Archives de catégorie : 2016

[MMA CTF 2016] [Crypto 180 – ESPer] Write Up

Description

nc cry1.chal.ctf.westerns.tokyo 37992


============================= About ===============================
You are very good ESPer, so that you can change any local variable
value to 2048 bit random integer.

You should specify the ESP string as the line number and variables'
name to change separated by colon.

For example, if the source code is below and your input is "2:x",
the line 2 works the same as "x = rand(2 ** 2048); puts x". So the
output is random number.
+---+-------------------------------------------------------------------------+
| 1| x = 3 |
| 2| puts x |
+---+-------------------------------------------------------------------------+
Encryption Source code is here.
+---+-------------------------------------------------------------------------+
| 1| n, e = read_publickey(ARGV[0]) |
| 2| print "Message m: " |
| 3| STDOUT.flush |
| 4| m = STDIN.gets.to_i |
| 5| c = encrypt(m, e, n) |
| 6| puts "Encrypted: #{c}" |
| 7| STDOUT.flush |
+---+-------------------------------------------------------------------------+

Decryption Source code is here
+---+-------------------------------------------------------------------------+
| 1| p, q, dp, dq, qinvp = read_privkey(ARGV[0]) |
| 2| print "Encrypted Message c: " |
| 3| STDOUT.flush |
| 4| c = STDIN.gets.to_i |
| 5| m1 = decrypt(c, dp, p) |
| 6| m2 = decrypt(c, dq, q) |
| 7| m = merge(m1, m2, p, q, qinvp) |
| 8| puts "Decrypted: #{m}" |
| 9| STDOUT.flush |
+---+-------------------------------------------------------------------------+

Continuer la lecture de [MMA CTF 2016] [Crypto 180 – ESPer] Write Up

[Trend Micro 2016] [Misc 100 – PCAP] Write Up

Description

Category: Misc(iot and network)
Points: 100

Please analyze this pcap.
Download the file

Decrypt the downloaded file by the following command.

> unzip files21.zip
> openssl enc -d -aes-256-cbc -k gcCbBJN5pIHiL8JiJ8Xj -in files21.enc -out files21_ok.zip
> unzip files21_ok.zip

Continuer la lecture de [Trend Micro 2016] [Misc 100 – PCAP] Write Up

[NDH 2016] Retour sur l’événement

Salut tout le monde,

Ce week-end, c’était la Nuit du Hack.
Pour ceux qui ne connaissent pas, c’est une des plus grandes conf’ Française, qui de plus, organise un CTF.
De samedi 10H du matin à dimanche, 7H du matin, il y avait de nombreuses confs’, workshops, et challenges !
Les organisateurs étaient en nombre et présents pour nous 🙂

Continuer la lecture de [NDH 2016] Retour sur l’événement

[Sharif University CTF 2016] [Web 250 – Old persian cuneiform captcha] Write Up

Description

Old Persian cuneiform is a semi-alphabetic cuneiform script that was the primary script for the old persian language. You could get more information on following links,
1- http://www.ancientscripts.com/oldpersian.html
2- https://en.wikipedia.org/wiki/Old_Persian_cuneiform.A web-based collections management for a museum has some extremely valuable information if one has admin user access.

The Site

We found that the « admin » user have a 4-digit password. But they use a captcha made of 10 old persian characters. One has to use the correspondence between symbols and strings to pass theye captcha verification (use « trans.png »).
Log in as « admin » to find the flag.
the flag is in the fomat: [Your flag is: flagflagflag…] (without braces)

trans

Continuer la lecture de [Sharif University CTF 2016] [Web 250 – Old persian cuneiform captcha] Write Up