This CTF is now closed for submission. You may still attempt to play, but we cannot guarantee all parts still work as intended.
Rules
- CTF will be open to submissions until 31.07.2022 at 22:00 EET
- You can browse the question submission without submitting right away
- After submission you receive an email with your answers and your certificate of completion
Mission Briefing
from: [email protected]
to: [email protected]
date: July 01, 2022, 21:00 EET
subject: Briefing “The Mona Lisa Heist”
Well good evening,
As you’ve probably heard in the news recently, the Mona Lisa was stolen from the Louvre Museum in Paris. Together with a variety of other high profile heists, INTERPOL believes these are all linked to the same organization. As of now we do not know which that would be. The most prominent paintings recently stolen, which are believed to be taken by the same organization:
Watercolors – Marc Chagall
An Allegory – Sandro Botticelli
La Bella Principessa – Leonardo da Vinci
Portrait of Alexander Mornauer – Hans Holbein
The passion – Hans Holbein
Lady with an ermine – Leonardo da Vinci
The Annunciation – Sandro Botticelli
America Windows – Marc Chagall
The School of Athens – Raffaello Sanzio da Urbino
The Starry Night – Vincent van Gogh
American Gothic – Grant Wood
The Persistence of Memory – Salvador Dali
Mona Lisa – Leonardo da Vinci
The operations undertaken to heist these paintings have a lot of similarities. Camera footage is missing or replaced with seemingly still footage. Guards did not find anything, the alarms are disabled and no forced entries from the outside. CCTV footage is still being examined to find people who entered but haven’t left. So far it is believed the criminals wear disguises, even if we find unaccounted people, it might lead nowhere.
Given the camera’s malfunction, guards incompetence and alarms not going off, we suspect inside jobs. Or at least partially. This means interrogations are ongoing with all security personnel from the involved venues. We believe the only place these painting will show up are the underground markets, either online or offline. Regular buyers will stay away from these stolen goods. This leads INTERPOL to believe they are stolen out of personal interest, or to be sold to other criminals.
For months the case has gone without any leads. However, just this week, we were able to compromise an email account. The account contained one email. Forensics into this email did not lead my team anywhere. Which is why our hope of finding anything now rests with your team. We need your OSINT magic to figure out where the next heist will take place, so we can lay a trap for the thieves. Given their global profile, it is impossible to predict where they would strike next.
Here you find the contents of the email, please let us know what you find.
Alright one of the paintings we're going to hit has it's description hidden in the riddle that follows from the resolution below: 0-4 maUjVifKaNU 0-2 CdZDXKVuMlE 0-2 D7vCxL45Jn8 2-5 1GEFhh1kxuY 0 Yykfw9eNA5s 1-4 v72zb9_dxnA 2-3 Eo4s1o-u1wU 2-5 XAH4Ovuyjxg 0 l0WKYlaqKq4 1-3 9T6HGC-m8zU 1 ipf7ifVSeDU 1 1EpuHGMn7B0 0-2 dS71chsx104 Other heist is included in the plans with images of how we're doing that one. You will receive the details on the exact locations in another way. /;;7:_TT)0;[email protected];U.\w
Best Regards,
Dimitri Zechev
Head of Red Team Operations
Tiberian Serpent HQ