Very short TISC writeup as I only did up to level 2 out of 10. The lower levels were all steganography challenges which discouraged me from continuing. Writeup for level 2 may be added at a later date, but it is basically a DNS exfiltration challenge where you have to decode something in the subdomains to get the flag.
Level 0 - 1st
Free flag.
TISC{Yes, I am up to the challenge!}
Level 1 - 2nd
Open file in Audacity
Spectogram
Short lines are dots and long lines are dashes
-.-. ... .. - .. ... .-.. --- -.-. .- - . -.. .. -. ... -.-. .. . -. -.-. . .--. .- .-. -.-
Morse code.
Decoded it to be: CSITISLOCATEDINSCIENCEPARK
TISC{csitislocatedinsciencepark}
Level 1 - 3rd
exiftool file2.jpg
MIME Type : image/jpeg
Exif Byte Order : Little-endian (Intel, II)
Image Description :
Make : NIKON
Camera Model Name : E885
Orientation : Horizontal (normal)
X Resolution : 300
Y Resolution : 300
Resolution Unit : inches
Software : E885v1.1
Modify Date : 2003:08:25 14:55:27
TISC{2003:08:25 14:55:27}
Level 1 - 4th
foremost file3.jpg
head -1 output/zip/picture_with_text.jpg
NAFJRE GB GUVF PUNYYRATR VF URER NCCYRPNEEBGCRNE
https://quipqiup.com/
0 -2.145 ANSWER TO THIS CHALLENGE IS HERE APPLECARROTPEAR
TISC{APPLECARROTPEAR}
Level 1 - 5th
Free flag.
TISC{Yes, I’ve got this.}
Level 1 - 6th Challenge 4
TISC{adam}
Level 1 - Challenge 5
Keyword is user, and not system so we have to find user’s last logon.
TISC{17/06/2021 02:41:37}
Level 1 - Challenge 6
HashMyFiles -> CRC32
TISC{040E23DA}
Level 1 - Challenge 7
TISC{1-Guest-DefaultAccount}
Level 1 - Challenge 8
Download BrowsingHistoryView
TISC{4-0-0}
Level 1 - Challenge 9
HKU/adam/NTUSER.DAT
##VBoxSvr#vm-shared
TISC{vm-shared}
Level 1 - Challenge 10
$ find . -type f -exec sha1sum {} \; | grep 0d97dbdba2d35c37f434538e4dfaa06fccc18a13
0d97dbdba2d35c37f434538e4dfaa06fccc18a13 *./Users/adam/AppData/Roaming/Microsoft/Windows/Recent/otter-singapore.lnk
Following the path of the .lnk file leads to the flag.
TISC{otter-singapore.jpg}