HITB GSEC Singapore 2017 — CTF Write-ups (Crypto Category)

HASHINATOR

Attachment here.

After some minutes looking into the code, I found the problem: the function calculate_hash is unsafe, and it’s reversible by doing a simple xor operation.

Now the time for installing some library for scrypt, blake, blabla… and it took me more than 3 hours…

After installing the libraries, write some new lines of code:

And the flag is coming…

HACK IN THE CARD I

Attachment here.

We’re given a RSA public key in PEM format, a circuit diagram, and a website that shows us the voltage variation of the resistor during the decrypt process using this smart card.

Look at the website:

Yah, quite good. The chart shows us quite clearly, when the voltage is high or low. Maybe this is a side-channel attack, the decrypt process chart may leak the secret exponent.

After some (many many) attempts and some much more luck, I’m successful at extracting the private exponent by using this code (I don’t post it here, because the data of the chart is too much, so the code is too big, around 2MB)

And we have:

Now it’s easy to get the flag:

HACK IN THE CARD II

Attachment here.

We’re given another RSA public key, and a ciphertext. Let extract the modulus and the public exponent from this new public key:

Wait wait… Something is strange… Could you see it?

Yah, if you had not found it yet, scroll up and look at the modulus of the public key in HACK IN THE CARD I challenge. Same modulus!

So, now it’s easy. We already had the private exponent from the previous challenge, now just use it to factorize the modulus, and we will have new private exponent (and of course, the flag) for this challenge.

You know, Google is our best friend:

The easiest step for you :D let’s write some lines of code :D

Special thanks to k9, tinduong for supporting me a lot. And a big thank to QG, who always stand by me day by day =)).