[HackCon2019] — Writeup

Writeup for HackCon2019 by Nicholas.

HackCon 2019

HackCon is a jeopardy style competition that includes challenges in the domain of Reverse Engineering, Web Exploitation, Clever Scripting, Automation and general “hacks”.

I’m going to explain my writeup for some challenges that I have done in this year HackCon. My team, Djavaa got the 5th Place on this CTF (on a frozen scoreboard).

Web: Secret Agent — 100 point

Given a web http://68.183.158.95/secret_agent/ that show a string Should d4rkc0de make their own browser. It is a classic challenge, we just need to change the user-agent to that string.

The Web Interface

FLAGGGGGGGG :)

Flag: d4rk{useragent_ftwwwwwww}c0de

Stego: Small icon much wow — 100 point

Given a file stego.jpg. Just like the title said, I try to extract the thumbnail picture and I got a QR Code. I try to decode it and I got the Flag. The command that I used to extract:

exiftool -b -ThumbnailImage stego.jpg > my_thumbnail.jpg

The generated thumbnail, try to decode the qr code

FLAGGGGGGG :)

Flag: d4rk{flAg_h1dd3n_1n_th3_thumbnail}c0de

Stego: Too cold for steg — 287 point

Given a file final.txt. When I try to open it, the content is a Sherlock Holmes Novel. Based on the title Too Cold, I guess that this challenge will be related to stegsnow tools. In order to extract the hidden data, I need to find the password. I try to look it on the file and the password was store on there.

password is : d4rkc0de-IIITD

The command to extract it:

stegsnow -C -p “d4rkc0de-IIITD” final.txt

FLAGGGGGG :)

Flag: d4rk{h@ving_fun_w1th_st3gsn0w?}c0de

Stego: GIMP IT — 446 point

Given a file stego1.xcf. When I try to open it using GIMP, I found a layer contains a text that I couldn’t read it because it has been stretched by the author, and It is hard to reconstruct it. So I try to look for a workaround to extract that text, and I found the text when viewing using strings command

Interesting TEXT!!

When I see the first line of that hex text that I found, I realize that it is a zip file (based on the header). I copy that hex and save it as a zip file. I unzip it and I got a file called data.txt which contains binary file. When I convert it into an ASCII String, it turns into gibberish text. After spending a long time trying to figure out that binary, turns out it is a QR Code. After I convert it into a QR Code, the decoded QR is the flag.

QR Code

FLAGGGGG :)

Flag: d4rk{L0t5_0f_th1ng5_t0_d0_1n_th15_chAll@ng3}c0de

Crypto: OTP — 100 point

Here is the description from the challenge:

hackerman is so dank that he decided to play around with OTPs.
he did the following:
message1 ^ key = cipher1
message2 ^ key = cipher2

He gives you cipher1 and cipher2 and challenges you to find the concatenation of messages 1 and 2.
Are you dank enough to find this?
Oh and also, 'meme' is so popular that hackerman used the word in both his messages.
cipher1 is '\x05F\x17\x12\x14\x18\x01\x0c\x0b4'
cipher2 is '>\x1f\x00\x14\n\x08\x07Q\n\x0e'
Both without quotes

We know that the flag format is d4rk{xixixixixixixi}c0de. Based on that flag format, we could try to recover the key with this script.

solve.py

Basically, this script try to find a key where the cipher1 ^ key contains d4rk{ and cipher2 ^ key contains }c0de.

FLAGGGGG :)

Flag: d4rk{meme__meme}c0de

Crypto: Noki — 100 point

Here is the description from the challenge:

I was told Vigenère Cipher is secure as long as length(key) == length(message). So I did just that!
Break this: g4iu{ocs_oaeiiamqqi_qk_moam!}e0gi

It is a simple viginere cipher. Because I know the flag format, I try to found the key by trying convert g4iu into d4rk. Turn out, the viginere cipher key for the first four letter is also d4rk. Because we know that the key is the same with the plaintext (flag), using this script, we just need to brute force the key that lay in the diagonal of the Viginere Cipher Table.

Maybe you will get a bit confused why I generate two flag. It is because there will be two occurence per letter in the diagonal of the viginere table, that’s why we need to predict the correct flag combined those two flags.

Try choosing the correct letter between those two flag generated, and you will get the correct flag

Flag: d4rk{how_uncreative_is_that!}c0de

Crypto: Ez Pz — 484 point

Here is the description from the challenge:

easiest crypto points ever
nc 68.183.158.95 7777

Given a service, when we try to connect to the server, we will be greeted by ciphertext, and a menu consist of Encrypt and Decrypt. So for the encrypt menu, we need to input Text, and the service will return the ciphertext represent in integer, while the decrypt menu receive Integer and the service will return the message in form of integer.

The service has limit our interaction to only 2 interaction, which mean we could only do two times encryption, two times decryption, or one encryption + one decryption.

Hmmm, so we got the c, but we didn’t know the n and e. I try stupid ways where I try to input the ciphertext on the decryption menu, but the service is smart enough to return false. Not only that, the modulus (n) always change on different run.

The service is smart enough for not allowing the decryption (?)

Okay, so our first mission is retrieving the modulus (n). Well, the decryption service could receive any integers. We could exploit this by try entering “-1”, because the service will return n-1 value if the exponent is odd. I try to input -1 to the service and the service return a huge value. This must be the n-1 value. YEAY, we got the modulus (n).

Our second mission is retrieving the exponent (e). It will be difficult if the exponent also change on different run, so I try to assume that only the modulus will change on different run and the exponent will be constant on different run. To get the exponent, we will try to bruteforce it!

The service limit us to do only two interaction per run. We could retrieve the n with the first interaction. After we retrieve the n, we need to use our last interaction to encrypt anything (m), getting the c value from the service, and bruteforce our exponent until our own encryption (pow(m, e, n)) it give the same c value.

Below is the example, I try to encrypt string “a”, getting the c from the server, and after bruteforcing the exponent, we got that the exponent is 65537.

We got the n, we know m and c, we could try bruteforcing the exponent :D

WE GOT THE EXPONENT!!

Now here is the tricky part. We already get the exponent, and we could retrieve the n easily. But it is very hard to factor the n. That’s why, we need to be smart enough using the Decrypt menu on the service to help us retrieve the flag without knowing the d.

Based on this writeup, we could try decrypting “(c*pow(2, e, n)) % n”. The return result will be 2*m, and we just need to divide it by two in order to retrieve the flag. Here is the full script:

Flag: d4rk{th3_ch33si3st_m4th_p1zz4_f0r_d1nn3r!}c0de

Words from Author

I’m a little bit disappointed because our team failed to reach the Top 3, but I learn a lot on this CTF. Thank you for reading!!