upx Posted November 3, 2022 Posted November 3, 2022 For challenge #9: Reveal hidden contents I've identified the symmetric cipher used as probably being ChaCha20 and other basic usage. The other values in the encrypted file also seem to be relevant but I'm not sure how everything ties together. Two of the byte arrays seem to be always constant, the second is used for the asymmetric stuff and the fourth might be an encrypted key? It's difficult to single-step through all the mathematical operations and make sense of everything. I can link some similarities between the value used to generate unk_404020 and the second byte array like the last N or so bytes being the same, but not sure how I could use that to extract the key from the 1024-bit value.
Extreme Coders Posted November 3, 2022 Posted November 3, 2022 (edited) On 11/3/2022 at 5:38 AM, upx said: For challenge #9: Expand Reveal hidden contents On 11/3/2022 at 5:38 AM, upx said: I've identified the symmetric cipher used as probably being ChaCha20 and other basic usage. The other values in the encrypted file also seem to be relevant but I'm not sure how everything ties together. Two of the byte arrays seem to be always constant, the second is used for the asymmetric stuff and the fourth might be an encrypted key? It's difficult to single-step through all the mathematical operations and make sense of everything. Expand All the ciphers are standard, nothing custom. There's a reason why one of the byte arrays is seemingly constant. The challenge would have been unsolvable otherwise if everything was implemented properly. Edited November 3, 2022 by Extreme Coders 1
pcmcia Posted November 4, 2022 Posted November 4, 2022 I'm stuck on Ch#10. Can someone give me a hand? Reveal hidden contents I got my system 6 OS running on the emulator. I can run the password program. I want to debug the program. However, I can't seem to get the debugger to work. I got a very basic debugger prompt. I can only view memory via the "DM <memory location>" command. That's it. I can't seem to get "IL <address>" to show disassembly. I know there's a better version of Macsbug (Maxbug?), but I can't seem to install it on my system 6. Can someone give me nudge? Or am I going down the wrong rabbit hole.
deepzero Posted November 4, 2022 Posted November 4, 2022 @pcmcia Reveal hidden contents Probably not wrong to debug it, but it can be solved comfortably statically. Make sure to also explore the binary well with the included resource-program, and unfortunately there is a little bit of guesswork involved - unless I missed something!
pcmcia Posted November 4, 2022 Posted November 4, 2022 On 11/4/2022 at 7:31 AM, deepzero said: @pcmcia Reveal hidden contents Probably not wrong to debug it, but it can be solved comfortably statically. Make sure to also explore the binary well with the included resource-program, and unfortunately there is a little bit of guesswork involved - unless I missed something! Expand @deepzeroThanks! Reveal hidden contents I have raw bytes and I have the algorithm that decodes these raw bytes to flag. But I'm missing the password. I guess I need some help with the "guess-work". Any hints?
kao Posted November 4, 2022 Posted November 4, 2022 @pcmcia: read carefully what Deepzero said earlier.
pcmcia Posted November 4, 2022 Posted November 4, 2022 On 11/4/2022 at 10:34 AM, kao said: @pcmcia: read carefully what Deepzero said earlier. Expand Reveal hidden contents I did go through every section of the binary. I tried every song name by Nena and/or David Riley from 1983. No luck. Am I going down the wrong path again?
Extreme Coders Posted November 4, 2022 Posted November 4, 2022 @pcmcia Reveal hidden contents Hint: You already know what the flag ends with.
pcmcia Posted November 4, 2022 Posted November 4, 2022 On 11/4/2022 at 11:09 AM, Extreme Coders said: @pcmcia Reveal hidden contents Hint: You already know what the flag ends with. Expand @Extreme CodersThanks! I got it now. Reveal hidden contents That was one of the first things I tried, but my eye didn't recognized it because it wasn't in english.
DoIReviewMods Posted November 6, 2022 Posted November 6, 2022 (edited) a Edited November 7, 2022 by DoIReviewMods
upx Posted November 9, 2022 Posted November 9, 2022 Reveal hidden contents I've relabeled all the code and identified the procedure for encrypting the key and so on. Everything is as I would expect however, nothing really strikes out as anything that would be vulnerable. Another thing is if I try to decrypt the example ciphertext using P and Q from the test case (which should be constant) it doesn't match what it should be. Neither does the values of P and Q I get are able to decrypt the actual ciphertext despite all the values matching and math working out in the debugger. For Challenge #9 again
yoz Posted November 10, 2022 Posted November 10, 2022 Reveal hidden contents For Ch 9, it's all about the cryptography concept. Once you identified the algorithm, the university lecture notes helps me revise the concepts and aided me in the analysis.
kiyo Posted November 12, 2022 Posted November 12, 2022 It's over. Thank you guys! Especially @Washi and @kao. I hope I will have a chance to work again in next year.
Rurik Posted November 13, 2022 Posted November 13, 2022 Some of my more silly ones. I felt bad about 10 and 11, and then realized everyone else did shortcuts as well https://www.ghettoforensics.com/2022/11/flare-on-9-worst-writeups.html 3
Washi Posted November 14, 2022 Author Posted November 14, 2022 I just pushed my own writeups: https://washi1337.github.io/ctf-writeups/writeups/flare-on/2022/ Challenge 1-9 should be all complete. I haven't done writeups for challenge 10 and 11 yet, as I do feel I cheesed them a bit and don't really have proper notes on them. If there is some demand for it I can write them at a later point in time. 3
kao Posted November 14, 2022 Posted November 14, 2022 On 11/14/2022 at 6:46 PM, Washi said: I haven't done writeups for challenge 10 and 11 yet, as I do feel I cheesed them a bit and don't really have proper notes on them. Expand Pretty please! As you can see in Rurik's writeups above, pretty much everyone did that...
deepzero Posted November 14, 2022 Posted November 14, 2022 Just for fun, check out my exotic solution for #5 in form of a superhacky bruteforce script ... cuts down required reversing to a minimum. runtime is about 30 min ... import ida_dbg, ida_bytes def onerun(msec): ida_dbg.run_to(0x006C1064) ida_dbg.wait_for_next_event(ida_dbg.WFNE_SUSP, -1) eax = ida_dbg.get_reg_val("eax") #print("eax: ", eax) ida_dbg.step_over() ida_dbg.wait_for_next_event(ida_dbg.WFNE_SUSP, -1) #eax = 0xbcfc90 ida_dbg.write_dbg_memory(eax, bytes.fromhex("E6 07 06 00 02 00 0E 00 12 00 0E 00 24 00 00 00")) idaapi.put_word(eax + 14, msec) systime = idaapi.get_bytes(eax, 16) ida_dbg.run_to(0x006C3DDF) ida_dbg.wait_for_next_event(ida_dbg.WFNE_SUSP, -1) eax = ida_dbg.get_reg_val("eax") deax = idaapi.get_dword(eax) #print(hex(deax)) strl = ida_bytes.get_max_strlit_length(deax, ida_nalt.STRTYPE_C_16) ss = ida_bytes.get_strlit_contents(deax, strl, ida_nalt.STRTYPE_C_16) ss = ss.decode("ascii") ida_dbg.exit_process() ida_dbg.wait_for_next_event(ida_dbg.WFNE_SUSP, -1) print(str(ss)) if ss == "ydN8BXq16RE=": print("hit!", msec) return True return False for i in range(1001): if onerun(i): break 1 2
akkaldama Posted November 15, 2022 Posted November 15, 2022 For ch-2, opened it in cerbero profiler, found two images, performed an online image diff, got the flag. It was a little difficult to read the flag from diff'd image but entered the flag correctly after 5-10 attempts.. 2
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now