⏪
CTFs
TwitterGithub
  • 👋Introduction
  • 📚Write Up
    • 2024
      • 📖1337UP LIVE CTF
        • Reverse Engineering
        • Mobile
        • Forensic
        • Misc
      • 📖HKCERT CTF Quals
        • Reverse Engineering
        • Binary Exploitation
      • 📖Flare-On 11
        • Challenge #1 - frog
      • 📖Intechfest
        • Reverse Engineering
        • Forensic
        • Cryptography
        • Mobile
      • 📖Cyber Breaker Competition (1v1)
        • Reverse Engineering
        • Web Exploitation
        • Cryptography
        • Binary Exploitation
      • 📖Cyber Breaker Competition Quals
        • Reverse Engineering
        • Web Exploitation
        • Cryptography
      • 📖BlackHat MEA Quals
        • Reverse Engineering
        • Forensic
      • 📖TFC CTF
        • Reverse Engineering
        • Forensic
        • Misc
      • 📖DeadSec CTF
        • Reverse Engineering
        • Web Exploitation
      • 📖Aptos - Code Collision CTF
        • Reverse Engineering
        • Misc
      • 📖DownUnder CTF
        • Reverse Engineering
      • 📖JustCTF
        • Reverse Engineering
        • Forensic
        • Misc
      • 📖Akasec CTF
        • Reverse Engineering
        • Forensic
      • 📖Codegate CTF Preliminary
        • Reverse Engineering
      • 📖NahamCon CTF
        • Cryptography
        • Reverse Engineering
        • Malware
        • Misc
        • Mobile
        • Scripting
        • Web Exploitation
        • Forensic
      • 📖SAS CTF Quals
        • Reverse Engineering
      • 📖SwampCTF
        • Reverse Engineering
        • Misc
        • Cryptography
      • 📖UNbreakable International
        • Reverse Engineering
        • Network
        • Cryptography
      • 📖ACSC
        • Reverse Engineering
        • Hardware
        • Web Exploitation
      • 📖0xL4ugh
        • Mobile
    • 2023
      • 📖BlackHat MEA Final
        • Reverse Engineering
        • Web Exploitation
      • 📖Flare-On 10
        • Challenge #1 - X
        • Challenge #2 - ItsOnFire
        • Challenge #3 - mypassion
        • Challenge #4 - aimbot
        • Challenge #5 - where_am_i
        • Challenge #6 - FlareSay
        • Challenge #7 - flake
        • Challenge #8 - AmongRust
        • Challenge #9 - mbransom
        • Challenge #10 - kupo
        • Challenge #11 - over_the_rainbow
        • Challenge #12 - HVM
        • Challenge #13 - y0da
      • 📖LakeCTF Quals
        • Reverse Engineering
        • Cryptography
      • 📖TSG CTF
        • Reverse Engineering
        • Cryptography
      • 📖ISITDTU Quals
        • Web Exploitation
        • Misc
        • Reverse Engineering
      • 📖BlackHat MEA Quals
        • Reverse Engineering
      • 📖ASCIS Final
        • Reverse Engineering
        • Web Exploitation
        • Cryptography
      • 📖ASCIS Quals
        • Reverse Engineering
        • Forensic
        • Cryptography
      • 📖IFest
        • Reverse Engineering
        • Cryptography
        • Misc
      • 📖Cyber Jawara International
        • Reverse Engineering
        • Forensic
        • Cryptography
        • Web Exploitation
      • 📖Intechfest
        • Reverse Engineering
        • Forensic
        • Cryptography
        • Mobile
      • 📖CSAW Quals
        • Reverse Engineering
      • 📖SECCON Quals
        • Reverse Engineering
      • 📖CTFZone Quals
        • Reverse Engineering
      • 📖Securinets Quals
        • Reverse Engineering
      • 📖Compfest Final (Attack Defense)
        • Web Exploitation
        • Cryptography
      • 📖Compfest Quals
        • Reverse Engineering
        • Cryptography
        • Forensic
        • Misc
      • 📖Tenable
        • Reverse Engineering
        • Cryptography
        • Steganography
      • 📖ASCWG Quals
        • Reverse Engineering
        • Cryptography
      • 📖Gemastik Quals
        • Reverse Engineering
      • 📖BSides Indore
        • Reverse Engineering
        • Cryptography
      • 📖NahamCon CTF
        • Cryptography
      • 📖HSCTF
        • Reverse Engineering
        • Cryptography
        • Web Exploitation
        • Misc
      • 📖ACSC
        • Reverse Engineering
      • 📖HackTM Quals
        • Reverse Engineering
    • 2022
      • 📖Intechfest
        • Reverse Engineering
        • Mobile
        • Cryptography
      • 📖NCW Final
        • Reverse Engineering
      • 📖NCW Quals
        • Reverse Engineering
        • Misc
        • Cryptography
      • 📖Compfest Final
        • Reverse Engineering
        • Forensic
      • 📖Compfest Quals
        • Reverse Engineering
        • Cryptography
      • 📖IFest
        • Reverse Engineering
        • Cryptography
        • Forensic
    • 2021
      • 📖Cyber Jawara Final
        • Reverse Engineering
      • 📖Cyber Jawara Quals
        • Reverse Engineering
        • Cryptography
      • 📖DarkCon CTF
        • Reverse Engineering
      • 📖Wreck IT Quals
        • Mobile
      • 📖MDT4.0 Final
        • Reverse Engineering
        • Cryptography
        • Forensic
      • 📖MDT4.0 Quals
        • Reverse Engineering
        • Cryptography
      • 📖IFest
        • Reverse Engineering
        • Cryptography
      • 📖Compfest Final
        • Reverse Engineering
      • 📖Compfest Quals
        • Reverse Engineering
        • Cryptography
    • 2020
      • 📖Deep CTF
        • Reverse Engineering
  • 🚩Lifetime CTF
    • 📖Hack The Box
      • Reverse Engineering
        • TBU
Powered by GitBook
On this page
  • Kata Pengantar (100 pts)
  • Description
  • Solution
  • Kisinik Kripti Algoritem (223 pts)
  • Description
  • Solution
  • Kepapasan (431 pts)
  • Description
  • Solution
  • Rabun Genap (431 pts)
  • Description
  • Solution
  1. Write Up
  2. 2022
  3. IFest

Cryptography

Challenge
Link

Kata Pengantar (100 pts)

Kisinik Kripti Algoritem (223 pts)

Kepapasan (431 pts)

Rabun Genap (431 pts)

Kata Pengantar (100 pts)

Description

-

Solution

Diberikan file txt sebagai berikut

Cjixoxv Qxvxtp qz ZBJCV 2022!

Wxz cjonx! Xfxgxw gxizxt djlcjoxtpxv ntvng djlgyofjvzcz?
Gnwxlxf gxizxt cjonx fntux cjoxtpxv uxtp cxox qjtpxtgn!
Cjoxtpxv vzqxg wxtux djlqxofxg fxqx gxizxt cxex, vjvxfz
enpx vjlwxqxf vjoxt-vjoxt gxizxt, exqz vjvxfixw cjoxtpxv!
Xuy xmxiz fjlenxtpxton qjtpxt ojojkxwgxt cyxi ztz!
Gxon fxcvz dzcx! ztz, bixptux xqx qzdxmxw ! 
ZBJCV22{1ii_cv4u_du_u0nl_c1q3_qdx943210}

Gunakan quipquip , mendapatkan string yang bisa terbaca namun ada beberapa kesalahan. Lakukan pembenaran secara manual dengan memetakan nilai yang tepat. Berikut pemetaan yang kami gunakan untuk mendapatkan flag

Cjixoxv=Selamat Qxvxtp=Datang qz=di ZBJCV=IFEST cjonx=semua 
djlcjoxtpxv=bersemangat

Flag : IFEST22{1ll_st4y_by_y0ur_s1d3_dba943210}

Kisinik Kripti Algoritem (223 pts)

Description

-

Solution

Bisa dilihat hasil enkripsi berulang dan nilai untuk setiap index sama pemetaannya. Misal AB dengan CB , maka nilai ciphertext B akan sama. Jadi tinggal leak semua kemungkinan dan petakan ke plaintext. Berikut solver yang kami gunanakn

from pwn import *
import string

length = 38
r = remote("103.185.38.244",9989)

r.recvuntil(b"Pilih: ")
r.sendline(b"3")
r.recvuntil(b"Hasil: ")
ct = r.recvline().strip().decode()
list_pt = string.printable[:-6]
list_map = [[] for _ in range(length)]
for i in list_pt:
	r.recvuntil(b"Pilih: ")
	r.sendline(b"1")
	r.recvuntil(b"string: ")
	payload = i.encode()*length
	r.sendline(payload)
	r.recvuntil(b"Hasil: ")
	tmp = r.recvline().strip().decode()
	for j in range(len(tmp)):
		list_map[j].append(tmp[j])
flag = ""
for i in range(len(ct)):
	flag += list_pt[list_map[i%length].index(ct[i])]
print(flag)

Flag : IFEST22{ad03h_k03ntj1ku_k3t4hu4n_ini_random_string_biar_ga_di_brute_force_sama_kamu}

Kepapasan (431 pts)

Description

-

Solution

Diberikan source code sebagai berikut

from Crypto.Cipher import AES
import random
from Crypto.Util.Padding import pad


# J: So for the key, I use 5 random digits and repeat it until i get 16 bytes
# M: What? Man, i was using the exact same formula!

first_key = b""
second_key = b""
FLAG = b"IFEST22{REDACTED}"

def generateKey():
	global first_key, second_key
	first_key = (str(random.randint(0, 99999)).zfill(5)*4)[:16].encode()
	second_key = (str(random.randint(0, 99999)).zfill(5)*4)[:16].encode()

def encrypt(plaintext, a, b):
	cipher = AES.new(a, mode=AES.MODE_ECB)
	ct = cipher.encrypt(pad(plaintext, 16))
	cipher = AES.new(b, mode=AES.MODE_ECB)
	ct = cipher.encrypt(ct)
	return ct.hex()

def main():
	generateKey()
	print("Here's your flag, but encrypted heheh:", encrypt(FLAG, first_key, second_key))
	while True:
		print("Text to encrypt:")
		plain = input(">> ")
		print("result:", encrypt(plain.encode(), first_key, second_key))

if __name__ == '__main__':
	main()

Mirip soal pico ctf , kebetulan kemaren ngerjain. Jadi gunakan script yang sama tinggal ubah des (di pico) menjadi aes. Vulnya adalah meet-in-the-middle , intinya decrypt hasil enkripsi known untuk key1 dan encrypt known untuk dapat key1 dimana hasil decrypt enkripsi known dengan key2 == hasil encrypt known dengan key1 . Berikut solver yang kami gunakan

from Crypto.Cipher import AES
import random
from Crypto.Util.Padding import pad
from pwn import *

payload = b"a"
inp = pad(payload,16)
r = remote("kepapasan.user.cloudjkt01.com",9977)
r.recvuntil(b"heheh: ")
ct_flag = bytes.fromhex(r.recvline().strip().decode())
r.recvuntil(b">> ")
r.sendline(payload)
r.recvuntil(b"result: ")
enc_inp = bytes.fromhex(r.recvline().strip().decode())
r.close()
list_key1 = {}
list_key2 = {}
for i in range(0, 99999+1):
	key = (str(i).zfill(5)*4)[:16].encode()
	cipher1 = AES.new(key, AES.MODE_ECB)
	enc_msg = cipher1.encrypt(inp)
	dec_msg = cipher1.decrypt(enc_inp)
	list_key1[enc_msg] = key
	list_key2[dec_msg] = key

tmp = list_key1.keys() & list_key2.keys()
print(tmp)
index = tmp.pop()
key1 = list_key1[index]
key2 = list_key2[index]
print(f"Key 1 : {key1}")
print(f"Key 2 : {key2}")
cipher1 = AES.new(key1, AES.MODE_ECB)
cipher2 = AES.new(key2, AES.MODE_ECB)

enc_msg = cipher2.decrypt(ct_flag)
flag = cipher1.decrypt(enc_msg)
print(flag)

Flag : IFEST22{Prepare_for_AES_Trouble_and_make_it_AES_Double}

Rabun Genap (431 pts)

Description

-

Solution

Diberikan source code sebagai berikut

from Crypto.Util.number import *
import random
from sympy import *

FLAG = b"IFEST22{REDACTED}"
def generate_prime():
	p = getPrime(512)
	q = nextprime(p)
	while p%4 != 3 or q%4 !=3:
		p = getPrime(512)
		q = nextprime(p)
	return p, q

def encrypt(m, n):
	return pow(m, 32, n)

p, q = generate_prime()
n = p*q
m = bytes_to_long(FLAG)

ct = encrypt(m, n)

file = open('out.txt', 'w')
file.write(f"n = {n}\nct = {ct}")
from Crypto.Util.number import *
import gmpy2
from sympy import *

n = 167369799324048138104052175535407583505752871957215436773759031023017258211926244898005523956634683846521843112989667257058661590892952518940981897603075244277403071620405906110395876285850586645267366109871364424530232323323093329164542366451609555755793278574306885322737868611730986497942446035931912990173
c = 21531359371326785000813539498235533853399851284161815602787505606478539937473829218703225074127036671433545623422527404993307032442845415396127106566947516725271774364574823414757530290809389432379888075234068890851808191948433382743838583087849527954870829102252458108566336758346284806983878333023038231317
tmp = gmpy2.iroot(n,2)[0]
q = nextprime(tmp)
p = n//q
e = 32
phi = (p-1)*(q-1)
d = inverse(e,phi)
# m = pow(ct,d,n)

def egcd(a, b):
	if a == 0:
		return (b, 0, 1)
	else:
		g, y, x = egcd(b % a, a)
		return (g, x - (b // a) * y, y)

g ,yp,yq = egcd(p,q)

mp = pow(c,(p+1)//4,p)
mq = pow(c,(q+1)//4,q)

for i in range(4):
	mp = pow(mp,(p+1)//4,p)
	mq = pow(mq,(q+1)//4,q)

r = (yp*p*mq + yq*q*mp) % n
mr = n - r
s = (yp*p*mq - yq*q*mp) % n
ms = n - s
for num in [r,mr,s,ms]:
	print(long_to_bytes(num))

Flag : IFEST22{xixixi_bapack_rabin_bisa_aja}

PreviousReverse EngineeringNextForensic

Last updated 9 months ago

p dan q bisa didapat dengan square root lalu next prime. Untuk decrypt mendapatkan referensi berikut . Karena e=32 , maka e = 2^5 . Jadi bedanya tinggal nambah 1 loop saja

📚
📖
https://github.com/Hong5489/0x41414141-CTF/tree/main/easyrsa
Here
Here
Here
Here