This CTF is now closed for submission. You may still attempt to play, but we cannot guarantee all parts still work as intended.
Rules
- CTF will be open to submissions until 31.07.2022 at 22:00 EET
- You can browse the question submission without submitting right away
- After submission you receive an email with your answers and your certificate of completion
Mission Briefing
from: [email protected]
to: [email protected]
date: July 01, 2022, 21:00 EET
subject: Briefing “The Mona Lisa Heist”
Well good evening,
As you’ve probably heard in the news recently, the Mona Lisa was stolen from the Louvre Museum in Paris. Together with a variety of other high profile heists, INTERPOL believes these are all linked to the same organization. As of now we do not know which that would be. The most prominent paintings recently stolen, which are believed to be taken by the same organization:
Watercolors – Marc Chagall
An Allegory – Sandro Botticelli
La Bella Principessa – Leonardo da Vinci
Portrait of Alexander Mornauer – Hans Holbein
The passion – Hans Holbein
Lady with an ermine – Leonardo da Vinci
The Annunciation – Sandro Botticelli
America Windows – Marc Chagall
The School of Athens – Raffaello Sanzio da Urbino
The Starry Night – Vincent van Gogh
American Gothic – Grant Wood
The Persistence of Memory – Salvador Dali
Mona Lisa – Leonardo da Vinci
The operations undertaken to heist these paintings have a lot of similarities. Camera footage is missing or replaced with seemingly still footage. Guards did not find anything, the alarms are disabled and no forced entries from the outside. CCTV footage is still being examined to find people who entered but haven’t left. So far it is believed the criminals wear disguises, even if we find unaccounted people, it might lead nowhere.
Given the camera’s malfunction, guards incompetence and alarms not going off, we suspect inside jobs. Or at least partially. This means interrogations are ongoing with all security personnel from the involved venues. We believe the only place these painting will show up are the underground markets, either online or offline. Regular buyers will stay away from these stolen goods. This leads INTERPOL to believe they are stolen out of personal interest, or to be sold to other criminals.
For months the case has gone without any leads. However, just this week, we were able to compromise an email account. The account contained one email. Forensics into this email did not lead my team anywhere. Which is why our hope of finding anything now rests with your team. We need your OSINT magic to figure out where the next heist will take place, so we can lay a trap for the thieves. Given their global profile, it is impossible to predict where they would strike next.
Here you find the contents of the email, please let us know what you find.
Alright one of the paintings we're going to hit has it's description hidden in the riddle that follows from the resolution below: 0-4 maUjVifKaNU 0-2 CdZDXKVuMlE 0-2 D7vCxL45Jn8 2-5 1GEFhh1kxuY 0 Yykfw9eNA5s 1-4 v72zb9_dxnA 2-3 Eo4s1o-u1wU 2-5 XAH4Ovuyjxg 0 l0WKYlaqKq4 1-3 9T6HGC-m8zU 1 ipf7ifVSeDU 1 1EpuHGMn7B0 0-2 dS71chsx104 Other heist is included in the plans with images of how we're doing that one. You will receive the details on the exact locations in another way. /;;7:_TT)0;[email protected];U.\w
Best Regards,
Dimitri Zechev
Head of Red Team Operations
Tiberian Serpent HQ
any tipps what to do with the information from the e-mail?
At a total loss also…
This is a good place to start with that scribble in the bottom of the “email”:
https://gchq.github.io/CyberChef/
Thanks! I still had icyberchef.com bookmarked, and hadn’t noticed that it was out of date.
Has anyone got anywhere with the hints?
I have tried pretty much every option on Cyberchef, but have not achieved any meaningful result.
YA BRUTE!!! Force yourself to slow down. *wink wink*
Great challenge! The only part not clear for me was the distinguishing between real or fake paintings. I also hope that answers will be checked manually because I’m pretty sure I solved the whole challenge but got only half of the points.
Hey, this challenge does not have a manual review. But if you’re unsure about some questions just reach out and we can double check them. There’s also no limit to your amount of tries to get the answers correct 🙂