Jump to content
Tuts 4 You

Whoever is jobless in germany, here is your chance :3


LResn

Recommended Posts

I just noticed that our "BND" (Bundesnachrichtendienst), equal to the NSA searches for some qualified Reverse Engineers and uploaded 3 Challenges to RE that are required to apply for the job.

I haven't done them so far, but the first one is .NET and looks super easy.

 

If you want to give it a try here is the article:

http://www.bnd.bund.de/DE/Karriere/Reversing_Challenge/Reversing_Challenge_node.html

And here is the direct downloadlink for the Challenges:

http://www.bnd.bund.de/DE/Karriere/Reversing_Challenge/ZIP_Challenge.zip?__blob=publicationFile&v=2

 

Have fun :3

Edited by LResn
  • Like 1
Link to comment

Can someone who understands German translate this to understandable English ?

Quote

Unser Urlauber hat sich die nächste Version des Lösegeldtrojaners eingefangen.
Diesmal liegt uns nur die Verschlüsselungskomponente vor.

 

danke :)

  • Like 1
Link to comment
28 minutes ago, Kurapica said:

Can someone who understands German translate this to understandable English ?

 

danke :)

Sure :) 

"Our vacationer got infected with the next version of the "ransom (money) trojan" ( ransom ware ). This time we have only the encryption component/This time there is only the encryption component available."

My english is bad but I guess it's enough for you to understand it :)

(In case you did not understand :stupid:)

You will have to build the decryption routine by understanding the encryption and building its inverse.

Edited by LResn
  • Like 1
Link to comment

Kurapica if you get hired I want you to see how to break my ransom ware. Encryption is AES and the AES key is encrypted with RSA. The RSA public and private key are generated on my server and the pub key gets send to the victim so it never has the private key. BREAK IT :D

Edited by LResn
Link to comment
30 minutes ago, LResn said:

Kurapica if you get hired I want you to see how to break my ransom ware. Encryption is AES and the AES key is encrypted with RSA. The RSA public and private key are generated on my server and the pub key gets send to the victim so it never has the private key. BREAK IT :D

If you encrypt your AES key with RSA private key public key will be enough to unencrypt it. The victim will receive your public key from the server and your AES key will be available. Once that you got AES key files can be easily unencrypted.

Edited by crystalboy
Link to comment
11 minutes ago, crystalboy said:

If you encrypt your AES key with RSA private key public key will be enough to unencrypt it. The victim will receive your public key from the server and your AES key will be available. Once that you got AES key files can be easily unencrypted.

But I never said that I encrypt the AES key with the private key, did I? Read again what I wrote :)

Link to comment

"Encrypt" with the private key, "decrypt" with the public key.

he encrypts the AES key with the private key on his server.

I will not be hired anyway so I'm just having fun :) 

Link to comment
18 minutes ago, Kurapica said:

"Encrypt" with the private key, "decrypt" with the public key.

he encrypts the AES key with the private key on his server.

I will not be hired anyway so I'm just having fun :) 

No.

1) evil.exe gets executed

2) evil.exe generates AES key and encrypts all files.

3) evil.exe sends to server "hi i need a key"

4) server generates rsa private and public key and sends the public key to victim and saves the private key in a db.

5) evil.exe encrypts the generated aes key with the received public key

Without the private key it is now impossible to decrypt the aes key. However I was just kidding, I have not implemented such thing because everyone who uses ransomware may go to hell.

 

Oh and kurapica - are the Challenges "hard" ?

Edited by LResn
Link to comment

 

No, not hard.

I finished the first and started coding the decryption for the 2nd one.

No idea if I will complete this :D

Spoiler

evil expects 3 params or it will exit ...

evil.exe --Param1 --inFile --OutFile

Param1 : should be of 32 hex digits, Example : AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

inFile : Create a text file  with some words and give it a name of 32 chars, each 2 char represent a hex number of 2 digits like this : BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB

OutFile : same rule for inFile, will contain the encrypted data.

Make sure to set these variables in your debugger, for x64dbg I used

"..\evil.exe" "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" "BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB" "CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC"

 

 

1.jpg

2.jpg

3.jpg

  • Like 1
Link to comment

Any one managed to solve part 2 ?

I wrote a decryption tool which works on all files except the file they provided in the challenge.

they might have modded the "Urlaubsphoto2.png.crypt" file header by hand too !

Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...