Skip to content

Commit

Permalink
Add NahamCon_2020 writeups
Browse files Browse the repository at this point in the history
  • Loading branch information
@skyf0l
skyf0l committed Jun 13, 2020
1 parent 8209e7f commit 633bd0c
Show file tree
Hide file tree
Showing 8 changed files with 945 additions and 0 deletions.
253 changes: 253 additions & 0 deletions NahamCon_2020/Cryptography.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,253 @@
# Cryptography

## Twinning
```
These numbers wore the same shirt! LOL, #TWINNING!
Connect with:
nc jh2i.com 50013
```

We start by connecting to the level:
```
$ nc jh2i.com 50013
Generating public and private key...
Public Key in the format (e,n) is: (65537,10507244454143)
The Encrypted PIN is 882113417291
What is the PIN?
```

It's a basic RSA encryption, we can see that N is tooo small, we can try to factorise it with http://www.factordb.com/index.php?query=10507244454143

Bingo, `10507244454143` = `3241487` * `3241489`

Now, we can decrypt the cipher with python:
``` python
$ python
Python 2.7.18 (default, Apr 21 2020, 18:49:31)
Type "help", "copyright", "credits" or "license" for more information.
>>> p = 3241487
>>> q = 3241489
>>> N = p * q
>>> print N == 10507244454143
True
>>> e = 65537
>>> phi = (q - 1) * (p - 1)
>>> from Crypto.Util.number import inverse
>>> d = inverse(e, phi)
>>> cipher = 882113417291
>>> plaintext = pow(cipher, d, N)
>>> print plaintext
1668
```

The plaintext pin is `1668`

Finally, we send it to the challenge:
```
$ nc jh2i.com 50013
Generating public and private key...
Public Key in the format (e,n) is: (65537,10507244454143)
The Encrypted PIN is 882113417291
What is the PIN?
1668
Good job you won!
flag{thats_the_twinning_pin_to_win}
```

The flag is: `flag{thats_the_twinning_pin_to_win}`

## Ooo-la-la
```
Uwu, wow! Those numbers are fine!
Download the file below.
Files: prompt.txt
```

`prompt.txt` content:
```
N = 3349683240683303752040100187123245076775802838668125325785318315004398778586538866210198083573169673444543518654385038484177110828274648967185831623610409867689938609495858551308025785883804091
e = 65537
c = 87760575554266991015431110922576261532159376718765701749513766666239189012106797683148334771446801021047078003121816710825033894805743112580942399985961509685534309879621205633997976721084983
```

We can try to factorize N with http://www.factordb.com and we can see that N = `1830213987675567884451892843232991595746198390911664175679946063194531096037459873211879206428207` * `1830213987675567884451892843232991595746198390911664175679946063194531096037459873211879206428213`

Then we can decrypt the cipher like **Twinning** challenge:
``` python
$ python
Python 2.7.18 (default, Apr 21 2020, 18:49:31)
Type "help", "copyright", "credits" or "license" for more information.
>>> p = 1830213987675567884451892843232991595746198390911664175679946063194531096037459873211879206428207
>>> q = 1830213987675567884451892843232991595746198390911664175679946063194531096037459873211879206428213
>>> N = p * q
>>> print N == 3349683240683303752040100187123245076775802838668125325785318315004398778586538866210198083573169673444543518654385038484177110828274648967185831623610409867689938609495858551308025785883804091
True
>>> e = 65537
>>> phi = (q - 1) * (p - 1)
>>> from Crypto.Util.number import inverse
>>> d = inverse(e, phi)
>>> cipher = 87760575554266991015431110922576261532159376718765701749513766666239189012106797683148334771446801021047078003121816710825033894805743112580942399985961509685534309879621205633997976721084983
>>> plaintext = pow(cipher, d, N)
>>> print plaintext
50937517511042200745290788421321823843091772536455731976208097788779057394456536262472573
>>> print hex(plaintext)[2:-1].decode('hex')
flag{ooo_la_la_those_are_sexy_primes}
```

The flag is `flag{ooo_la_la_those_are_sexy_primes}`

## December
```
This is my December...

Download the file below.
Files: source.py ciphertext
```

`source.py`:
``` python
#!/usr/bin/env python

from Crypto.Cipher import DES

with open('flag.txt', 'rb') as handle:
flag = handle.read()

padding_size = len(flag) + (8 - ( len(flag) % 8 ))
flag = flag.ljust(padding_size, b'\x00')

with open('key', 'rb') as handle:
key = handle.read().strip()

iv = "13371337"
des = DES.new(key, DES.MODE_OFB, iv)
ct = des.encrypt(flag)

with open('ciphertext','wb') as handle:
handle.write(ct)
```

`source.py` encrypt the message in `ciphertext` with DES-OFB algorithm

I admit that I was inspired by this write-up: https://shrikantadhikarla.wordpress.com/2016/03/08/des-ofb-writeup-boston-key-party-ctf/

When we run this scipt:
``` python
from Crypto.Cipher import DES, XOR
import operator

block_size = DES.block_size
IV = '13371337'
f = open('ciphertext', 'r')
ciphertext = f.read()
f.close()

first_line = '????????'
p0 = first_line[:block_size]
c0 = ciphertext[:block_size]
xor = XOR.new(c0)
ek = xor.decrypt(p0)

plainblocks = ''
i=0
while True:
cj = ciphertext[(i*block_size):((i+1)*block_size)]
if not cj:
break
xor = XOR.new(cj)
if (operator.mod(i+1,2)==0):
plainblock = xor.decrypt(IV)
else:
plainblock = xor.decrypt(ek)
i = i+1
plainblocks = plainblocks + plainblock
print plainblocks
```
We get:
```
$ ./cracker.py | hexdump -C
00000000 3f 3f 3f 3f 3f 3f 3f 3f 65 20 6d 79 20 73 6e 6f |????????e my sno|
00000010 1c 77 39 23 2c 7a 2c 28 64 20 64 72 65 61 6d 73 |.w9#,z,(d dreams|
00000020 61 03 32 25 29 3f 37 3e 20 6d 65 20 70 72 65 74 |a.2%)?7> me pret|
00000030 0e 39 3e 25 34 78 54 2b 6c 61 67 7b 74 68 69 73 |.9>%4xT+lag{this|
00000040 34 3e 29 13 3b 73 32 12 69 5f 6e 65 65 64 7d 00 |4>).;s2.i_need}.|
00000050 0a |.|
```
But nothing more, we have to try to guess the message to continue to decrypt it

We can guess that on line 4, there is the word `flag`

We try all combinations of the 8th char of the first line and we get with `???????r` as fist line:
```
$ ./cracker.py | hexdump -C
00000000 3f 3f 3f 3f 3f 3f 3f 72 65 20 6d 79 20 73 6e 6f |???????re my sno|
00000010 1c 77 39 23 2c 7a 2c 65 64 20 64 72 65 61 6d 73 |.w9#,z,ed dreams|
00000020 61 03 32 25 29 3f 37 73 20 6d 65 20 70 72 65 74 |a.2%)?7s me pret|
00000030 0e 39 3e 25 34 78 54 66 6c 61 67 7b 74 68 69 73 |.9>%4xTflag{this|
00000040 34 3e 29 13 3b 73 32 5f 69 5f 6e 65 65 64 7d 00 |4>).;s2_i_need}.|
00000050 0a |.|
```

Then we can guess the word `are` in first line, so in script `first_line` is equal to `??????ar`, and we get:
```
$ ./cracker.py | hexdump -C
00000000 3f 3f 3f 3f 3f 3f 61 72 65 20 6d 79 20 73 6e 6f |??????are my sno|
00000010 1c 77 39 23 2c 7a 72 65 64 20 64 72 65 61 6d 73 |.w9#,zred dreams|
00000020 61 03 32 25 29 3f 69 73 20 6d 65 20 70 72 65 74 |a.2%)?is me pret|
00000030 0e 39 3e 25 34 78 0a 66 6c 61 67 7b 74 68 69 73 |.9>%4x.flag{this|
00000040 34 3e 29 13 3b 73 6c 5f 69 5f 6e 65 65 64 7d 00 |4>).;sl_i_need}.|
00000050 0a |.|
```

Next, we can add a space before the word `are`, and with `????? ar` we get:
```
$ ./cracker.py | hexdump -C
00000000 3f 3f 3f 3f 3f 20 61 72 65 20 6d 79 20 73 6e 6f |????? are my sno|
00000010 1c 77 39 23 2c 65 72 65 64 20 64 72 65 61 6d 73 |.w9#,ered dreams|
00000020 61 03 32 25 29 20 69 73 20 6d 65 20 70 72 65 74 |a.2%) is me pret|
00000030 0e 39 3e 25 34 67 0a 66 6c 61 67 7b 74 68 69 73 |.9>%4g.flag{this|
00000040 34 3e 29 13 3b 6c 6c 5f 69 5f 6e 65 65 64 7d 00 |4>).;ll_i_need}.|
00000050 0a |.|
```

We guess the word `all` in flag, we try all combinations of the 5th char and we get with `????e ar` as fist line:
```
./cracker.py | hexdump -C
00000000 3f 3f 3f 3f 65 20 61 72 65 20 6d 79 20 73 6e 6f |????e are my sno|
00000010 1c 77 39 23 76 65 72 65 64 20 64 72 65 61 6d 73 |.w9#vered dreams|
00000020 61 03 32 25 73 20 69 73 20 6d 65 20 70 72 65 74 |a.2%s is me pret|
00000030 0e 39 3e 25 6e 67 0a 66 6c 61 67 7b 74 68 69 73 |.9>%ng.flag{this|
00000040 34 3e 29 13 61 6c 6c 5f 69 5f 6e 65 65 64 7d 00 |4>).all_i_need}.|
00000050 0a |.|
```

Same for char `_` before the word `all` in flag, and we get with `???se ar` as fist line:
```
$ ./cracker.py | hexdump -C
00000000 3f 3f 3f 73 65 20 61 72 65 20 6d 79 20 73 6e 6f |???se are my sno|
00000010 1c 77 39 6f 76 65 72 65 64 20 64 72 65 61 6d 73 |.w9overed dreams|
00000020 61 03 32 69 73 20 69 73 20 6d 65 20 70 72 65 74 |a.2is is me pret|
00000030 0e 39 3e 69 6e 67 0a 66 6c 61 67 7b 74 68 69 73 |.9>ing.flag{this|
00000040 34 3e 29 5f 61 6c 6c 5f 69 5f 6e 65 65 64 7d 00 |4>)_all_i_need}.|
00000050 0a |.|
```
And finally, we can guess that `These` is the first word of fist line, and with `These ar` as first line, we get:
```
$ ./cracker.py | hexdump -C
00000000 54 68 65 73 65 20 61 72 65 20 6d 79 20 73 6e 6f |These are my sno|
00000010 77 20 63 6f 76 65 72 65 64 20 64 72 65 61 6d 73 |w covered dreams|
00000020 0a 54 68 69 73 20 69 73 20 6d 65 20 70 72 65 74 |.This is me pret|
00000030 65 6e 64 69 6e 67 0a 66 6c 61 67 7b 74 68 69 73 |ending.flag{this|
00000040 5f 69 73 5f 61 6c 6c 5f 69 5f 6e 65 65 64 7d 00 |_is_all_i_need}.|
00000050 0a |.|
```
The flag is `flag{this_is_all_i_need}







102 changes: 102 additions & 0 deletions NahamCon_2020/Forensics.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,102 @@
# Forensics

## Microsooft
```
We have to use Microsoft Word at the office!? Oof...
Download the file below.
Files: microsooft.docx
```
We extract files in `microsooft.docx` and we see if flag is write in plaintext:
```
$ grep -R flag
src/oof.txt: [...] flag{oof_is_right_why_gfxdata_though} [...]
```

The flag is: `flag{oof_is_right_why_gfxdata_though}`

## Volatile
```
What was the flag again? I don't remember...
Download the file below.
Note, this flag is not in the usual format.
Large File Hosted with Google Drive
Files: memdump.raw
```

`memdump.raw` is a memory dump, we will use volatility (https://github.com/volatilityfoundation/volatility) to analyse it

First af all, we get the profile of the memory dump:
```
vol -f memdump.raw imageinfo
Volatility Foundation Volatility Framework 2.6.1
INFO : volatility.debug : Determining profile based on KDBG search...
Suggested Profile(s) : Win7SP1x86_23418, Win7SP0x86, Win7SP1x86_24000, Win7SP1x86
AS Layer1 : IA32PagedMemoryPae (Kernel AS)
AS Layer2 : FileAddressSpace (/home/tom.rorato/Downloads/memdump.raw)
PAE type : PAE
DTB : 0x185000L
KDBG : 0x8276fc28L
Number of Processors : 1
Image Type (Service Pack) : 1
KPCR for CPU 0 : 0x82770c00L
KUSER_SHARED_DATA : 0xffdf0000L
Image date and time : 2020-04-20 21:16:55 UTC+0000
Image local date and time : 2020-04-20 14:16:55 -0700
```
We will use the profile: `Win7SP1x86_23418`

We don't know where to get the flag, so we try everything

And we finally fing the flag in console history:
```
vol -f memdump.raw --profile Win7SP1x86_23418 consoles
Volatility Foundation Volatility Framework 2.6.1
**************************************************
ConsoleProcess: conhost.exe Pid: 3468
Console: 0xc781c0 CommandHistorySize: 50
HistoryBufferCount: 1 HistoryBufferMax: 4
OriginalTitle: %SystemRoot%\system32\cmd.exe
Title: C:\Windows\system32\cmd.exe
AttachedProcess: cmd.exe Pid: 3460 Handle: 0x5c
----
CommandHistory: 0x2f0448 Application: cmd.exe Flags: Allocated, Reset
CommandCount: 1 LastAdded: 0 LastDisplayed: 0
FirstCommand: 0 CommandCountMax: 50
ProcessHandle: 0x5c
Cmd #0 at 0x2f4680: echo JCTF{nice_volatility_tricks_bro}
----
Screen 0x2d62d8 X:80 Y:300
Dump:
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Users\JCTF>echo JCTF{nice_volatility_tricks_bro}
JCTF{nice_volatility_tricks_bro}
C:\Users\JCTF>
```

The flag is: `JCTF{nice_volatility_tricks_bro}`

## Cow Pie
```
Ew. Some cow left this for us. It's gross... but something doesn't seem right...
Download the file below.
Files: manure
```
`manure` is a `QEMU QCOW2 Image`

But before all, we try to see if flag is write in plaintext:
```
$ strings manure
[...]
flag{this_flag_says_mooo_what_say_you}
[...]
```

The flag is: `flag{this_flag_says_mooo_what_say_you}`
Loading

0 comments on commit 633bd0c

Please sign in to comment.