この大会は2019/2/23 9:00(JST)~2019/3/4 9:00(JST)に開催されました。
今回もチームで参戦。結果は19178点で1866チーム中13位でした。
自分で解けた問題をWriteupとして書いておきます。
Howdy! (Misc)
問題にフラグが書いてある。
gigem{H0wdy!}
Who am I? (Misc)
tamuctf.comのAレコードを答える問題。
$ dig tamuctf.com ; <<>> DiG 9.10.3-P4-Ubuntu <<>> tamuctf.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49250 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; MBZ: 0005 , udp: 512 ;; QUESTION SECTION: ;tamuctf.com. IN A ;; ANSWER SECTION: tamuctf.com. 5 IN A 52.33.57.247 ;; Query time: 151 msec ;; SERVER: 127.0.1.1#53(127.0.1.1) ;; WHEN: Sat Feb 23 09:31:59 JST 2019 ;; MSG SIZE rcvd: 56
52.33.57.247
Who do I trust? (Misc)
tamuctf.comの証明書の発行者を答える問題。証明書を確認する。
Let's Encrypt Authority X3
0_Network_Enumeration (ReadingRainbow)
1つ目の問題はプライベートWebサーバのIPアドレスを答える問題。
2つ目の問題はそのWebサーバにアクセスしているホストの数を答える問題。
WebサーバのIPアドレスはhttpアクセスしているパケットを見ていけば、192.168.11.4であることがわかる。
さらにNetworkMinerで開き、Hostsタブで192.168.11.4にアクセスしているホストの数を確認すると、13個であることがわかる。
192.168.11.4
13
-.- (Crypto)
モールス信号を復号すると16進数になる。それをASCIIコードとして文字にする。
morse = {
'di-dah': 'A',
'dah-di-di-dit': 'B',
'dah-di-dah-dit': 'C',
'dah-di-dit': 'D',
'dit': 'E',
'di-di-dah-dit': 'F',
'dah-dah-dit': 'G',
'di-di-di-dit': 'H',
'di-dit': 'I',
'di-dah-dah-dah': 'J',
'dah-di-dah': 'K',
'di-dah-di-dit': 'L',
'dah-dah': 'M',
'dah-dit': 'N',
'dah-dah-dah': 'O',
'di-dah-dah-dit': 'P',
'dah-dah-di-dah': 'Q',
'di-dah-dit': 'R',
'di-di-dit': 'S',
'dah': 'T',
'di-di-dah': 'U',
'di-di-di-dah': 'V',
'di-dah-dah': 'W',
'dah-di-di-dah':'X',
'dah-di-dah-dah': 'Y',
'dah-dah-di-dit': 'Z',
'di-dah-dah-dah-dah': '1',
'di-di-dah-dah-dah': '2',
'di-di-di-dah-dah': '3',
'di-di-di-di-dah': '4',
'di-di-di-di-dit': '5',
'dah-di-di-di-dit': '6',
'dah-dah-di-di-dit': '7',
'dah-dah-dah-di-dit': '8',
'dah-dah-dah-dah-dit': '9',
'dah-dah-dah-dah-dah': '0'
}
with open('flag.txt', 'r') as f:
data = f.read()
codes = data.split(' ')
dec = ''
for code in codes:
dec += morse[code]
print dec.lower()
print
msg = dec[2:].decode('hex')
print msg
実行結果は以下の通り。
0x57702a6c58744751386538716e6d4d59552a737646486b6a49742a5251264a705a766a6d2125254b446b6670235e4e39666b346455346c423372546f5430505a516d4351454b5942345a4d762a21466b386c25626a716c504d6649476d612525467a4720676967656d7b433169634b5f636c31434b2d7930755f683476335f6d3449317d20757634767a4b5a7434796f6d694453684c6d385145466e5574774a404e754f59665826387540476e213125547176305663527a56216a217675757038426a644e49714535772324255634555a4f595a327a37543235743726784c40574f373431305149
Wp*lXtGQ8e8qnmMYU*svFHkjIt*RQ&JpZvjm!%%KDkfp#^N9fk4dU4lB3rToT0PZQmCQEKYB4ZMv*!Fk8l%bjqlPMfIGma%%FzG gigem{C1icK_cl1CK-y0u_h4v3_m4I1} uv4vzKZt4yomiDShLm8QEFnUtwJ@NuOYfX&8u@Gn!1%Tqv0VcRzV!j!vuup8BjdNIqE5w#$%V4UZOYZ2z7T25t7&xL@WO7410QI
デコードした文字列にフラグが含まれている。
gigem{C1icK_cl1CK-y0u_h4v3_m4I1}
RSAaaay (Crypto)
nを素因数分解する。
2531257 = 509 * 4973
あとはそのまま復号していき、復号した数値を1つか2つのASCIIコードの連結とみて、文字にする。
from Crypto.Util.number import inverse def n_to_str(n): str_n = str(n) s = '' tmp = '' for i in range(len(str_n)): tmp += str_n[i] if int(tmp) > 31 and int(tmp) < 127: s += chr(int(tmp)) tmp = '' return s n = 2531257 p = 509 q = 4973 e = 43 list_c = map(int, '906851 991083 1780304 2380434 438490 356019 921472 822283 817856 556932 2102538 2501908 2211404 991083 1562919 38268'.split(' ')) phi = (p - 1) * (q - 1) d = inverse(e, phi) flag = '' for c in list_c: m = pow(c, d, n) flag += n_to_str(m) print flag
gigem{Savage_Six_Flying_Tigers}
Mike's Marvelous Mystery Curves (Crypto)
通信パケットのNo.4と11に-----BEGIN CERTIFICATE-----で始まるデータがある。エクスポートして、中身を見ようとしたが、見れない。BASE64デコードしてみると、テキストで以下のような内容だった。
[No.4]
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
b9:59:da:c4:d7:3f:bc:31
Signature Algorithm: base64
Issuer: C = US, ST = Texas, L = College Station, O = Texas A&M University, OU = tamuCTF, CN = Alice, emailAddress = alice@tamuctf.edu
Validity
Not Before: Oct 9 13:08:12 2018 GMT
Not After : Nov 8 13:08:12 2018 GMT
Subject: C = US, ST = Texas, L = College Station, O = Texas A&M University, OU = tamuCTF, CN = Alice, emailAddress = alice@tamuctf.edu
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key:
61801292647
228288385004
ASN1 OID: badPrime96v4
CURVE: JustNo
Field Type: prime-field
Prime:
412220184797
A:
10717230661382162362098424417014722231813
B:
22043581253918959176184702399480186312
Generator:
56797798272
349018778637
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:4E:BF:87:92:16:9B:D6:53:DA:CC:6D:AB:22:0E:40:25:41:C5:CC
X509v3 Authority Key Identifier:
keyid:F0:4E:BF:87:92:16:9B:D6:53:DA:CC:6D:AB:22:0E:40:25:41:C5:CC
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: ecdsa-with-SHA256
30:46:02:21:00:cc:3c:84:eb:19:73:e1:62:7f:81:78:99:c6:
26:b8:86:9e:61:7e:82:87:f1:85:5c:75:e1:2d:60:37:55:b6:
09:02:21:00:85:33:af:dc:34:0f:e5:13:8e:26:88:06:a3:13:
d1:a2:ed:d5:04:cb:9c:50:d1:c4:a4:4d:42:92:bd:69:56:1a
[No.11]
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
a8:49:ac:8c:84:0f:84:ce
Signature Algorithm: ecdsa-with-SHA256
Issuer: C = US, ST = Texas, L = College Station, O = Texas A&M University, OU = tamuCTF, CN = Bob, emailAddress = bob@tamuctf.edu
Validity
Not Before: Oct 9 13:15:35 2018 GMT
Not After : Nov 8 13:15:35 2018 GMT
Subject: C = US, ST = Texas, L = College Station, O = Texas A&M University, OU = tamuCTF, CN = Bob, emailAddress = bob@tamuctf.edu
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key:
196393473219
35161195210
ASN1 OID: badPrime96v4
CURVE: JustNo
Field Type: prime-field
Prime:
412220184797
A:
10717230661382162362098424417014722231813
B:
22043581253918959176184702399480186312
Generator:
56797798272
349018778637
X509v3 extensions:
X509v3 Subject Key Identifier:
84:25:43:45:2C:0C:7E:1C:85:BC:E9:AF:44:BE:42:A1:84:D6:D2:27
X509v3 Authority Key Identifier:
keyid:84:25:43:45:2C:0C:7E:1C:85:BC:E9:AF:44:BE:42:A1:84:D6:D2:27
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: ecdsa-with-SHA256
30:46:02:21:00:d4:45:84:18:e3:06:8d:bb:3b:e9:4d:68:a9:
56:f4:af:e0:28:23:26:7d:4d:1e:84:2b:e8:c4:d3:ac:85:a9:
c8:02:21:00:e9:ef:bc:0d:fa:3a:85:c4:39:1a:16:3b:6a:c0:
6a:3f:ac:f2:7a:5f:49:ea:86:e4:18:5e:ac:91:75:31:b3:5b
ここからパラメータを読み取ると、全体的に数値が小さい。離散対数問題で使うコードでECDHによる共通鍵を算出してみる。
# solve.sage p = 412220184797 A = 10717230661382162362098424417014722231813 B = 22043581253918959176184702399480186312 G = (56797798272, 349018778637) F = FiniteField(p) E = EllipticCurve(F, [A,B]) G = E.point(G) pub_A = (61801292647, 228288385004) pub_A = E.point(pub_A) pub_B = (196393473219, 35161195210) pub_B = E.point(pub_B) factors, exponents = zip(*factor(E.order())) primes = [factors[i] ^ exponents[i] for i in range(len(factors))] dlogs = [] for fac in primes: t = int(G.order()) / int(fac) dlog = discrete_log(t*pub_A, t*G, operation='+') dlogs += [dlog] n_A = crt(dlogs,primes) key = pub_B * n_A key = str(key[0]) + str(key[1]) print key
共通鍵は以下であることがわかった。
130222573707242246159397
あとはTCP Streamから暗号データを抽出して、復号するだけ。AES-CBCなのでIVが必要だが、よく暗号データの先頭16バイトがIVになっているので、それを使う。
from Crypto.Cipher import AES with open('msg.enc', 'rb') as f: data = f.read() iv = data[:16] enc = data[16:] key = '130222573707242246159397' aes = AES.new(key, AES.MODE_CBC, iv) dec = aes.decrypt(enc) print dec
復号結果は以下の通り。
study was a total mess, like the results of an explosion in a public library. The old man frowned as they stepped in. "Terribly unfortunate," he said, "a diode blew in one of the life-support computers. When we tried to revive our cleaning staff we discovered they'd been dead for nearly thirty thousand years. Who's going to clear away the bodies, that's what I want to know. Look why don't you sit yourself down over there and let me plug you in?" He gestured Arthur towards a chair which looked as if it had been made out of the rib cage of a stegosaurus. "It was made out of the rib cage of a stegosaurus," explained the old man as he pottered about fishing bits of wire out from under tottering piles of paper and drawing instruments. "Here," he said, "hold these," and passed a couple of stripped wire end to Arthur. The instant he took hold of them a bird flew straight through him. He was suspended in mid-air and totally invisible to himself. Beneath him was a pretty treelined city square, and all around it as far as the eye could see were white concrete buildings of airy spacious design but somewhat the worse for wear - many were cracked and stained with rain. Today however the sun was shining, a fresh breeze danced lightly through the trees, and the odd sensation that all the buildings were quietly humming was probably caused by the fact that the square and all the streets around it were thronged with cheerful excited people. Somewhere a band was playing, brightly coloured flags were fluttering in the breeze and the spirit of carnival was in the air. Arthur felt extraordinarily lonely stuck up in the air above it all without so much as a body to his name, but before he had time to reflect on this a voice rang out across the square and called for everyone's attention. A man standing on a brightly dressed dais before the building which clearly dominated the square was addressing the crowd over a Tannoy. "O people waiting in the Shadow of Deep Thought!" he cried out. "Honoured Descendants of Vroomfondel and Majikthise, the Greatest and Most Truly Interesting Pundits the Universe has ever known ... The Time of Waiting is over!" Wild cheers broke out amongst the crowd. Flags, streamers and wolf whistles sailed through the air. The narrower streets looked rather like centipedes rolled over on their backs and frantically waving their legs in the air. "Seven and a half million years our race has waited for this Great and Hopefully Enlightening Day!" cried the cheer leader. "The Day of the Answer!" Hurrahs burst from the ecstatic crowd. "Never again," cried the man, "never again will we wake up in the morning and think Who am I? What is my purpose in life? Does it really, cosmically speaking, matter if I don't get up and go to work? For today we will finally learn once and for all the plain and simple answer to all these nagging little problems of Life, the Universe and Everything!" As the crowd erupted once again, Arthur found himself gliding through the air and down towards one of the large stately windows on the first floor of the building behind the dais from which the speaker was addressing the crowd. He experienced a moment's panic as he sailed straight through towards the window, which passed when a second or so later he found he had gone right through the solid glass without apparently touching it. No one in the room remarked on his peculiar arrival, which is hardly surprising as he wasn't there. He began to realize that the whole experience was merely a recorded projection which knocked six-track seventy-millimetre into a cocked hat. The room was much as Slartibartfast had described it. In seven and a half million years it had been well looked after and cleaned regularly every century or so. The ultramahagony desk was worn at the edges, the carpet a little faded now, but the large computer terminal sat in sparkling glory on the desk's leather top, as bright as if it had been constructed yesterday. Two severely dressed men sat respectfully before the terminal and waited. "The time is nearly upon us," said one, and Arthur was surprised to see a word suddenly materialize in thin air just by the man's neck. The word was Loonquawl, and it flashed a couple of times and the disappeared again. Before Arthur was able to assimilate this the other man spoke and the word Phouchg appeared by his neck. "Seventy-five thousand generations ago, our ancestors set this program in motion," the second man said, "and in all that time we will be the first to hear the computer speak." "An awesome prospect, Phouchg," agreed the first man, and Arthur suddenly realized that he was watching a recording with subtitles. "We are the ones who will hear," said Phouchg, "the answer to the great question of Life ...!" "The Universe ...!" said Loonquawl. "And Everything ...!" "Shhh," said Loonquawl with a slight gesture, "I think Deep Thought is preparing to speak!" There was a moment's expectant pause whilst panels slowly came to life on the front of the console. Lights flashed on and off experimentally and settled down into a businesslike pattern. A soft low hum came from the communication channel. "Good morning," said Deep Thought at last. "Er ... Good morning, O Deep Thought," said Loonquawl nervously, "do you have ... er, that is ..." "An answer for you?" interrupted Deep Thought majestically. "Yes. I have." The two men shivered with expectancy. Their waiting had not been in vain. "There really is one?" breathed Phouchg. "There really is one," confirmed Deep Thought. "To Everything? To the great Question of Life, the Universe and Everything?" "Yes." Both of the men had been trained for this moment, their lives had been a preparation for it, they had been selected at birth as those who would witness the answer, but even so they found themselves gasping and squirming like excited children. "And you're ready to give it to us?" urged Loonquawl. "I am." "Now?" "Now," said Deep Thought. They both licked their dry lips. "Though I don't think," added Deep Thought, "that you're going to like it." "Doesn't matter!" said Phouchg. "We must know it! Now!" "Now?" inquired Deep Thought. "Yes! Now ..." "Alright," said the computer and settled into silence again. The two men fidgeted. The tension was unbearable. "You're really not going to like it," observed Deep Thought. "Tell us!" "Alright," said Deep Thought. "The Answer to the Great Question ..." "Yes ...!" "Of Life, the Universe and Everything ..." said Deep Thought. "Yes ...!" "Is ..." said Deep Thought, and paused. "Yes ...!" "Is ..." "Yes ...!!!...?" gigem{Forty-two_said_Deep_Thought}, with infinite majesty and calm. It was a long time before anyone spoke. Out of the corner of his eye Phouchg could see the sea of tense expectant faces down in the square outside. "We're going to get lynched aren't we?" he whispered. "It was a tough assignment," said Deep Thought mildly. "Forty-two!" yelled Loonquawl. "Is that all you've got to show for seven and a half million years' work?" "I checked it very thoroughly," said the computer, "and that quite definitely is the answer. I think the problem, to be quite honest with you, is that you've never actually known what the question is." "But it was the Great Question! The Ultimate Question of Life, the Universe and Everything!" howled Loonquawl. "Yes," said Deep Thought with the air of one who suffers fools gladly, "but what actually is it?" A slow stupefied silence crept over the men as they stared at the computer and then at each other. "Well, you know, it's just Everything ... Everything ..." offered Phouchg weakly. "Exactly!" said Deep Thought. "So once you do know what the question actually is, you'll know what the answer means." "Oh terrific," muttered Phouchg flinging aside his notebook and wiping away a tiny tear. "Look, alright, alright," said Loonquawl, "can you just please tell us the Question?" "The Ultimate Question?" "Yes!" "Of Life, the Universe, and Everything?" "Yes!" Deep Thought pondered this for a moment. "Tricky," he said. "But can you do it?" cried Loonquawl. Deep Thought pondered this for another long moment. Finally: "No," he said firmly. Both men collapsed on to their chairs in despair. "But I'll tell you who can," said Deep Thought. They both looked up sharply. "Who?" "Tell us!" Suddenly Arthur began to feel his apparently non-existent scalp begin to crawl as he found himself moving slowly but inexorably forward towards the console, but it was only a dramatic zoom on the part of whoever had made the recording he assumed. "I speak of none other than the computer that is to come after me," intoned Deep Thought, his voice regaining its accustomed declamatory tones. "A computer whose merest operational parameters I am not worthy to calculate - and yet I will design it for you. A computer which can calculate the Question to the Ultimate Answer, a computer of such infinite and subtle complexity that organic life itself shall form part of its operational matrix. And you yourselves shall take on new forms and go down into the computer to navigate its ten-million-year program! Yes! I shall design this computer for you. And I shall name it also unto you. And it shall be called ... The Earth." Phouchg gaped at Deep Thought. "What a dull name," he said and great incisions appeared down the length of his body. Loonquawl too suddenly sustained horrific gashed from nowhere. The Computer console blotched and cracked, the walls flickered and crumbled and the room crashed upwards into its own ceiling ... Slartibartfast was standing in front of Arthur holding the two wires. "End of the tape," he explained.
途中、フラグが含まれていた。
gigem{Forty-two_said_Deep_Thought}
