Act II

Table of Contents

• Act II
  • Table of Contents
  • Overview
  • Challenges
  • Story Context
  • Key Techniques
  • References

---

Overview

In Act II of Holiday Hack Challenge 2025, the Gnomes' nefarious plot seems to involve stealing refrigerator parts. But why?

The challenges span disk image mounting and file carving techniques, JWT spoofing and JWKS attack, and Post-Quantum Cryptography (PQC).

---

Challenges

Challenge	Category
retro-recovery/	Disk image analysis
rogue-gnome-identity-provider/	JWT attacks
quantgnome-leap	Modern cryptography techniques

---

Story Context

• Retro Recovery — Join Mark in the retro shop. Analyze his disk image for a blast from the retro past and recover some clasic treasures.
• Rogue Gnome Identity Provider — Hike over to Paul in the park for a gnomey authentication puzzle adventure. What malicious firmware image are the gnomes downloading?
• Quantgnome Leap — Charlie in the hotel has quantum gnome mysteries waiting to be solved. What is the flag that you find?

---

Key Techniques

• Disk image parsing and file recovery
• JWT spoofing and JWKS attack
• Post-Quantum Cryptography (PQC)

---

References

• ctf-techniques/forensics/ — disk image mounting and file carving techniques
• ctf-techniques/crypto/ — Base64 decoding reference, Post-Quantum Cryptography (PQC)
• ctf-techniques/web/jwt/ — JWT spoofing and JWKS attack reference