Many a times the inmates get successful in breaking the jail and escape. Records of such fugitive inmates is maintained by Jailer and shared with concerned departments. These one line records are stored in a file and Encrypted (AES-128-CBC) with a common password "jailbreak123". The format of record is :
name_of_inmate;prison_term=2yrs;about=some useful information of the inmate
For example : An inmate SandeepKamble with Jail_id 0013344 was prisoned in 2012 and he evaded the jail in the year of 2013 his record was stored as sandeep;prison_term=1yrs;about=he is a good hacker.
Such records are encrypted using following parameters:
Password = "jailbreak123"
Iv = Jail_idJail_id
For Sandeep Kamble the jail_id was 0013344, so the IV for his record encryption was
IV = "00133440013344"
It was discovered that the corrupt Jailer helped one inmate to escape from jail last year.. Name/ jail_id not known, but the encrypted record:
U2FsdGVkX1+1KcLc+WlP8rcjdSP8DnOx/W1h+lww6rGCUVH4ghAuhSs+Xs9ShwJN
EFlJ4IWDoG00T4LnAqIMrsY9EODHGc7Jv/Rn1lC/h7k=
Check if you can find out the inmate’s first name and as a result his Jail_id. Submit jail_id as a flag for 200 nullcoins.
Original link :
| Action | Rating | Author team |
|---|---|---|
| Read writeup |
not rated
|
greunion |
This solution was posted the slack channel by someone : https://pastebin.com/StmJCCjQ. This is exactly the approach we used during the CTF.
However, the provided solution does not work. Not because of the approach, but because the password given in the chall's decription "jailbreak123" seems to be incorrect.
During the challenge, we alerted admins about this challenge being bogus, but no verification or corrective actions were taken.
