BuckeyeCTF 2023 - Electronical
Description
Category: Crypto
Author: jm8
I do all my ciphering electronically
Resolution
1. Overview
The website allows us to encrypt our input and return a hex string.
We have access to the source code and we noticed that the flag is concatenated with our input and then encrypted with AES in ECB mode:
1
2
3
4
5
6
7
8
9
10
@app.get('/encrypt')
def handle_encrypt():
param = request.args.get('message')
if not param:
return abort(400, "Bad")
if not isinstance(param, str):
return abort(400, "Bad")
return encrypt(param + flag).hex()
The challenge is a classic chosen plaintext attack on AES in ECB mode.
I followed this excellent guide Attacking ECB - Zach Grace to perform the same attack.
2. Attack (WIP)
More details will be added when I will have the time.
Here is the implementation written in Python to get the flag:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
import requests
import string
L = string.ascii_letters + string.digits + '_{}'
flag = ''
def get_ciphertext(payload):
params = {'message': payload}
r = requests.get('https://electronical.chall.pwnoh.io/encrypt', params=params)
return r.content
while not flag.endswith('}'):
known = 'a'*(3*16-len(flag)-1)
known_enc = get_ciphertext(known)
for c in L:
check = 'a'*(3*16-len(flag)-1) + flag + c
check_enc = get_ciphertext(check)
if known_enc[64:96] == check_enc[64:96]:
flag += c
print(flag)
break
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
b
bc
bct
bctf
bctf{
bctf{1
bctf{1_
bctf{1_c
bctf{1_c4
bctf{1_c4n
bctf{1_c4n7
bctf{1_c4n7_
bctf{1_c4n7_b
bctf{1_c4n7_b3
bctf{1_c4n7_b3l
bctf{1_c4n7_b3l1
bctf{1_c4n7_b3l13
bctf{1_c4n7_b3l13v
bctf{1_c4n7_b3l13v3
bctf{1_c4n7_b3l13v3_
bctf{1_c4n7_b3l13v3_u
bctf{1_c4n7_b3l13v3_u_
bctf{1_c4n7_b3l13v3_u_f
bctf{1_c4n7_b3l13v3_u_f0
bctf{1_c4n7_b3l13v3_u_f0u
bctf{1_c4n7_b3l13v3_u_f0un
bctf{1_c4n7_b3l13v3_u_f0und
bctf{1_c4n7_b3l13v3_u_f0und_
bctf{1_c4n7_b3l13v3_u_f0und_m
bctf{1_c4n7_b3l13v3_u_f0und_my
bctf{1_c4n7_b3l13v3_u_f0und_my_
bctf{1_c4n7_b3l13v3_u_f0und_my_c
bctf{1_c4n7_b3l13v3_u_f0und_my_c0
bctf{1_c4n7_b3l13v3_u_f0und_my_c0d
bctf{1_c4n7_b3l13v3_u_f0und_my_c0d3
bctf{1_c4n7_b3l13v3_u_f0und_my_c0d3b
bctf{1_c4n7_b3l13v3_u_f0und_my_c0d3b0
bctf{1_c4n7_b3l13v3_u_f0und_my_c0d3b00
bctf{1_c4n7_b3l13v3_u_f0und_my_c0d3b00k
bctf{1_c4n7_b3l13v3_u_f0und_my_c0d3b00k}
bctf{1_c4n7_b3l13v3_u_f0und_my_c0d3b00k}
This post is licensed under
CC BY 4.0
by the author.