Container

Mrs. Hudson found a container under the door of the house. You need to know the password for the safe and see the contents.

Hint: The picture for this task is not entertaining like the other. The image should definitely tell you something.

Download: sar2020_enc

Recon

The file contains binary data. The entropy of the file looks like it is encrypted.

On the image in the challenge description you see a 4 numbered key safe. So the file is probably encrypted with a password of 4 numbers. The title is called container, so something like VeraCrypt?

We grabbed the first 512 bytes, so we can run hashcat with all combinations of 4 digits to crack the key. VeraCrypt cracking got several modes (137xy, where x=1-7 and y=1-3). We finally managed to crack the hash with mode 13751 (PBKDF2-HMAC-SHA256/512-AES)

$ dd if=enc of=enc.hash bs=1 count=512
$ hashcat -m 13751 -a3 enc.hash ?d?d?d?d
...
enc.hash:5126

Mount the device in VeraCrypt with pin 5126 and you will see a file image.jpg which contains the flag.

Flag

FLAG{d3cryp7_my_c0n741n3r}

Some criticism

We were the first solve on this challenge. After our solve several more hints were given which made the challenge way more clear what should be done. For future CTF's and other CTF organizers, don't supply hints after one team was able to solve the challenge. So all teams will have the same struggle on the challenge and the game will be more honest.