The following are writeups of challenges solved from CSAW 2022. Author: Alex Georgiev

Quantum Leap

Challenge: My friend took the quantum leap and purchased a quantum computer with two qubits. They mentioned using a quantum logic gate to input the flag and they gave me the computer’s output. I have been stuck and Can NOT figure out the flag.

Scrambled flag: wxqvn$Zae${deyZv$d”i

Important Info:

  • Quantum computer with two qubits
  • Flag was passed through a quantum logic gate
  • “Can NOT” makes me believe the flag was input through a CNOT gate

Qubits and gates

  • Classical bits are 0 or 1
  • Qubits can be 0, 1 or some state in-between
  • The message is stored with classical bits (0, 1), so first we start by converting the message into binary
    • Message in binary: 011101110111100001110001011101100110111000100100010110100110000101100101001001000111101101100100011001010111100101011010011101100010010001100100001000100100100100001010
  • Since we know the quantum computer has two qubits, we can group the bits into pairs of two, where the first bit in each pair represents the first qubit’s state and the second bit represents the second qubit’s state

CNOT gate

Since the flag was (probably) passed through a CNOT gate, we can reverse this by applying another CNOT gate to the flag. The CNOT gate is a two-qubit operation that flips the state of the second qubit if the first qubit state is 1. So, we can cycle through each pair of bits and “apply” the CNOT gate by flipping value (0 -> 1 or 1 -> 0) of the second bit if the first bit is a 1.

Applying the CNOT gate
  • For each pair of bits:
    • If the first qubit is a 1, flip the value of the second qubit
    • Otherwise, don’t change the values of the pair

Possible Solutions

  • Python: described below
  • Numpy/Linear Algebra: represent qubits as matrices and apply the CNOT gate using matrix multiplication
  • Use online binary converter and flip bits by hand

Python Solution Structure

  • Convert the scrambled flag into binary (use Python or an online converter)
  • Split the binary string into paris of two bits
    • E.g. 00101101 -> 00, 10, 11, 01
  • Iterate through the pairs of bits
    • If the first bit is a 1, then flip the value of the second bit
    • Otherwise, don’t change the values of the bits

Python Code

# Read text from output file 
with open('output') as f:
  enc_flag = f.readlines()

# Convert the encoded flag from a list to a string
enc_flag = "".join(enc_flag)
print(enc_flag)

# Convert encoded flag to binary (no spaces)
enc_flag_bin = "".join(f"{ord(letter):08b}" for letter in enc_flag)


def break_pairs(s):
  # Split the binary into pairs of bits
  list_string = []
  # Loop over string and append a letter, every other time (determined by counter),
  # append a space
  count = 1
  string_to_append = ""

  for l in s:
    string_to_append += l
    if len(string_to_append) == 2:
      list_string.append(string_to_append)
      string_to_append = ""

  return list_string

encoded_pairs = break_pairs(enc_flag_bin)


def CNOT(pairs):
  """If first bit is 1, flip the value of the second bit"""

  new_pairs = []

  for pair in pairs:
    pair_to_append = ""
    if pair[0] == '1':
      flipped_second = '0'
      if pair[1] == '0':
        flipped_second = '1'

      pair_to_append += pair[0]
      pair_to_append += flipped_second

    else:
      pair_to_append = pair
    new_pairs.append(pair_to_append)
    

  return new_pairs

print(encoded_pairs)

# Apply the CNOT gate to the pairs
cnot_pairs = CNOT(encoded_pairs)
print(cnot_pairs)

# Convert pairs into a single string
final_binary = "".join(cnot_pairs)

print(final_binary)

def bitstring_to_bytes(s):
  return int(s, 2).to_bytes((len(s) + 7) // 8, byteorder='big')

# Convert binary into text for the flag!
flag = bitstring_to_bytes(final_binary).decode('ascii')

print(flag)

Our Spy In New Terrain (OSINT)

Challenge: It is up to you to determine who The Enemy is going to attack next and when they plan to strike! Their newest recruit is on twitter as DarkRoom8109. Good luck. nc misc.chal.csaw.io 5005

Open Source Intelligence (OSINT)

  • This is an OSINT challenge
  • OSINT definition by Crowdstrike: The act of gathering and analyzing publicly available data for intelligence purposes.
  • Basically, you’re supposed to scour the internet for solutions to each of the questions that the terminal application asks you. After correctly answering all of the questions in the terminal, it will print out the flag.

Steps

  1. Visit the spy’s twitter (@darkroom8109)
  2. Find deleted tweets using the Wayback machine: https://web.archive.org/web/20220820145418/c
  3. Visit the spy’s GitHub: https://github.com/spyduhman/Chat-App/commit/a651d57bc0e0559da5ca9e23652d6078537db83f
    • Here, you can view all of the commit history — including deleted files…
  4. Use an online morse code decoder () to decode the audio file
  5. You’re givin a BIN code (452234) which corresponds to Toronto-Dominion Bank in Canada
    • We used an online BIN code lookup
  6. Find the SWIFT code by using an online lookup for the Toronto-Dominion Bank
    • TDOMCATTTOR
  7. Then, you download the YoureSoClose.pdf file and use the SWIFT code as the password
  8. The last question is “What is a crime?”
    • Inspecting the info of the file reveals that the title of the file is “Remember: Copyright Infringement is Against the Law” — revealing the last answer of “Copyright Infringement” which results in the terminal application printing the flag
Contact : ntropy.unc@gmail.com