Added eng versions

Author: Pharisaeus

2015-09-16-csaw/crypto_100_notesy/README.md

@@ -27,18 +27,18 @@ Próbowaliśmy naprawdę nieschematycznego myślenia, ale nic nie pomogło. Dopi
 
 ### ENG Version
 
-We are given a web page textbox, that encrypts entered messages.
+We are given a link to a web page with a textbox which encrypts entered messages.
 
 ![](./notesy.png)
 
-The page made GET request to php script encrypt.php, passing our message as m parameter. Placeholder on the main site was `Give me like a note dude`, javascript refuses to encrypt messages shorter than 5 characters. We have tried wide range of various attempts: sending short messages directly to php script, really long messages, but nothing succeeded.
+The page was making a GET request to a php script encrypt.php, passing our message as parameter. Placeholder on the main site was `Give me like a note dude`, javascript refuses to encrypt messages shorter than 5 characters. We have tried wide range of various attempts: sending short messages directly to php script, really long messages, but nothing succeeded.
 
-Do you know now what the flag is? We didn't for about 20 hours… right in front of our eyes…
+Do you already know now what the flag is? We didn't for about 20 hours… while it was right in front of our eyes…
 
-Just an hour after the contest began (we don't know exact time of starting our attempts to solve the task), we've noticed that dependency between letters is as follows:
+Just an hour after the contest began (we don't know the exact time when we started to work on this task) we've noticed that dependency between letters is as follows:
 
 ```
 ABCDEFGHIJKLMNOPQRSTUVWXYZ
 UNHMAQWZIDYPRCJKBGVSLOETXF
 ```
-We tried to think really out of the box, but that didn't help much. The hint helped us a lot (If you have the ability to encrypt and decrypt, what do you think the flag is?) it became clear that the flag is the cipher's key. But because this was substitution cipher, there was no key per se. So flag could only be `UNHMAQWZIDYPRCJKBGVSLOETXF`. This had to be the most frustrating challenge we have faced since a very long time.
+We tried to think really out of the box, but that didn't help much. The hint helped us a lot (If you have the ability to encrypt and decrypt, what do you think the flag is?) it became clear that the flag is the cipher's key. But because this was a substitution cipher, there was no key per se. So flag could only be `UNHMAQWZIDYPRCJKBGVSLOETXF`. This was the most frustrating challenge we have faced for a very long time.

2015-09-16-csaw/crypto_50_ones_and_zer0es/README.md

@@ -1,6 +1,9 @@
 ## ones_and_zer0es (crypto, 50p, 987 solves)
 > [eps1.1_ones-and-zer0es_c4368e65e1883044f3917485ec928173.mpeg](ones-and-zer0es.bin)
 
+### PL Version
+`for ENG version scroll down`
+
 Pobieramy wskazany plik. Jego zawartość to:
 
     01100110011011000110000101110100011110110101000001100101011011110111000001101100011001010010000001100001011011000111011101100001
@@ -22,3 +25,28 @@ Robimy pierwszą oczywistą rzecz i dekodujemy te bity jako tekst:
     flat{People always make the best exploits.} I've never found it hard to hack most people. If you listen to them, watch them, th2(...)
 
 Mamy flagę i 50 punktów
+
+### ENG Version
+
+We download provided file. Its contents:
+
+    01100110011011000110000101110100011110110101000001100101011011110111000001101100011001010010000001100001011011000111011101100001
+    01111001011100110010000001101101011000010110101101100101001000000111010001101000011001010010000001100010011001010111001101110100
+    00100000011001010111100001110000011011000110111101101001011101000111001100101110011111010010000001001001001001110111011001100101
+    00100000011011100110010101110110011001010111001000100000011001100110111101110101011011100110010000100000011010010111010000100000
+    01101000011000010111001001100100001000000111010001101111001000000110100001100001011000110110101100100000011011010110111101110011
+    01110100001000000111000001100101011011110111000001101100011001010010111000100000010010010110011000100000011110010110111101110101
+    00100000011011000110100101110011011101000110010101101110001000000111010001101111001000000111010001101000011001010110110100101100
+    00100000011101110110000101110100011000110110100000100000011101000110100001100101011011010010110000100000011101000110100001100101
+    01101001011100100010000001110110011101010110110001101110011001010111001001100001011000100110100101101100011010010111010001101001
+    01100101011100110010000001100001011100100110010100100000011011000110100101101011011001010010000001100001001000000110111001100101
+    01101111011011100010000001110011011010010110011101101110001000000111001101100011011100100110010101110111011001010110010000100000
+    01101001011011100111010001101111001000000111010001101000011001010110100101110010001000000110100001100101011000010110010001110011
+    00101110
+
+
+We start with an obvious approach and we decode given bits as ascii text:
+
+    flat{People always make the best exploits.} I've never found it hard to hack most people. If you listen to them, watch them, th2(...)
+
+We have the flag and 50 points.

2015-09-16-csaw/crypto_50_wh1ter0se/README.md

@@ -3,17 +3,35 @@
 > Note: The flag is the entire thing decrypted
 > [eps1.7_wh1ter0se_2b007cf0ba9881d954e85eb475d0d5e4.m4v](wh1ter0se.bin)
 
+### PL Version
+`for ENG version scroll down`
+
 Pobieramy wskazany plik. Jego zawartość to:
 
     EOY XF, AY VMU M UKFNY TOY YF UFWHYKAXZ EAZZHN. UFWHYKAXZ ZNMXPHN. UFWHYKAXZ
     EHMOYACOI. VH'JH EHHX CFTOUHP FX VKMY'U AX CNFXY FC OU. EOY VH KMJHX'Y EHHX
     IFFQAXZ MY VKMY'U MEFJH OU.
 
-Robimy pierwszą oczywistą rzecz i dekodujemy te bity jako tekst:
 Nie jest to cezar ani nic podobnego, ale wygląda na jakiś szyfr podstawny. Po chwili kombinowania, postanawiamy wrzucić to do jakiegoś [odpowiedniego solvera](http://quipqiup.com/index.php), z dobrym skutkiem:
 
     BUT NO, IT WAS A SHORT CUT TO SOMETHING BIGGER. SOMETHING GRANDER. SOMETHING
     BEAUTIFUL. WE'VE BEEN FOCUSED ON WHAT'S IN FRONT OF US. BUT WE HAVEN'T BEEN
     LOOKING AT WHAT'S ABOVE US.
 
 Mamy flagę i 50 punktów
+
+### ENG Version
+
+We download provided file. Its contents:
+
+    EOY XF, AY VMU M UKFNY TOY YF UFWHYKAXZ EAZZHN. UFWHYKAXZ ZNMXPHN. UFWHYKAXZ
+    EHMOYACOI. VH'JH EHHX CFTOUHP FX VKMY'U AX CNFXY FC OU. EOY VH KMJHX'Y EHHX
+    IFFQAXZ MY VKMY'U MEFJH OU.
+
+It doesn't seem to be a Caesar cipher or anything of this sort, however it does look like a substitution cipher. After a while trying to crack it up we decide to upload the input to an [online cipher solver](http://quipqiup.com/index.php), with good results:
+
+    BUT NO, IT WAS A SHORT CUT TO SOMETHING BIGGER. SOMETHING GRANDER. SOMETHING
+    BEAUTIFUL. WE'VE BEEN FOCUSED ON WHAT'S IN FRONT OF US. BUT WE HAVEN'T BEEN
+    LOOKING AT WHAT'S ABOVE US.
+
+We have the flag and 50 points.

2015-09-16-csaw/crypto_50_zer0_day/README.md

@@ -2,6 +2,9 @@
 
 > [eps1.9_zer0-day_b7604a922c8feef666a957933751a074.avi](zer0-day.bin)
 
+### PL Version
+`for ENG version scroll down`
+
 Pobieramy wskazany plik. Jego zawartość to:
 
     RXZpbCBDb3JwLCB3ZSBoYXZlIGRlbGl2ZXJlZCBvbiBvdXIgcHJvbWlzZSBhcyBleHBlY3RlZC4g\n
@@ -35,3 +38,39 @@ Na pierwszy rzut oka to base64, wystarczy go zdekodować (pamiętając żeby "\n
     "flag{We are fsociety, we are finally free, we are finally awake!}"
 
 Mamy flagę i 50 punktów
+
+### ENG Version
+
+We download provided file. Its contents:
+
+    RXZpbCBDb3JwLCB3ZSBoYXZlIGRlbGl2ZXJlZCBvbiBvdXIgcHJvbWlzZSBhcyBleHBlY3RlZC4g\n
+    VGhlIHBlb3BsZSBvZiB0aGUgd29ybGQgd2hvIGhhdmUgYmVlbiBlbnNsYXZlZCBieSB5b3UgaGF2\n
+    ZSBiZWVuIGZyZWVkLiBZb3VyIGZpbmFuY2lhbCBkYXRhIGhhcyBiZWVuIGRlc3Ryb3llZC4gQW55\n
+    IGF0dGVtcHRzIHRvIHNhbHZhZ2UgaXQgd2lsbCBiZSB1dHRlcmx5IGZ1dGlsZS4gRmFjZSBpdDog\n
+    eW91IGhhdmUgYmVlbiBvd25lZC4gV2UgYXQgZnNvY2lldHkgd2lsbCBzbWlsZSBhcyB3ZSB3YXRj\n
+    aCB5b3UgYW5kIHlvdXIgZGFyayBzb3VscyBkaWUuIFRoYXQgbWVhbnMgYW55IG1vbmV5IHlvdSBv\n
+    d2UgdGhlc2UgcGlncyBoYXMgYmVlbiBmb3JnaXZlbiBieSB1cywgeW91ciBmcmllbmRzIGF0IGZz\n
+    b2NpZXR5LiBUaGUgbWFya2V0J3Mgb3BlbmluZyBiZWxsIHRoaXMgbW9ybmluZyB3aWxsIGJlIHRo\n
+    ZSBmaW5hbCBkZWF0aCBrbmVsbCBvZiBFdmlsIENvcnAuIFdlIGhvcGUgYXMgYSBuZXcgc29jaWV0\n
+    eSByaXNlcyBmcm9tIHRoZSBhc2hlcyB0aGF0IHlvdSB3aWxsIGZvcmdlIGEgYmV0dGVyIHdvcmxk\n
+    LiBBIHdvcmxkIHRoYXQgdmFsdWVzIHRoZSBmcmVlIHBlb3BsZSwgYSB3b3JsZCB3aGVyZSBncmVl\n
+    ZCBpcyBub3QgZW5jb3VyYWdlZCwgYSB3b3JsZCB0aGF0IGJlbG9uZ3MgdG8gdXMgYWdhaW4sIGEg\n
+    d29ybGQgY2hhbmdlZCBmb3JldmVyLiBBbmQgd2hpbGUgeW91IGRvIHRoYXQsIHJlbWVtYmVyIHRv\n
+    IHJlcGVhdCB0aGVzZSB3b3JkczogImZsYWd7V2UgYXJlIGZzb2NpZXR5LCB3ZSBhcmUgZmluYWxs\n
+    eSBmcmVlLCB3ZSBhcmUgZmluYWxseSBhd2FrZSF9Ig==
+
+At the first glance it looks like a base64 encoding, we only need to decode it (keeping in mind to cut out "\n" characters)
+
+    Evil Corp, we have delivered on our promise as expected. The people of the
+    world who have been enslaved by you have been freed. Your financial data has
+    been destroyed. Any attempts to salvage it will be utterly futile. Face it: you
+    have been owned. We at fsociety will smile as we watch you and your dark souls
+    die. That means any money you owe these pigs has been forgiven by us, your
+    friends at fsociety. The market's opening bell this morning will be the final
+    death knell of Evil Corp. We hope as a new society rises from the ashes that
+    you will forge a better world. A world that values the free people, a world
+    where greed is not encouraged, a world that belongs to us again, a world
+    changed forever. And while you do that, remember to repeat these words:
+    "flag{We are fsociety, we are finally free, we are finally awake!}"
+
+We have the flag and 50 points.

2015-09-16-csaw/forensics_100_flash/README.md

@@ -11,8 +11,8 @@ Dostajemy flagę `flag{b3l0w_th3_r4dar}`.
 
 ### ENG Version
 
-Image of 128MB disk was provided.
-We were expecting it to be completly empty, so we didn't even bother mounting it (we actually tried that while writing this writeup and it turned out there were a lot of text files, which was great suprise). So according to the standard procedure, we tried using `photorec`,
+128MB disk image was provided.
+We were expecting it to be completly empty, so we didn't even bother mounting it (we actually tried that while writing this writeup and it turned out there were a lot of text files, which was a great suprise). So according to the standard procedure, we tried using `photorec`,
 but it did not find any images, so we executed `strings flash_c8429a430278283c0e571baebca3d139.img | grep flag`.
 
 The last line of grep output was: `flag{b3l0w_th3_r4dar}`.

2015-09-16-csaw/forensics_100_keep_calm_and_ctf/README.md

@@ -22,7 +22,8 @@ Pierwszą rzeczą jaką robimy w takich sytuacjach jest przejrzenie hexdumpu, ta
 I mamy następną flagę.
 
 ### ENG Version
-So the first thing we do in similar cases is looking in hexdump of the file, just in case. Sometimes there is appended another file or
+
+The first thing we do in similar cases is to look inside the hexdump of the file, just in case. Sometimes there can be another file appended or
 archive with flag. We did it with  `xxd img.jpg | less`.
 
 ```