Hackfest{2k17_online_Quals_writeUps}

1:45:00 PM Unknown 0 Comments


Crypto ,1 pt

My agent intercepted the following message.

4b4241494f4c5e594251471a67196e1e751958495a531a1d58135a1e73621b757559191319641e5866467
5731a411f646e1b78196e191d75751a19686775581a7519787a441a75191a1d4875137f0b590b0b7d 
 

It is encrypted using a homemade cryptographic algorithm! He managed also to find which server encrypted the message! 
You can access it from: nc challenge.hackfest.tn 3001 Can you decrypt the message for us?

The server reads the user input , encrypt it and return a hex string.We have generated it all the possible characters and then wrote another script to decrypt the script , this makes the process more faster than using nc to guess the next hex !

#!/bin/python
#Crypto 1
ch = "!\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}"
secret=["41","49","4f","4c","5e","59","42","51","47","1a","67","19","6e","1e","75","19","58","49","5a","53","1a","1d","58","13","5a","1e","73","62","1b","75","75","59","19","13","19","64","1e","58","66","46","75","73","1a","41","1f","64","6e","1b","78","19","6e","19","1d","75","75","1a","19","68","67","75","58","1a","75","19","78","7a","44","1a","75","19","1a","1d","48","75","13","7f","0b","59","0b","0b","7d"]
c=['0b', '08', '09', '0e', '0f', '0c', '0d', '02', '03', '00', '01', '06', '07', '04', '05', '1a', '1b', '18', '19', '1e', '1f', '1c', '1d', '12', '13', '10', '11', '16', '17', '14', '15', '6a', '6b', '68', '69', '6e', '6f', '6c', '6d', '62', '63', '60', '61', '66', '67', '64', '65', '7a', '7b', '78', '79', '7e', '7f', '7c', '7d', '72', '73', '70', '71', '76', '77', '74', '75', '4a', '4b', '48', '49', '4e', '4f', '4c', '4d', '42', '43', '40', '41', '46', '47', '44', '45', '5a', '5b', '58', '59', '5e', '5f', '5c', '5d', '52', '53', '50', '51', '56', '7d']
flag=""
print ch[c.index("49")-1]
for j in range(0,100,2):
 flag+=ch[c.index(secret[j+1])]
 flag+=ch[c.index(secret[j])]
 print flag
 


Web ,1 pt
At the first sight, the task looks weird! nothing works, no response from the server, Maybe a blind SQL injection, but no way !! nothing special. I have launched fuzzer usernames and passwords and we got this message for username = test and password = test





Now we are sure , the vulnerability is in the DB and the username is "admin" , trying some tricks then test the NoSQL injection ! ! and here we go we got the flag! [this reminds me of the IceCTF task ]



Rev ,1 pt
The task is an encrypted python script 


#!/usr/bin/env python
# -*- coding: rot13 -*-

#import sys

o = '123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz'.qrpbqr("rot13")

vs olgrf == fge:
    vd = ynzoqn f: znc(beq, f)
    od = ynzoqn f: ''.wbva(znc(pue, f))
    ohssre = ynzoqn f: f

qrs r(i):

    by = yra(i)
    i = i.yfgevc(o'\0')
    ay = yra(i)

    c, k = 1, 0
    sbe p va vd(i[::-1]):
        k += c * p
        c = c << 8

    e = ''
    juvyr k > 0:
        k, z = qvizbq(k, 58)
        e += o[z]

    erghea (e + o[0] * (by - ay))[::-1]


cevag 'Flag:',
synt = enj_vachg()
vs r(synt) == "2GYhdiSLoJTRvASGXjIHtatb9Kdr":
    cevag ":)"
ryfr:
    cevag ":("

 


Decrypt the code with ROT13 and now we can read the script !


#!/hfe/ova/rai clguba
# -*- pbqvat: ebg13 -*-

#vzcbeg flf

b = '123456789NOPQRSTUWXYZACDEFGHIJKLMnopqrstuvwxzabcdefghijklm'.decode("ebg13")

if bytes == str:
    iq = lambda s: map(ord, s)
    bq = lambda s: ''.join(map(chr, s))
    buffer = lambda s: s

def e(v):

    ol = len(v)
    v = v.lstrip(b'\0')
    nl = len(v)

    p, x = 1, 0
    for c in iq(v[::-1]):
        x += p * c
        p = p << 8

    r = ''
    while x > 0:
        x, m = divmod(x, 58)
        r += b[m]

    return (r + b[0] * (ol - nl))[::-1]


print 'Synt:',
flag = raw_input()
if e(flag) == "2TLuqvFYbWGEiNFTKwVUgngo9Xqe":
    print ":)"
else:
    print ":("


 
After same analysis, the script convert the user inputs into ASCII, use the divmod(ASCII,58) function then get a character of the division "/" and mod() from b variable which is encrypted with ROT(13) and reverse the string!
example !




Google it a while and we got this script to decrypt the msg

import sys

val='i'

from hashlib import sha256

# 58 character alphabet used
alphabet = '123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz'.encode("rot13")


if bytes == str:  # python2
    iseq = lambda s: map(ord, s)
    bseq = lambda s: ''.join(map(chr, s))
    buffer = lambda s: s

def b58encode(v):

    origlen = len(v)
    v = v.lstrip(b'\0')
    newlen = len(v)

    p, acc = 1, 0
    for c in iseq(v[::-1]):
        acc += p * c
        p = p << 8

    result = ''
    while acc > 0:
        acc, mod = divmod(acc, 58)
        result += alphabet[mod]

    return (result + alphabet[0] * (origlen - newlen))[::-1]


def b58decode(v):

    if not isinstance(v, str):
        v = v.decode('ascii')

    origlen = len(v)
    v = v.lstrip(alphabet[0])
    newlen = len(v)

    p, acc = 1, 0
    for c in v[::-1]:
        acc += p * alphabet.index(c)
        p *= 58

    result = []
    while acc > 0:
        acc, mod = divmod(acc, 256)
        result.append(mod)

    return (bseq(result) + b'\0' * (origlen - newlen))[::-1]

print 'Input:\t',val
print 'encode' ,b58encode(val)
print 'Base58:\t',b58decode("2GYhdiSLoJTRvASGXjIHtatb9Kdr")
 

The flag is : hackfest{it_was_b58}
PWN , 1 pt
The task accepts only a few characters, and the allowed ones are 0123456789.+-/%*<>!=[]() 
 ,If we could write something with []()! then we can read the flag , we have used an online tool called Jsfuck http://www.jsfuck.com/


and the flag is !



Web, 10pt
An xml format sent to the server ! its obvious XXE xml vulnerability ! similar to the root me task! , doing same tests , adding an entity and execute a cmd ! and we got this 
URL encode of the the request ! . Our request was for ! /etc/passwd




Let's now read the flag !



hackfest{XML_1s_l1k3_vi0l3nc3_1f_1t_d0e5n_T_s0lv3_y0ur_prOblem_y0U_re_n0t_us1n9_en0uGh_0f_iT}

Misc, 1pt
Do we really need a write up for this one ! !? :p just submit the flag XD !
For 10

0 comments:

EasyCTF 2017{Tasks_WriteUps}

1:00:00 PM Unknown 0 Comments


Hash on Hash , Cryptography , 100 pt  -solved by chouaib(cho)
Task 
There's a lot of hex strings here. Maybe they're hiding a message? 
Hint: Thankfully you can solve this without even using a website
HexStrings file 

The first thing that  We have hex strings file and we noticed it's MD5 hashes and every 256 char MD5's means one letter so we can make it easy and Solved with https://hashkiller.co.uk/md5-decrypter.aspx

This is what we got !

The first thing that  Im far too lazy to put anything meaningful here. Instead, here's some information about what you just solved. The MD5 algorithm is a widely used hash function producing a 128-bit hash value. Although MD5 was initially designed to be used as a cryptographic hash function, it has been found to suffer from extensive vulnerabilities. It can still be used as a checksum to verify data integrity, but only against unintentional corruption. Like most hash functions, MD5 is neither encryption nor encoding. It can be cracked by brute-force attack and suffers from extensive vulnerabilities as detailed in the security section below. MD5 was designed by Ronald Rivest in 1991 to replace an earlier hash function MD4.[3] The source code in RFC 1321 contains a "by attribution" RSA license. The abbreviation "MD" stands for "Message Digest." The security of the MD5 has been severely compromised, with its weaknesses having been exploited in the field, most infamously by the Flame malware in 2012. The CMU Software Engineering Institute considers MD5 essentially "cryptographically broken and unsuitable for further use". easyctf{1_h0p3_y0u_d1dn7_d0_7h47_by_h4nd}

the flag is : easyctf{1_h0p3_y0u_d1dn7_d0_7h47_by_h4nd}

RSA1, Cryptography ,50 pt - solved by Chouaib(cho) 
Task 
The first thing that  I found somebody's notes on their private RSA! Help me crack this. 
Hint: Go google RSA if you're stuck. 

File = ciphertest1.txt p: 

p: 33499881069427614105926941260008415630190853527846401734073924527104092366847259
q: 34311544767652906613104559081988349779622789386528780506962212898921316785995851
e: 65537
c: 43465248299278658712013216049003172427898782261990372316282214376041873514481386908793943532363461126240609464283533882761307749486816342864113338277082746552
 
 
The first thing that  So,I wrote this humble script to solve this problem using gmpy Module :

import gmpy

p = 33499881069427614105926941260008415630190853527846401734073924527104092366847259
q = 34311544767652906613104559081988349779622789386528780506962212898921316785995851
e = 65537
c = 43465248299278658712013216049003172427898782261990372316282214376041873514481386908793943532363461126240609464283533882761307749486816342864113338277082746552

f = (p-1) * (q-1)

d = gmpy.invert(e,f)

print "private key d value is : %d" % d 
plain = hex(pow(c,d,n))[2:]
flag = plain.decode("hex")
print "The Flag is %s "  % flag 
 
Decode me , Cryptography ,100 pt -solved by Chouaib (cho)
Task 
Someone I met today told me that they had a perfect encryption method. To prove that there is no such thing, I want you to decrypt this encrypted flag he gave me. 

Hint: Simple decoding :)

The first thing that  The input in the end of file is " = " what make me release it is base64. The input in the end of file is " = " what make me released it is base64 but the file file size too long so i need to decrypt it many time until i found the Flag. So I wrote a short python script to do that using the Base64 Module .
import base64

file = open('file.txt').read()
dec = lambda x :base64.b64decode(file)
flag = dec(file)
while 'easyctf' not in flag:
    flag = base64.b64decode(flag)
print flag


 the flag is : easyctf{what_1s_l0v3_bby_don7_hurt_m3}

RSA2 , Cryptography , 80 pt - solved by Chouaib(cho)

Task 
The first thing that  some more RSA : This time, there's no P and Q .. this :

n: 266965481915457805187702917726550329693157
e: 65537
c: 78670065603555615007383828728708393504251
 

Hint: Simple decoding :)

As you see above there's no P and Q i had only N , so i used http://factordb.com/ to get the Prime Factor of P and Q :

 p = 458070420083487550883
q = 582804455845022449879



And then i wrote this script to the flag of RSA challenge also using gmpy Module that supports multiple-precision arithmetic :

 import gmpy

n = 266965481915457805187702917726550329693157
p = 458070420083487550883
q = 582804455845022449879
e = 65537
c = 78670065603555615007383828728708393504251
f = (p-1) * (q-1)

d = gmpy.invert(e,f)
plain = hex(pow(c,d,n))[2:]
flag = plain.decode("hex")
print "The Flag is %s "  % flag
 
the is flag : flag{l0w_n_0eb6}
RSA3, Cryptography , 135 pt  -solved by chouaib(cho)
Task 
We can across another message that follows the same cryptographic schema as those other RSA message. Take a look and see if you can crack it . 

Hint: You might want to read up on how RSA works.
File:


 {N : e : c}
{0x27335d21ca51432fa000ddf9e81f630314a0ef2e35d81a839584c5a7356b94934630ebfc2ef9c55b111e8c373f2db66ca3be0c0818b1d4eda7d53c1bd0067f66a12897099b5e322d85a8da45b72b828813af23L : 0x10001 : 0x9b9c138e0d473b6e6cf44acfa3becb358b91d0ba9bfb37bf11effcebf9e0fe4a86439e8217819c273ea5c1c5acfd70147533aa550aa70f2e07cc98be1a1b0ea36c0738d1c994c50b1bd633e3873fc0cb377e7L}

 
Almost the same as the last RSA challenge there's no P and Q i had only N but as you can see clearly this time N , E , C is encrypted with base 16 (hex) so i need to take it back , and then using the http://factordb.com/ to get the Prime Factor of P and Q : This is my script to solve RSA3 :


import gmpy

n = int('0x27335d21ca51432fa000ddf9e81f630314a0ef2e35d81a839584c5a7356b94934630ebfc2ef9c55b111e8c373f2db66ca3be0c0818b1d4eda7d53c1bd0067f66a12897099b5e322d85a8da45b72b828813af23',16)
e = int('0x10001',16)
c = int('0x9b9c138e0d473b6e6cf44acfa3becb358b91d0ba9bfb37bf11effcebf9e0fe4a86439e8217819c273ea5c1c5acfd70147533aa550aa70f2e07cc98be1a1b0ea36c0738d1c994c50b1bd633e3873fc0cb377e7',16)

""" p and q find on FactorDB """
p = 3423616853305296708261404925903697485956036650315221001507285374258954087994492532947084586412780869
q = 3423616853305296708261404925903697485956036650315221001507285374258954087994492532947084586412780871

n=p*q
f = (p-1) * (q-1)

d = gmpy.invert(e,f)
plain = hex(pow(c,d,n))[2:]
flag = plain.decode("hex")
print "The Flag is %s "  % flag  

The Flag is easyctf{tw0_v3ry_merrry_tw1n_pr1m35!!_417c0d} 

Flip my letters , Cryptography ,50 pt -solved by Chouaib (cho)
Task 
We have given a flag :easyctf{r_wlmg_vevm_mvvw_zm_zhxrr_gzyov} 

Hint : What happens if you turn the alphabet upside down?

Hummm alphabet upside down it is means decode the flag with Reverse Alphabet , I feel too lazy to write script so with simple search on Google for Atbash Cipher


The flag is easyctf{i_dont_even_need_an_ascii_table}
Let Me Be Frank , Cryptography ,50 pt -solved by S0ld1er

Here we have the following text given:
Nwh whdjwh qm uepen, T tjb fsmt tixgi jsrsh sigm gs mpzp xwqf iahxpv iw fslkt. pehgpxf{qtextz_glacz_elt_neinrw_qsg_bums_dcp}
 

That might be Vigenère cipher , decoding the flag using Cryptool.



YOUSHOULDBEHAPPYIPUTSOMEEXTRAWORDSHERETOMAKETHISEASIERTOSOLVE EASYCTF{BETTER_THANK_THE_FRENCH_FOR_THIS_ONE}

Lowercase the flag 
the flag is easyctf{better_thank_the_french_for_this_one}

Phunky Python ,reverse ,50 pt -solved by S0ld1er

The goal of this task is to find the correct value of x, so the script below prints out the word “easyctf”.
x = 0 # REDACTED
digs = [117734844603869328, 117734844603869324, 117734844603869342, 117734844603869348, 117734844603869326, 117734844603869343, 117734844603869329]
out = ""
for letter in reversed(digs):
    out = chr(letter - x) + out
print out

 
The first letter of the flag is "e", means 101 in ASCII. calculate the difference between the given value and x to get ord("e")= 101.YES, we love math :p



Replace x with this value and check out the script 




The flag is easyctf{117734844603869227L }

luckyguess, reverse engineering 200 pt

0 comments:

EasyCTF2017{67K_Rev_Writeup}

8:09:00 AM aymen borgi 1 Comments


67K, Reverse Engineering, 400 pt 
After we have extracted the file ==67k.zip a huge number of files appears with a HEX names .


Static analysis 


Pick up the first bin file 00000.exe and analyze it 
$ objdump -d 00000.exe 


After looking a while and comparing the different assembly code of many files, all the binaries share  the same code logic.


  1. 1. Reading an input from the user 
  2. 2. Comparing the input with a character cmp 0x40306c , $eax, [if the cmp is false then      jump  JNE  0x40205a ]
  3. 3. Output an answer! [ when the input is false, the bin.exe file output this MSG >I think my       dog  figured this out before you. ]


Core idea ! 


Our main idea was to change the condition from JNE (jump if not equal) to JE (Jump if equal) and patch the PE files to return always True and output the flag!, so, no need to guess the character even a false one returns always the flag .

When we change the opcode in HEX format using HxD form 75  to 74  we can get out the right flag in our case the first bin file returns (J) !!

Writing a script !


Here is a dirty script to convert all the bin files to HEX format ,fetching and replacing the 75  (JNE) to 74  (JE) and convert the HEX code to Binary file again .
Not the most elegent code ! but it works pretty c00l ! :p 
#!/usr/bin/env python3
import glob
import binascii
import fileinput


def serch_pattern(file_in): #serach and replace pattern 751e ==> 741e
    fileToSearch = file_in
    textToSearch ="751e"
    textToReplace ="741e"
    with fileinput.FileInput(fileToSearch, inplace=True, backup='.bak') as file:
        for line in file:
            print(line.replace(textToSearch, textToReplace))



def file_to_HEX(file_in,file_out): # convert file to hex
    k = open(file_out,"wb")
    with open(file_in, 'rb') as f:
        content = f.read()
    print(binascii.hexlify(content))
    k.write(binascii.hexlify(content))
    k.close()




def hex_to_bin(file_in,file_out): # convert hex to file.exe [binary]
    with open(file_in) as f, open(file_out, 'wb') as fout:
        for line in f:
            fout.write(
                binascii.unhexlify(''.join(line.split()))
            )






if __name__ == '__main__':
    a = glob.glob("*.exe")
    for i in a:
        file_to_HEX(i,"out.txt")
        serch_pattern("out.txt")
        hex_to_bin("out.txt",i) 
 
All files are patched successfully .Now let's run all the PE files and grab the flag ! .
for file in task/* ; do echo "A" | wine $file >> flag.txt; done 
 
The time execution is about 1h  !, because of the huge number of files ! .

Check out the flag.txt .

No flag !!!! 


It's obviously a JS obfuscation ! writing ,another script to extract the code !.
flag = ""
with open("flag.txt") as f:
    for line in f:
        if(line.find("(")>-1):
            flag+= line[line.find("(")+1:line.find("(")+2]
print flag
text_file = open("solve.js", "w")
text_file.write(flag)
text_file.close() 
 
Finally we get the JavaScript code 



Fixing some bugs and Run the code .



We have spent a great time solving this task it takes 2-3 h to solve it ! .


1 comments: