CTFtime.org / Hack.lu CTF 2015 / Creative Cheating / Writeup

[](ctf=hack.lu-2015)
[](type=crypto)
[](tags=rsa)

# Creative Cheating (crypto-150)

We have a [pcapng](../dump_2bd6da8de87c6f1170dec710f7268a16.pcapng).
Opening it with wireshark we see data packets. Follow the stream and extract it to a [file](str).
We see the data is base64'd.

```bash
cat str | base64 -d > full
```

each line has data in this format.
```
SEQ = 00; DATA = 0x19688f112a61169c9090a4f9918dL; SIG = 0x1448ac6eee2b2e91a0a6241e590eL;
```
What we can conclude is that DATA is the actual ciphertext which was sent to Bob (192.168.0.37). DATA was encrypted using public key of Bob. So we hit factor-db and generate private key for BOB to decrypt data.

```python
>>> p=49662237675630289
>>> q=62515288803124247
>>> s=(p-1)*(q-1)
>>> n=3104649130901425335933838103517383
>>> p*q==n
True
>>> e=0x10001
>>> d=modinv(e,s)
>>> d
1427000713644866747260499795119265L
>>> arr=[0x19688f112a61169c9090a4f9918d,0x50d31689fa2c33f1d5ca0dad9eda,0x50d31689fa2c33f1d5ca0dad9eda,0x59e9bb001b0d9167dbc39dd544c9,0x633282273f9cf7e5a44fcbe1787b,0x7492f4ec9001202dcb569df468b4,0x13a5bbd5163bdf483542906c5bf,0x23d28a636bf59c450ca3a2b0ac13,0x292ffa2958c1318f687dd9ec5d12,0x41c66817dcc70c5cfefa5ac8af9d,0xa02a43cdf9aa345fe83f059cab4,0x2499d57d670c0c0c5880f546cb5d,0x65a0b57d059cb247145db046af3c,0x8a03676745df01e16745145dd212,0x2671c629a6392f3bbeadbcbdab88,0x8a54684d56a3b75673ec3738b547,0x8c0f48af67a09cfa7d3085804a64,0x1eea254d861b2dc7ec03b37ef9fb,0x2c29150f1e311ef09bc9f06735ac,0x2edb62eac7c6e83082387da0576e,0x429cf23ec8e85b52ecbf7bfa5d7f,0x441a62ab479d293a3c3d11d65fde,0x6a8c6422b19f6f5834f32d3df4c2,0x9576dcc1ab851d9d75e83ba2c9ad,0x2b752adc362e851ae0fd926912,0x3b4ec3c9a846c4ed851d09ace122,0x7ccc3d3cb267d75acf0b10f579ec,0x94d97e04f52c2d6f42f9aacbf0b5,0x2b752adc362e851ae0fd926912,0x3b4ec3c9a846c4ed851d09ace122,0x5d06b6d84a20fb67244243f662f3,0x83afae83c1db7776751d56c3f09f,0x3b04b26a0adada2f67326bb0c5d6,0x3cda4bf9b498a68d4cb65bff6fc0,0x5764fa147de808bf29b73405f56,0x9903f776ab3f8256a97f644000e9,0x13a5bbd5163bdf483542906c5bf,0x26debd9510c16fbed4f6264e8b60,0x54cbbdfe6d19ca1b7b9f65964ad3,0x73f2f2383aa091122f26576e94fe,0x3b4ec3c9a846c4ed851d09ace122,0x633282273f9cf7e5a44fcbe1787b,0x292ffa2958c1318f687dd9ec5d12,0x54cbbdfe6d19ca1b7b9f65964ad3,0x5e908df14753d3ea014ecc28d205,0x6ff6c42dcdb0141e10b1af2d623b,0x8a54684d56a3b75673ec3738b547,0x8c0f48af67a09cfa7d3085804a64,0x94d97e04f52c2d6f42f9aacbf0b5,0xd24562795754da7abe213ffc11e,0x35582887dff2f5c6fe1250068d56,0x3b04b26a0adada2f67326bb0c5d6,0x73f2f2383aa091122f26576e94fe,0x75c1fbc28bb27b5d2db9601fb967,0x86116ef24e42925c5a0bb351b161,0x3b04b26a0adada2f67326bb0c5d6,0x45ccd8194a5006d0671bb8c2649,0x45ccd8194a5006d0671bb8c2649,0x580e36ce59978681f893e38d5eca,0x65a0b57d059cb247145db046af3c,0x7ccc3d3cb267d75acf0b10f579ec,0x83afae83c1db7776751d56c3f09f,0x28c15b4514c3e2e9bffc82d48b28,0x2c29150f1e311ef09bc9f06735ac,0x75c1fbc28bb27b5d2db9601fb967,0x3b4ec3c9a846c4ed851d09ace122,0x3be7ad8e70f76b69ece8f9dddf29,0x4332c62d0c1d2ec0ad9a3e124c94,0x441a62ab479d293a3c3d11d65fde,0x85c9583a51e9d9596de611a1cd68,0x1b3ce71fb5629fcb1475c493e5be,0x2660fc6177ce946f748d27a9f45,0x674880905956979ce49af33433,0x8f8610167c2a2ff1b9c751cba6db,0xd24562795754da7abe213ffc11e,0x12cde484c22a5a8fab7871047fd5,0x181901c059de3b0f2d4840ab3aeb,0x2b752adc362e851ae0fd926912,0x8fcb7853f81ab95a1ea3eff79f34,0xd24562795754da7abe213ffc11e,0x75c1fbc28bb27b5d2db9601fb967,0x23d28a636bf59c450ca3a2b0ac13,0x2edb62eac7c6e83082387da0576e,0x2fdcb98cf05f3b74617fbd2e746d,0x674880905956979ce49af33433,0x6a8c6422b19f6f5834f32d3df4c2,0x6a9edbe12c82e137a90f0b468c64,0x73f2f2383aa091122f26576e94fe,0x9903f776ab3f8256a97f644000e9,0xa02a43cdf9aa345fe83f059cab4,0x2126f8cd27ad55ad88b181e516df,0x383af46653cbacaf3c0cc07a4373,0x50d31689fa2c33f1d5ca0dad9eda,0x8fcb7853f81ab95a1ea3eff79f34,0xd24562795754da7abe213ffc11e,0x16245553948ff7f9ab93f0b4450c,0x2b752adc362e851ae0fd926912,0x5ff32b412642c1d38f3fd4acf949,0x685d0187b607d8ebdaded15fb68f,0x9576dcc1ab851d9d75e83ba2c9ad,0x35582887dff2f5c6fe1250068d56,0x3be7ad8e70f76b69ece8f9dddf29,0xd24562795754da7abe213ffc11e,0x59d0264d4a134fa5a91521b25e46,0x5d06b6d84a20fb67244243f662f3,0x75c1fbc28bb27b5d2db9601fb967,0xa02a43cdf9aa345fe83f059cab4,0x1b3ce71fb5629fcb1475c493e5be,0x26debd9510c16fbed4f6264e8b60,0x4b18961e28de875107675678d78f,0x5ff32b412642c1d38f3fd4acf949,0x73f2f2383aa091122f26576e94fe,0x7bc715a8e3c1adb9cfd960b78cf,0x83afae83c1db7776751d56c3f09f,0x1eea254d861b2dc7ec03b37ef9fb,0x1eea254d861b2dc7ec03b37ef9fb,0x23d28a636bf59c450ca3a2b0ac13,0x3cda4bf9b498a68d4cb65bff6fc0,0x3cda4bf9b498a68d4cb65bff6fc0,0x3cda4bf9b498a68d4cb65bff6fc0,0x5ff32b412642c1d38f3fd4acf949,0x97b83886b82ea3d7fb14de190c09,0x16245553948ff7f9ab93f0b4450c,0x19688f112a61169c9090a4f9918d,0x23d28a636bf59c450ca3a2b0ac13,0x59e9bb001b0d9167dbc39dd544c9,0x8a03676745df01e16745145dd212,0xd24562795754da7abe213ffc11e,0x3c3aed1b4b704aafcabc08342f18,0x75c1fbc28bb27b5d2db9601fb967,0x85c9583a51e9d9596de611a1cd68,0x9404c6232a26f5d671f12d83288,0x4a208f50370fffaefa558538f74c,0x5e908df14753d3ea014ecc28d205,0x83afae83c1db7776751d56c3f09f,0x8a54684d56a3b75673ec3738b547,0x3b4ec3c9a846c4ed851d09ace122,0x45ccd8194a5006d0671bb8c2649,0x28c15b4514c3e2e9bffc82d48b28,0x3a5344ce46409624f2aede274a48,0x12cde484c22a5a8fab7871047fd5,0x2b095bfd71acea1c34fd8a23c004,0x54cbbdfe6d19ca1b7b9f65964ad3,0x580e36ce59978681f893e38d5eca,0x5e908df14753d3ea014ecc28d205,0x674880905956979ce49af33433,0x69af16baca0232732b6f4e9b9022,0xd24562795754da7abe213ffc11e]
>>> for c in arr:
... m=pow(c,d,n)
... print m,
...
11 102 102 72 38 40 108 45 89 117 106 85 97 60 79 103 65 123 10 41 61 55 12 114 92 110 52 99 92 110 126 48 116 33 57 104 108 49 76 58 110 38 89 76 78 32 103 65 99 51 46 116 58 95 124 116 90 90 73 97 52 48 125 10 95 110 53 67 55 68 83 13 39 66 51 88 98 92 80 51 95 45 41 100 39 12 91 58 104 106 84 105 102 80 51 74 92 118 122 114 46 53 51 63 126 95 106 83 49 109 118 58 121 48 123 123 45 33 33 33 118 62 74 11 45 72 60 51 120 95 68 50 54 78 48 103 110 90 125 101 88 56 76 73 78 39 47 51
```
Now for the SIG part, this could be signed using Alice's (192.168.0.17) private key.
RSA has a signing function in which the data is signed using private key and verified using public key.
So we'll be using Alice's public key.

```python
>>> sig=[0x1448ac6eee2b2e91a0a6241e590e,0x19e5013a9e49e660a006a8e9b631,0x38b725b6f99575bcd513811e78cd,0x66e706951133b2d1bfde29dc82a,0x2b15275412244442d9ee60fc91ae,0xc9107666b1cc040a4fc2e89e3e7,0x1cc712adfa8e3895148458fad2c1,0x28d3ccc117d1ad5a54236737bea2,0x4937e2bbe0dbc892a53215f13b21,0x340a2f96c79c275f5bbf341ada8a,0x400a19b82a4700ffc8a7515d7599,0x1188845d5e255b5d73d134dd52b5,0x1188845d5e255b5d73d134dd52b5,0x1378c25048c19853b6817eb9363a,0x1188845d5e255b5d73d134dd52b5,0x1378c25048c19853b6817eb9363a,0x26256f0cdc63fb0913051c9b9b4f,0x25812c2d740250b2c4aec0740ddf,0x1665fb2da761c4de89f27ac80cb,0x77d2d083e702509a6b471242fed,0x66e706951133b2d1bfde29dc82a,0xc040fb2d5e938c81dc8b15bd69b,0x303aab67f07f9ca1976279410fa2,0x12807354f28ce280d0ea7d9726c0,0x30451370b3f5c74000dc7a2532fe,0x3d724abd11a9a1ba703971a46d8d,0x26256f0cdc63fb0913051c9b9b4f,0x1e3b6d4eaf11582e85ead4bf90a9,0x1e3b6d4eaf11582e85ead4bf90a9,0x2b5b628bf8183400cdab7f5870b1,0x1448ac6eee2b2e91a0a6241e590e,0x400a19b82a4700ffc8a7515d7599,0x2e5ab24f9dc21df406a87de0b3b4,0x5037f3325310ec596cf095a27437,0x4ae0f894af2e414835513891bd55,0x1448ac6eee2b2e91a0a6241e590e,0x1188845d5e255b5d73d134dd52b5,0x4ae0f894af2e414835513891bd55,0x30451370b3f5c74000dc7a2532fe,0x1e3b6d4eaf11582e85ead4bf90a9,0x3d724abd11a9a1ba703971a46d8d,0x12ae909d2382b738caf4137d7947,0x4222c74411872367778be602e345,0x12ae909d2382b738caf4137d7947,0x2ccd9e623aa565fccd7b0fa7b0aa,0x38fc17600d3267841954e06855f3,0x1378c25048c19853b6817eb9363a,0x3023802e8921f6a47629b651c123,0x4937e2bbe0dbc892a53215f13b21,0x25812c2d740250b2c4aec0740ddf,0x443a54ee80465ea8794310bfc99,0x51c7d5caa67534b496fcf67b7157,0xc040fb2d5e938c81dc8b15bd69b,0x2b5b628bf8183400cdab7f5870b1,0xea818187da5a9d045e2d6e429d2,0x2e5ab24f9dc21df406a87de0b3b4,0x2ccd9e623aa565fccd7b0fa7b0aa,0xaad7220a88954e41e5550f1c1f,0x11bd1eea744e5965d04ee772fb9,0x94cbc50c353524255f889bce658,0xc9107666b1cc040a4fc2e89e3e7,0x400a19b82a4700ffc8a7515d7599,0x38fc17600d3267841954e06855f3,0x400a19b82a4700ffc8a7515d7599,0x2b5b628bf8183400cdab7f5870b1,0x303aab67f07f9ca1976279410fa2,0x3911b5a6218f4c18220e81f0b863,0x94cbc50c353524255f889bce658,0x4b65df436053ac77b39ee9af1c7b,0x74f5876df726ce1f4f0595d04dd,0x38b725b6f99575bcd513811e78cd,0x2bc3bf947c0e85444aa13efa1c15,0xd6268f00fe0e2964d56458f59e2,0x2f309d89b89368110a9aee62287f,0x208babd43638118bfbfa24675ee9,0x11681ed9707adaf16d0bae66c042,0x1b8bdf9468f81ce33a0da2a8bfbe,0xaad7220a88954e41e5550f1c1f,0x5037f3325310ec596cf095a27437,0x208babd43638118bfbfa24675ee9,0x2b5b628bf8183400cdab7f5870b1,0x2598f02931e3e1ad5ea7f483acb3,0x1188845d5e255b5d73d134dd52b5,0x30451370b3f5c74000dc7a2532fe,0x198901d5373ea225cc5c0db66987,0x43c5738ead6df476d2c79dcb6036,0x4b65df436053ac77b39ee9af1c7b,0x11bd1eea744e5965d04ee772fb9,0x1448ac6eee2b2e91a0a6241e590e,0x3d939c9477d93bfc83dd97c5f2f9,0xd6268f00fe0e2964d56458f59e2,0x38c726b2e4a698bb0cfca6e682d,0x778234903a0d0b3cf9a87863874,0xd6268f00fe0e2964d56458f59e2,0x208babd43638118bfbfa24675ee9,0x4b65df436053ac77b39ee9af1c7b,0x1cc712adfa8e3895148458fad2c1,0x38c726b2e4a698bb0cfca6e682d,0x2598f02931e3e1ad5ea7f483acb3,0x3d939c9477d93bfc83dd97c5f2f9,0x443a54ee80465ea8794310bfc99,0x3ac988efc5ae6e71bd3e5b5674c0,0x208babd43638118bfbfa24675ee9,0x2bc3bf947c0e85444aa13efa1c15,0x3b2542ed2f769ff9e53e1c3c5cd0,0x2b5b628bf8183400cdab7f5870b1,0x3d939c9477d93bfc83dd97c5f2f9,0x3b2542ed2f769ff9e53e1c3c5cd0,0x3504d9dd19695ed81f7a8fc8cb8f,0x5037f3325310ec596cf095a27437,0x1cc712adfa8e3895148458fad2c1,0x34d88894275b367fc7ecbb69dced,0x3b2542ed2f769ff9e53e1c3c5cd0,0x400a19b82a4700ffc8a7515d7599,0x33ddbc5a1173a5289bbd500e34f9,0xd6268f00fe0e2964d56458f59e2,0x94cbc50c353524255f889bce658,0x1cc712adfa8e3895148458fad2c1,0x3b2542ed2f769ff9e53e1c3c5cd0,0xdebdce6e3fbef92eb2562ac6ef7,0x66e706951133b2d1bfde29dc82a,0x280695a2d75efb8f1541c1ad7c9d,0x994dab0aabe9ab39ce415d9b4ba,0x1448ac6eee2b2e91a0a6241e590e,0x6bdde355d45827a6745026f4d2e,0x26256f0cdc63fb0913051c9b9b4f,0x443a54ee80465ea8794310bfc99,0x208babd43638118bfbfa24675ee9,0x4744b4f2a0bedceb58ed113af7b4,0x2b5b628bf8183400cdab7f5870b1,0x50dd9d772192f52389873a6988d9,0x94cbc50c353524255f889bce658,0x2b5b628bf8183400cdab7f5870b1,0x43c5738ead6df476d2c79dcb6036,0x400a19b82a4700ffc8a7515d7599,0x280695a2d75efb8f1541c1ad7c9d,0x3d724abd11a9a1ba703971a46d8d,0x18d846b261fa274b823f32702535,0x30193e58d50f7393b0591f2a7acc,0x1448ac6eee2b2e91a0a6241e590e,0x1cd095e64569fd2c63fc2b8b5473,0x3d939c9477d93bfc83dd97c5f2f9,0x1cd095e64569fd2c63fc2b8b5473,0x2b15275412244442d9ee60fc91ae,0x19e5013a9e49e660a006a8e9b631,0x4937e2bbe0dbc892a53215f13b21,0x4455324cb749b859704230d4318d,0x198901d5373ea225cc5c0db66987]
>>> p= 38456719616722997
>>> q= 44106885765559411
>>> n=1696206139052948924304948333474767
>>> e=0x10001
>>> for c in sig:
... m=pow(c,e,n)
... print m,
...
104 102 122 118 40 47 108 74 106 66 48 97 97 103 97 103 46 123 87 12 118 61 126 9 96 110 46 43 43 95 104 48 116 109 49 104 97 49 96 43 110 115 119 115 75 38 103 44 106 123 77 69 61 95 32 116 75 107 70 11 47 48 38 48 95 126 53 11 71 112 122 124 64 100 51 67 99 107 109 51 95 33 97 96 37 101 71 70 104 114 64 63 93 64 51 71 108 63 33 114 77 88 51 124 117 95 114 117 45 109 108 86 117 48 92 64 11 108 117 79 118 90 52 104 42 46 77 51 113 95 36 11 95 101 48 90 110 94 125 104 39 114 39 40 102 106 120 37
```

Now we have two lists of numbers < 127 . they can be ascii characters. printing them as such doesn't give any info. Then we use why the Signing was actually implemented, to verify legit data.

Finally

```python
>>> data=[11,102,102,72,38,40,108,45,89,117,106,85,97,60,79,103,65,123,10,41,61,55,12,114,92,110,52,99,92,110,126,48,116,33,57,104,108,49,76,58,110,38,89,76,78,32,103,65,99,51,46,116,58,95,124,116,90,90,73,97,52,48,125,10,95,110,53,67,55,68,83,13,39,66,51,88,98,92,80,51,95,45,41,100,39,12,91,58,104,106,84,105,102,80,51,74,92,118,122,114,46,53,51,63,126,95,106,83,49,109,118,58,121,48,123,123,45,33,33,33,118,62,74,11,45,72,60,51,120,95,68,50,54,78,48,103,110,90,125,101,88,56,76,73,78,39,47,51]
>>>
>>> sig=[104,102,122,118,40,47,108,74,106,66,48,97,97,103,97,103,46,123,87,12,118,61,126,9,96,110,46,43,43,95,104,48,116,109,49,104,97,49,96,43,110,115,119,115,75,38,103,44,106,123,77,69,61,95,32,116,75,107,70,11,47,48,38,48,95,126,53,11,71,112,122,124,64,100,51,67,99,107,109,51,95,33,97,96,37,101,71,70,104,114,64,63,93,64,51,71,108,63,33,114,77,88,51,124,117,95,114,117,45,109,108,86,117,48,92,64,11,108,117,79,118,90,52,104,42,46,77,51,113,95,36,11,95,101,48,90,110,94,125,104,39,114,39,40,102,106,120,37]

>>> for i in xrange(149):
... if data[i]==sig[i]:
... print chr(sig[i]),
...
f l a g { n 0 t h 1 n g _ t 0 _ 5 3 3 _ h 3 r 3 _ m 0 v 3 _ 0 n }
```

Flag
> flag{n0th1ng_t0_533_h3r3_m0v3_0n}

Original writeup (https://github.com/ByteBandits/writeups/tree/master/hack.lu-ctf-2015/crypto/Creative%20Cheating/sudhackar).

Creative Cheating

Comments

Sign in with