Post

BuckeyeCTF 2023 - Electronical

Posted
By Nolliv22 1 min read

Description

Category: Crypto

Author: jm8

I do all my ciphering electronically

https://electronical.chall.pwnoh.io

Resolution

1. Overview

The website allows us to encrypt our input and return a hex string.

We have access to the source code and we noticed that the flag is concatenated with our input and then encrypted with AES in ECB mode:

1
2
3
4
5
6
7
8
9
10

@app.get('/encrypt')
def handle_encrypt():
    param = request.args.get('message')

    if not param:
        return abort(400, "Bad")
    if not isinstance(param, str):
        return abort(400, "Bad")

    return encrypt(param + flag).hex()

The challenge is a classic chosen plaintext attack on AES in ECB mode.

I followed this excellent guide Attacking ECB - Zach Grace to perform the same attack.

2. Attack (WIP)

More details will be added when I will have the time.

Here is the implementation written in Python to get the flag:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24

import requests
import string

L = string.ascii_letters + string.digits + '_{}'

flag = ''

def get_ciphertext(payload):
    params = {'message': payload}
    r = requests.get('https://electronical.chall.pwnoh.io/encrypt', params=params)
    return r.content

while not flag.endswith('}'):
    known = 'a'*(3*16-len(flag)-1)
    known_enc = get_ciphertext(known)

    for c in L:
        check = 'a'*(3*16-len(flag)-1) + flag + c
        check_enc = get_ciphertext(check)

        if known_enc[64:96] == check_enc[64:96]:
            flag += c
            print(flag)
            break

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40

b
bc
bct
bctf
bctf{
bctf{1
bctf{1_
bctf{1_c
bctf{1_c4
bctf{1_c4n
bctf{1_c4n7
bctf{1_c4n7_
bctf{1_c4n7_b
bctf{1_c4n7_b3
bctf{1_c4n7_b3l
bctf{1_c4n7_b3l1
bctf{1_c4n7_b3l13
bctf{1_c4n7_b3l13v
bctf{1_c4n7_b3l13v3
bctf{1_c4n7_b3l13v3_
bctf{1_c4n7_b3l13v3_u
bctf{1_c4n7_b3l13v3_u_
bctf{1_c4n7_b3l13v3_u_f
bctf{1_c4n7_b3l13v3_u_f0
bctf{1_c4n7_b3l13v3_u_f0u
bctf{1_c4n7_b3l13v3_u_f0un
bctf{1_c4n7_b3l13v3_u_f0und
bctf{1_c4n7_b3l13v3_u_f0und_
bctf{1_c4n7_b3l13v3_u_f0und_m
bctf{1_c4n7_b3l13v3_u_f0und_my
bctf{1_c4n7_b3l13v3_u_f0und_my_
bctf{1_c4n7_b3l13v3_u_f0und_my_c
bctf{1_c4n7_b3l13v3_u_f0und_my_c0
bctf{1_c4n7_b3l13v3_u_f0und_my_c0d
bctf{1_c4n7_b3l13v3_u_f0und_my_c0d3
bctf{1_c4n7_b3l13v3_u_f0und_my_c0d3b
bctf{1_c4n7_b3l13v3_u_f0und_my_c0d3b0
bctf{1_c4n7_b3l13v3_u_f0und_my_c0d3b00
bctf{1_c4n7_b3l13v3_u_f0und_my_c0d3b00k
bctf{1_c4n7_b3l13v3_u_f0und_my_c0d3b00k}

bctf{1_c4n7_b3l13v3_u_f0und_my_c0d3b00k}

Writeups, BuckeyeCTF 2023
Cryptography
This post is licensed under CC BY 4.0 by the author.