IceCTF{l33tcrypt_Cryptography_90_pt}
Problem:
We were able to get some code, it seems to be encrypting using AES Cypher.
Here you can get the server file and it's running at nc l33tcrypt.vuln.icec.tf 6001
Hint :
l33tcrypt is a new and fresh encryption service. For added security it pads all information with the flag! Can you get it?
Answer :
Overview :
The server get data and then appends a secret message, it encrypts this data and send it back to you. our goal is to get the secret message. The server encrypts in blocks of 16 bytes. Each time we reduce the input size one by one, then we try to suggess the char that give the same answer from the server.
Details :
your input must start with "l33tserver please" and also must be encrypted with base64.
then the serever decrypt input data and appends secret data. it encrypts all of that data, and sends it back (as a base64 string) with a newline tacked on. I glean this from the following piece of code:
def handle(self):
.....
data = recvline(req).strip()
try:
data = base64.b64decode(data)
except:
req.sendall("bad data\n")
req.close()
return
if not data.startswith("l33tserver please"):
req.sendall("You didnt say the magic word :(\n")
req.close()
return
c = AESCipher(KEY).encrypt(pad(data, 16))
req.sendall("Your l33tcrypted data:\n")
req.sendall(base64.b64encode(c) + "\n")
.....
data = recvline(req).strip()
try:
data = base64.b64decode(data)
except:
req.sendall("bad data\n")
req.close()
return
if not data.startswith("l33tserver please"):
req.sendall("You didnt say the magic word :(\n")
req.close()
return
c = AESCipher(KEY).encrypt(pad(data, 16))
req.sendall("Your l33tcrypted data:\n")
req.sendall(base64.b64encode(c) + "\n")
If we look at the encryption algorithm on the server, you will notice they are using PyCrypto(Crypto.Cipher.AES). ThePyCrypto documentation for AES says that the encryption works in blocks of 16 bytes. If two plaintext blocks are identical, then they will produce identical ciphertext blocks. This is called electronic codebook mode (ECB) of the AES cypher. You can read more about ECB and why it is insecure here. I hope to be able to attack this cypher by manipulating it.
So we must fix our input length into equal multiple of 16.
This is an exemple of input with explication :
Here is two blocks of 16 after the key words:
len(input) == 48
first block of 16 | 2d | |
input : "l33tserver pleaseAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"XXXX
this time the flag start from here |
first block of 16 | 2d | |
input : "l33tserver pleaseAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"XXXX
this time the flag start from here |
After this block the server will appends the flag, and send back the ecrypted message
next step involves resending data with length -1
len(input) == 47
first block of 16 | 2d | |
input : "l33tserver pleaseAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX"XXX
this time the flag start from here |
first block of 16 | 2d | |
input : "l33tserver pleaseAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX"XXX
this time the flag start from here |
Now we resend the input with lenght 48 and every time change the last character until I find the same output.
This is the code that I used to find the flag.
You can download the code from here.
Flag : IceCTF{unleash_th3_Blocks_aNd_find_what_you_seek} :D
0 comments: