2012年2月26日 星期日

曲基2012 CTF賽後報告

玩左成日捽到兩題。

第一題 M1 明眼人一睇就知係 Substitution Cipher (好似係)
自從上年玩完 DEFCON 19 CTF 之後睇走過睇到有個 Tool 叫 Decrypto 之後
Purplehell 個爛鬼 Cryptogram Solver 從此就封塵

問題:
Az hrb eix mcc gyam mcxgixec rokaxioaqh hrb mrqpck gyam lbamgarx oatygqh Erxtoigbqigarx Gidc hrbg gasc gr koaxd erzzcc zro i jyaqc Kr hrb ocqh rx Ockubqq ro Yrg man?
Gyc ixmjco am dccqihrbgm
將句野掉去 Decrypto 一解就解到 (好似係)

解:
If you can see this sentance ordinarily you solved this ~uistion rightly Congratulation Take yout time to drink coffee for a while Do you rely on Red~ull or Hot si~? The answer is keelayouts

個 tilde 係指「未知字元」, 我估係 q 。
答案: keelayouts


另一題 M4 俾個左個網站 backup 既 zip,入面有段奇怪 javascript 響個 js file:
eval(function(p,a,c,k,e,d){e=function(c){return c};if(!''.replace(/^/,String)){while(c--){d[c]=k[c]||c}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('12 7=["\\10\\8\\26\\21\\16\\25\\8","","\\21\\8\\20\\14\\22\\24","\\23\\27\\30\\23\\22\\10\\29\\20\\14","\\31\\10\\17\\28\\18\\24\\16\\10\\18\\17\\35\\8"];32 37(5){5=5[7[0]](/ /15,1);5=5[7[0]](/\\38/15,0);12 13=5;5=7[1];19(6=0;6<13[7[2]];6++){5=13[7[3]](6,6+1)+5};12 11=7[1];19(6=0;6<5[7[2]];6+=9){11+=36[7[4]](33(5[7[3]](6,6+9),2))};34(11)};',10,39,'|||||_0x272dx2|i|_0xfd3a|x65||x72|_0x272dx4|var|_0x272dx3|x67|g|x61|x6F|x43|for|x6E|x6C|x74|x73|x68|x63|x70|x75|x6D|x69|x62|x66|function|parseInt|eval|x64|String|c|t'.split('|'),0,{}))

又 eval p,a,c,k,e,d
之前搵到個幾好既方法 unpack 個 eval:

oldEval=eval;
function eval(a){
document.write(a + '<hr />');
oldEval(a);
}

解一次出:
var _0xfd3a=["\x72\x65\x70\x6C\x61\x63\x65","","\x6C\x65\x6E\x67\x74\x68","\x73\x75\x62\x73\x74\x72\x69\x6E\x67","\x66\x72\x6F\x6D\x43\x68\x61\x72\x43\x6F\x64\x65"];function c(_0x272dx2){_0x272dx2=_0x272dx2[_0xfd3a[0]](/ /g,1);_0x272dx2=_0x272dx2[_0xfd3a[0]](/\t/g,0);var _0x272dx3=_0x272dx2;_0x272dx2=_0xfd3a[1];for(i=0;i<_0x272dx3[_0xfd3a[2]];i++){_0x272dx2=_0x272dx3[_0xfd3a[3]](i,i+1)+_0x272dx2};var _0x272dx4=_0xfd3a[1];for(i=0;i<_0x272dx2[_0xfd3a[2]];i+=9){_0x272dx4+=String[_0xfd3a[4]](parseInt(_0x272dx2[_0xfd3a[3]](i,i+9),2))};eval(_0x272dx4)};

又有 eval 喎,試下再解多次啦,冇野出。咁即係個 eval 冇 call 到,極有可能係響個 function 入面。
咁我又試下 list out global property:

for (i in window){
document.write('Property = ' + i + '
Value = ' + window[i] + '<hr />')
}

(你見我上面用 a 下面用 i 都知兩段野應該係唔知邊度抄返黎。)
解:
Property = _0xfd3a
Value = replace,,length,substring,fromCharCode
Property = c
Value = function c(_0x272dx2){_0x272dx2=_0x272dx2[_0xfd3a[0]](/ /g,1);_0x272dx2=_0x272dx2[_0xfd3a[0]](/\t/g,0);var _0x272dx3=_0x272dx2;_0x272dx2=_0xfd3a[1];for(i=0;i<_0x272dx3[_0xfd3a[2]];i++){_0x272dx2=_0x272dx3[_0xfd3a[3]](i,i+1)+_0x272dx2};var _0x272dx4=_0xfd3a[1];for(i=0;i<_0x272dx2[_0xfd3a[2]];i+=9){_0x272dx4+=String[_0xfd3a[4]](parseInt(_0x272dx2[_0xfd3a[3]](i,i+9),2))};eval(_0x272dx4)}

原來有個 function c。如果你執靚佢會見到將個咩 _0x272dx2 replace(/ /g,0) 同埋 replace(/\t/g,0) 之後又唔知 substring 乜春。我估個 c 個 input 係一大堆 space 同 tab,好似果題俾人_到飛起既埃屍 R29
之後我就諗點撞個 input parameter,後來有位朋友搵到個網有一度 call 個 function c。之後我抄左果段野,個input parameter 真係一大堆 space 同 tab。整果條友真係好得閒。

果段野(我估個 blog 實食晒我堆 space 同 tab):
c(' ');

之後將呢段野加埋頭先unpack左一次果段放埋一齊,然後又用 個 eval unpack 解多下:
if(new Date().getTime()>1330268400000){ var dummya = '1'; var dummyb = '1'; var dummyv = '1'; var dummyc = '1'; var dummys = '1'; var dummyae = '1'; var dummyasefa = '1'; var dummeya = '1'; var dummya = '1'; var dum3mya = '1'; var dumm54ya = '1'; var dumm3ya = '1'; var dum1mya = '1'; var p = 'YTK4YPT1YK48PTK48TK34PTYK6TDKT5P2KT73TKPY4TBTK3TT4YKT4ETK4YTP7K4T6KT30TKYP7T2KYT33TKP7TY6KTYP33TKPY7PT2YT'; p = p.replace(/T/g,'').replace(/P/g,'').replace(/Y/g,'').replace(/K/g,'%'); var authkey = unescape(p); }


var authkey = unescape(p) 囉。
仲要有個無聊 if,check 下你電腦個時間過左比賽 deadline 未。
係咁以刪左個 if 之後 alert 或者 document.write 返個 authkey,出:
AHH4mRsK4NGF0r3v3r

呢題竟然值300分。 果堆100分題 (除M1) 難到痴晒線,但係答唔到100分又唔俾答「更難(好似係)」既題目,真係吹脹。



今朝起身見到題 M5 俾人答左。 我Download晒d題目之後開黎玩下
Let's view the problem from another angle.
Decrypt it.
RDCVGF_YGBNJU_TGBNM_YGBNJU_TGBNM_TGBNM_YGBNJU_TGBNM

咁多重覆。 我放去個 substitution cipher program 玩下結果出 0 result found。 即係唔係英文生字啦。
之後諗返 D 無聊 Ribble 題種。其中一個係用個 Keyword 畫返個字。畫下又真係畫到D野
GOLOLLOL
答下話我錯喎。
再諗下D 其他無聊 Ribble 題種。其中一種係計數機調轉放。我見個 G 又好似 6 咁又試下調轉放: 70770709
又錯囉

剩返果2分鐘都廢鬼事試 等走過
後來問返人原來係 G_O_L_O_L_L_O_L
真係 ck, ck, ck 。(* 唔係粗口)



Online ribble 最忌題目爛,我地又回顧下經典既四大門神 爛題目:

當年要 Brute force 個答案。點解叫四大門神自己諗下,同個答案有關。

今次個曲基又好似有 D 要 Brute force 喎,好似 M2 M3 咁。撞到下年佛誕都未撞完

M2:
Alice wants to send a message to Bob in secure way.
Alice encrypted a plaintext PA = ※IMISSYOU§ = 0x494D495353594F55 by using DES and obtained ciphertext CA = 0xFA26ED1833264435.
Alice sent the ciphertext CA and the secret key to Bob. The secret key was encrypted by converting each of its letters to a pair of digits giving its position in the typewriter keyboard. More precisely, the following table is used.

1 2 3 4 5 6 7 8 9 0
1 Q W E R T Y U I O P
2 A S D F G H J K L
3 Z X C V B N M

In this manner, 'A' is converted to 21, 'B' to 35, etc. In transmission, all of the first digits were lost and the received secret key resulted in the pairs:
?8 ?9 ?9 ?4 ?3 ?5 ?9 ?5

After a few minutes, Bob recovered the secret key and smiled. Bob decided to reply in the same way.
Bob encrypts a plaintext PB = 0xB6B2B6ACACA6B0AA by using DES and obtained ciphertext CB = 0x05D912E7CCD9BBCA.
What is the secret key which Bob used? (0x????????????????) (Bob*s secret key is different from Alice*s secret key)

Answer: strupr(????????????????)

解左一陣解到條 Key 係 ILOVEBOB,亦都 verify 左。
之後條題目寫住 "Bob decided to reply in the same way." 即係會 send 返個 cipher text 同埋 encrypted key 俾 Alice 啦。
咁個 key 既 domain 係 8個大楷英文字母,要撞 26^8,OMG
經我研究之後發現 DES 係用 56 bits key (真係天大既秘密。),你入個 64 bits 既 key 佢會幫你 trim 下,原來條 key BBBBBBBB 同 CCCCCCCC 係一樣。結論係有14組字母:
A, B=C, D=E, F=G, ... V=W, X=Y, Z
都要撞 14^8,真係開心。冇超級電腦 / Server farm 撞唔到啦,唔通要去買 cloud 咩。
咁撞法撞到天光都未撞到。天光都比賽完啦。結果求其拿d 字典字去撞算,因為我估 Bob 會 send 返咩 ILOVEYOU 果類野。最後梗係撞唔到。

睇走過睇到 P_A XOR P_B = 0xFF, C_A XOR C_B = 0xFF 所以 K_A XOR K_B = 0xFF
真係睇到我媽叉聲。又話會 send 返條 encrypted key,即係出錯題啦。
如果啊 V先生發現到 P_A 同 P_B 個 pattern 一樣就好。我地仲以為 P_B 係D表情符號定韓文。

不過點都好,有得玩好過冇得玩。我都明白出題目係好難。
所以呢種情況成日發生:http://ozetta.net/aor/pon.html
A先生: will have.

。- 完 -


練習題:用 eval unpack 解埃屍 R35 果條 a[6]。包你解到媽叉聲。