Commit e6a1fdad authored by Ines Kramer's avatar Ines Kramer

Merge branch 'develop' into 'master'

Develop

See merge request CampusCyberSecurityTeam/ctfs!24
parents 9471b442 bb452a9c
# List of our participations and results
The list won't be complete though, so it would be better to check out our team's
[ctftime.org profile](https://ctftime.org/team/31301). Any ctf listed here is
guaranteed to have some writeups though.
[ctftime.org profile](https://ctftime.org/team/31301).
Most recent participations are at the top.
## 2019
| Date | CTF | Type | Result (Rank / points) | Writeups |
|------|-----|------|----------------------|---------------|
| April, 9th - 26th |[ångstromCTF 2019](https://2019.angstromctf.com/) | Jeopardy | 104/1140 | [Writeup](/writeups/2019/angstromctf2019.md) |
| April, 12th - | [WPICTF 2019](https://wpictf.xyz/) | Jeopardy | 113/ 481 | [Writeup](/writeups/2019/wpictf2019.md) |
| March, 29th-31st | [VolgaCTF 2019 Qualifier](https://q.2019.volgactf.ru)| Jeopardy | 407/50 | [Writeup](/writeups/2019/volgaqualifier2019.md) |
| March, 23rd-25th | [0CTF/TCTF 2019 Quals](https://ctf.0ops.sjtu.cn) | Jeopardy | 900/1 | n.a. |
| March, 14th-17th | [Pragyan CTF](https://ctf.pragyan.org)| Jeopardy | 93/1075 | [Writeup](/writeups/2019/pragyanctf2019.md) |
| February/March, 22nd - 3rd | [TAMUctf 19](https://tamuctf.com/) | Jeopardy | 216 / 7720 | [Writeup](/writeups/2019/tamuctf2019.md) |
| Jan/Feb, 31th -3rd| [NeverLAN CTF 2019](https://ctf.neverlanctf.com/) | Jeopardy | 143 / 4240 | [Writeup](/writeups/2019/neverlan2019.md) |
## 2018
| CTF | Type | Result (Rank / points) | Documentation |
|-----|------|----------------------|---------------|
Security Fest CTF | Jeopardy | 351/51 | n.a. |
PlaidCTF 2018 | Jeopardy | 652/1 | n.a. |
Sunshine CTF 2018 | Jeopardy | 363 /151 | n.a. |
INS'hAck 2018 | Jeopardy | 240/120 | n.a. |
angstromCTF 2018 | Jeopardy | 622/520 | n.a. |
Pragyan CTF 2018 | Jeopardy | 299/400.0000 | n.a. |
## 2017
| Date | CTF | Type | Result (Rank / points) | Documentation |
......
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
# VolgaCTF 2019 Qualifier
Fr, 29. März, 15:00 – So, 31. März, 15:00 (UTC -> unsre Zeit: UTC + 2h wegen der Sommerzeit)
Format: Jeopardy
URL: https://q.2019.volgactf.ru
Flag format: Flags match /VolgaCTF{[\x20-\x7F]+}/ unless stated otherwise.
## Crypto
### Blind
Pull the flag...if you can.
nc blind.q.2019.volgactf.ru 7070
server.py
* Downloaded server.py
Inside server.py is a signature scheme, which should be meallable because of missing padding
class RSA:
def __init__(self, e, d, n):
self.e = e
self.d = d
self.n = n
def sign(self, message):
message = int(message.encode('hex'), 16)
return pow(message, self.d, self.n)
def verify(self, message, signature):
message = int(message.encode('hex'), 16)
verify = pow(signature, self.e, self.n)
return message == verify
"""
Keys
"""
n = 26507591511689883990023896389022361811173033984051016489514421457013639621509962613332324662222154683066173937658495362448733162728817642341239457485221865493926211958117034923747221236176204216845182311004742474549095130306550623190917480615151093941494688906907516349433681015204941620716162038586590895058816430264415335805881575305773073358135217732591500750773744464142282514963376379623449776844046465746330691788777566563856886778143019387464133144867446731438967247646981498812182658347753229511846953659235528803754112114516623201792727787856347729085966824435377279429992530935232902223909659507613583396967
e = 65537
* each sended command needs to have a signature in first place, except `ls`,`dir` and `sign`, in that cases value can be anything
nc blind.q.2019.volgactf.ru 7070
Enter your command:
1111111111111111111 ls
flag
private_key.py
server.py
* Thought about to sign head command
nc blind.q.2019.volgactf.ru 7070
Enter your command:
11111111111 sign
Enter your command to sign:
head
20275069071548779572208893615644419624451615369191362966175846926294259506016811799699644144920562599576055644778712159879054253852115822451424065292290985812759628808077017944182253104278384050341704729064006033921374111969188527405978968604384720551978024971337535214404185920849345756995157341066226332818964615115606350373558744365405655549553298399046132897296617579125282522286703000455614201337358481434013829599993141748694427274500341628982048229159095971462179588601354418476986721406159707190169758576045885261085168988093325435224556510189756850935569260144361567755271205114770079424962203808900221280764
Enter your command:
20275069071548779572208893615644419624451615369191362966175846926294259506016811799699644144920562599576055644778712159879054253852115822451424065292290985812759628808077017944182253104278384050341704729064006033921374111969188527405978968604384720551978024971337535214404185920849345756995157341066226332818964615115606350373558744365405655549553298399046132897296617579125282522286703000455614201337358481434013829599993141748694427274500341628982048229159095971462179588601354418476986721406159707190169758576045885261085168988093325435224556510189756850935569260144361567755271205114770079424962203808900221280764 head flag
Unknown command head
Seems that we need to use the cd and cat command.
* new idea BLIND: seems we cannot get a signature for cat because of:
if sign_cmd not in ['cat', 'cd']:
sgn = signature.sign(sign_cmd)
send_message(str(sgn))
But RSA signatures can be blinded
```python
#!/usr/bin/env python
# -*- coding: utf-8 -*-
"""
Signature
"""
import gmpy2
class RSA:
def __init__(self, e, d, n):
self.e = e
self.d = d
self.n = n
def sign(self, message):
message = int(message.encode('hex'), 16)
print("rsamsg:",message)
return pow(message, self.d, self.n)
def verify(self, message, signature):
message = int(message.encode('hex'), 16)
verify = pow(signature, self.e, self.n)
return message == verify
"""
TEST
"""
p=21563957808398119329545349513312897291720371794644161565433575994922624494866014735925135594671402533520230648695949559828278766299067426136066601816643711
q=22708406967509416561081471369947020796745437757938294005271339336356008357234294069698063747451399564794968797317330497407167861251551902204973484175503837
n=p*q
phi=(p-1)*(q-1)
e = (1 << 16) + 1
d = gmpy2.invert(e, phi)
print(e,d,n)
signature = RSA(e, d, n)
#generate sig for cat
msg="cat"
catsig=signature.sign(msg)
print("catsig:",int(catsig))
print(signature.verify(msg,int(catsig)))
#generate a blinding factor r^e
r=3
r_blind=pow(r, e, n)
# extract blind message m'=m*r^e
msg_int=int(msg.encode('hex'), 16)
msgblind_int=gmpy2.mpz(msg_int*r_blind%n)
print("msgblind_int:",msgblind_int)
#msgblindhex=int_to_str(msgblind_int)
msgblindhex=msgblind_int.digits(16)
print("msgblindhex:",msgblindhex)
msgblind=msgblindhex.decode('hex')
print("msgblind:",msgblind)
#generate sig for blindmsg s'=m'^d
msgblindsig=signature.sign(msgblind)
print("msgblind:",msgblind)
# generate inverse r^-1
blindinv=gmpy2.invert(r,n)
# recalculate signature s=s'*r^-1
testsig=msgblindsig*blindinv%n
print("msgblind:",testsig)
print(signature.verify(msg,int(testsig)))
```
* but there is still a problem with shlex.split(msgblind) at the ctf server like `No closing quotation` or the `Signature verification check failed`.
```python
...
n = 26507591511689883990023896389022361811173033984051016489514421457013639621509962613332324662222154683066173937658495362448733162728817642341239457485221865493926211958117034923747221236176204216845182311004742474549095130306550623190917480615151093941494688906907516349433681015204941620716162038586590895058816430264415335805881575305773073358135217732591500750773744464142282514963376379623449776844046465746330691788777566563856886778143019387464133144867446731438967247646981498812182658347753229511846953659235528803754112114516623201792727787856347729085966824435377279429992530935232902223909659507613583396967
e = 65537
for r in range(2,1000000):
r_blind=pow(r, e, n)
#msg="cat"
msg="cd"
# extract blind message m'=m*r^e
msg_int=int(msg.encode('hex'), 16)
msgblind_int=gmpy2.mpz(msg_int*r_blind%n)
msgblindhex=msgblind_int.digits(16)
try:
msgblind=msgblindhex.decode('hex')
except:
continue
msgblindsend=msgblind.encode("base64")
cmd_l=[]
try:
cmd_l = shlex.split(msgblind)
print(len(cmd_l))
print(cmd_l[0])
except:
continue
if len(cmd_l)==1:
print(r,"msgblind:",msgblind)
print("msgblindsend: ",msgblindsend)
print (r)
break
r_cd=r
# generate inverse r^-1
blindinv=gmpy2.invert(r_cd,n)
#catblindsig=
#cdblindsig=
# recalculate signature s=s'*r^-1
#catsig=int(catblindsig)*blindinv%n
#cdsig=int(cdblindsig)*blindinv%n
#print("catsig:",int(catsig))
#print("cdsig:",int(cdsig))
```
## PWN
warm
How fast can you sove it? nc warm.q.2019.volgactf.ru 443
warm
* Downloaded warm
file warm
warm: ELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, for GNU/Linux 3.2.0, BuildID[sha1]=c549628c0b3841a5fd9a23f0faaf6b51eb858e94, stripped
seems to run on ARM architecture and is stripped
* strings
_ITM_registerTMCloneTable
H KxD J{D
J{DzD
x`xh
x{h 3
{h 3
x`9`{h
:h !
x`9`.L|D.K
'K{D
8a;i
?JFAF8F
FLAG_FILE
flag
Incorrect! Try again!
Unable to open file
Unable to open %.*s file!
Unknown error
Hi there! I've been waiting for your password!
## Web [100]
Shop
Our famous shop is back!
You can sign up with any username and password and get 100 free credits. It is possible to buy stuff. One of which is the flag that costs 1337 -> we somehow have to modify our credits.
## Antifake [50 SOLVED]
Horrible retelling
Someone sent us the news for publication. It seems an actual error, except for spelling.
"Scientists found the oldest telescope This tool was used by seafarers from Portuge. British researchers report that scientists explore Arabian sea bottom. There are a lot of wrecks. Last week one of the Scientist journal published an article about discovering a special device. It’s looks like big coin with a hole in its centre. Historians classed it as an oldest device of its tipe. Researchers suggest that it was used in middle ages or mayby earlier. One of the most special detail of telescope is a pattern rounds telescope. It includes a Picture of the Earth. At the turn of the Middle ages that was associated with a Portuguese king. There is only one same devise has been fond before. But researchers don’t sure about age of it. Altogether there are more tahn hundred same artifacts. New one isn’t most old. But its’s unique with its decoration. Besides in the latest Middle ages navigator sed more precise devices"
solution: **Astrolabe**
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment