Tuesday, April 30, 2019

Challenges for April 2019 SecTalks London

O'Malley by Sylvie MM from flickr (CC-NC-ND)

I just keep winning them, and by convention the winner organizes the next one, so I just ran another round of London SecTalks CTF.

There were 10 challenges. The winner got only 6, but each challenge was solved by at least one person during the event. So maybe it was just a bit too much, but it's better to have too many than too few challenges.

Challenge files and code used to generate them are available on github.

There are no answers below, but some serious hints which might make it too easy.

For previous rounds, see posts about September 2017November 2017May 2018July 2018, October 2018, and February 2019 CTFs.

EBCDIC (5 points)

It was a simple challenge for beginners. The flag was encoded using EBCDIC. It could even be done manually.

CSS (10 points)

This was possibly the most original challenge, the flag was encoded in a pure CSS maze, where you'd need to mouseover each correct letter in order to get the challenge.

CSS wasn't too obfuscated, so that was the easiest way to solve it.

CTR (15 points)

A small server which encrypted your message with AES-CTR. There was also encrypted flag.

The problem was that IV was not generated every time, and there's a standard attack for that.

sayflag (20 points)

This was a small MP3 file, encrypted with a XOR key. The file did not have ID3 tag, so there's not enough known plaintext for the usual attack.

The hint suggested one alternative approach: MP3 compression works like JPG, but block artifacts would be fatal, so compressed blocks overlap a bit. To avoid special treatment for the last block, encoders add some silence at the end of the file (also sometimes at the start), so that part usually has very low entropy. No ID3 here.

With this hint it should be fairly easy to adapt the attack.

Rust (25 points)

A simple flag validator, this time written in Rust to make reverse engineering a bit more challenging.

RSA Signatures v1 (30 points)

This was a fun double challenge. The challenge was "textbook RSA" signature server without any padding or hashing. It would verify and sign any "safe" message, and the task was to give it "unsafe" one containing admin=yes.

There were two versions of this challenge, and diffing them revealed some extra checks which were missing from the first version, which could be very easily exploited.

Codage Hexadecimal (35 points)

French plaintext got hex-encoded, but with digits mixed up. It was tiny bit harder than previous English challenge, as there were was a bit of Unicode with accented characters.

from_past_import_flag (40 points)

A program that would generate a flag, but only if you run it in 2005. To avoid being fooled by changing laptop clock it double checks with NTP server, but NTP is completely unsecured, so it's very easy to redirect that traffic to a local NTP server.

Or just attack the file with gdb.

RSA Signatures v2 (45 points)

In the second part of textbook RSA signatures challenge, bounds check issues were fixed, so a proper RSA signature malleability attack was needed.

Chifferment par Substitution (50 points)

Substitution cipher, this time on a French text, and without most punctuation. It's not difficult, it's just fairly time consuming.

No comments:

Post a Comment