intro] - Yehuda Heller
• [so meta] - Moshe Namdar
• PcapPoisoning - Sari Erentreu
• extensions - Doron Ben Simon
• [Disk, disk, sleuth!] - Pnina yonayov
• What Lies Within - Roje Habib
• Milkslap - Abedallah Joulany
• What Lies Within - Shlomo Gulayev

For students

1. Choose the challenge you want to solve here, note it needs to be at least for 100 points and it needs to be a challenge others are not working on
2. Open a pull request on this file by adding yourself to the section "Who is doing what?" above, not the create the related directories and readme and point to with the link. (just I did 😉), see the notes below!!!
3. When I approve the pull request you can start to work on the challenge
4. Your task is done when you completed your write-up, sent me and I accepted your pull request.

Notes about the first and second pull request

1. In the first pull request, add your name and challenge to this file as I did under "Who is doing what?" section - this enables others to see which challenge is already taken
2. In the second pull request, open a directory under writeups/web-exploitation with the name of your challenge
3. In the second pull request put a README.md into the above directory where you explain your solution (see my example here), if you used code like python, add it to the same directory
4. Don't use docx format, go according to the example