この大会は2024/5/11 7:00(JST)~2024/5/13 7:00(JST)に開催されました。
今回もチームで参戦。結果は500点で791チーム中102位でした。
自分で解けた問題をWriteupとして書いておきます。
Sanity.py (Intro)
>>> "}FTC_3h7_y0jn3-!d3s54P_kc3hC_y71n4S{LTBT"[::-1]
'TBTL{S4n17y_Ch3ck_P45s3d!-3nj0y_7h3_CTF}'
TBTL{S4n17y_Ch3ck_P45s3d!-3nj0y_7h3_CTF}
Flagcheck (Rev)
Ghidraでデコンパイルする。
undefined8 main(void) { char cVar1; int iVar2; size_t sVar3; long in_FS_OFFSET; uint local_74; int local_70; int local_6c; char local_68 [72]; long local_20; local_20 = *(long *)(in_FS_OFFSET + 0x28); printf("Let me check your flag: "); __isoc99_scanf(&DAT_0010213d,local_68); sVar3 = strlen(local_68); if (sVar3 != 0x3f) { no(); } local_74 = 1; local_70 = 0; while( true ) { sVar3 = strlen(local_68); if (sVar3 <= (ulong)(long)local_70) break; local_74 = (int)local_68[local_70] * local_74; local_70 = local_70 + 1; } srand(local_74); local_6c = 0; while( true ) { sVar3 = strlen(local_68); if (sVar3 <= (ulong)(long)local_6c) break; cVar1 = local_68[local_6c]; iVar2 = rand(); if (((int)cVar1 ^ iVar2 % 0x100) != *(uint *)(target + (long)local_6c * 4)) { no(); } local_6c = local_6c + 1; } puts("Correct!"); if (local_20 != *(long *)(in_FS_OFFSET + 0x28)) { /* WARNING: Subroutine does not return */ __stack_chk_fail(); } return 0; } void no(void) { puts("Nope..."); /* WARNING: Subroutine does not return */ exit(0); } ************************************************************** * target * ************************************************************** _ZL6target XREF[2]: main:0010132e(*), target main:00101335(*) 00102020 33 00 00 undefine 00 84 00 00 00 3d 00102020 33 undefined133h [0] XREF[2]: main:0010132e(*), main:00101335(*) 00102021 00 undefined100h [1] 00102022 00 undefined100h [2] 00102023 00 undefined100h [3] 00102024 84 undefined184h [4] 00102025 00 undefined100h [5] 00102026 00 undefined100h [6] 00102027 00 undefined100h [7] 00102028 3d undefined13Dh [8] 00102029 00 undefined100h [9] 0010202a 00 undefined100h [10] 0010202b 00 undefined100h [11] 0010202c 3f undefined13Fh [12] 0010202d 00 undefined100h [13] 0010202e 00 undefined100h [14] 0010202f 00 undefined100h [15] 00102030 2a undefined12Ah [16] 00102031 00 undefined100h [17] 00102032 00 undefined100h [18] 00102033 00 undefined100h [19] 00102034 93 undefined193h [20] 00102035 00 undefined100h [21] 00102036 00 undefined100h [22] 00102037 00 undefined100h [23] 00102038 7b undefined17Bh [24] 00102039 00 undefined100h [25] 0010203a 00 undefined100h [26] 0010203b 00 undefined100h [27] 0010203c 82 undefined182h [28] 0010203d 00 undefined100h [29] 0010203e 00 undefined100h [30] 0010203f 00 undefined100h [31] 00102040 1a undefined11Ah [32] 00102041 00 undefined100h [33] 00102042 00 undefined100h [34] 00102043 00 undefined100h [35] 00102044 ac undefined1ACh [36] 00102045 00 undefined100h [37] 00102046 00 undefined100h [38] 00102047 00 undefined100h [39] 00102048 8e undefined18Eh [40] 00102049 00 undefined100h [41] 0010204a 00 undefined100h [42] 0010204b 00 undefined100h [43] 0010204c f4 undefined1F4h [44] 0010204d 00 undefined100h [45] 0010204e 00 undefined100h [46] 0010204f 00 undefined100h [47] 00102050 b1 undefined1B1h [48] 00102051 00 undefined100h [49] 00102052 00 undefined100h [50] 00102053 00 undefined100h [51] 00102054 cb undefined1CBh [52] 00102055 00 undefined100h [53] 00102056 00 undefined100h [54] 00102057 00 undefined100h [55] 00102058 8d undefined18Dh [56] 00102059 00 undefined100h [57] 0010205a 00 undefined100h [58] 0010205b 00 undefined100h [59] 0010205c 21 undefined121h [60] 0010205d 00 undefined100h [61] 0010205e 00 undefined100h [62] 0010205f 00 undefined100h [63] 00102060 0e undefined10Eh [64] 00102061 00 undefined100h [65] 00102062 00 undefined100h [66] 00102063 00 undefined100h [67] 00102064 b7 undefined1B7h [68] 00102065 00 undefined100h [69] 00102066 00 undefined100h [70] 00102067 00 undefined100h [71] 00102068 67 undefined167h [72] 00102069 00 undefined100h [73] 0010206a 00 undefined100h [74] 0010206b 00 undefined100h [75] 0010206c 96 undefined196h [76] 0010206d 00 undefined100h [77] 0010206e 00 undefined100h [78] 0010206f 00 undefined100h [79] 00102070 2c undefined12Ch [80] 00102071 00 undefined100h [81] 00102072 00 undefined100h [82] 00102073 00 undefined100h [83] 00102074 81 undefined181h [84] 00102075 00 undefined100h [85] 00102076 00 undefined100h [86] 00102077 00 undefined100h [87] 00102078 d3 undefined1D3h [88] 00102079 00 undefined100h [89] 0010207a 00 undefined100h [90] 0010207b 00 undefined100h [91] 0010207c bc undefined1BCh [92] 0010207d 00 undefined100h [93] 0010207e 00 undefined100h [94] 0010207f 00 undefined100h [95] 00102080 29 undefined129h [96] 00102081 00 undefined100h [97] 00102082 00 undefined100h [98] 00102083 00 undefined100h [99] 00102084 6c undefined16Ch [100] 00102085 00 undefined100h [101] 00102086 00 undefined100h [102] 00102087 00 undefined100h [103] 00102088 4b undefined14Bh [104] 00102089 00 undefined100h [105] 0010208a 00 undefined100h [106] 0010208b 00 undefined100h [107] 0010208c 0d undefined10Dh [108] 0010208d 00 undefined100h [109] 0010208e 00 undefined100h [110] 0010208f 00 undefined100h [111] 00102090 00 undefined100h [112] 00102091 00 undefined100h [113] 00102092 00 undefined100h [114] 00102093 00 undefined100h [115] 00102094 ed undefined1EDh [116] 00102095 00 undefined100h [117] 00102096 00 undefined100h [118] 00102097 00 undefined100h [119] 00102098 fd undefined1FDh [120] 00102099 00 undefined100h [121] 0010209a 00 undefined100h [122] 0010209b 00 undefined100h [123] 0010209c ee undefined1EEh [124] 0010209d 00 undefined100h [125] 0010209e 00 undefined100h [126] 0010209f 00 undefined100h [127] 001020a0 56 undefined156h [128] 001020a1 00 undefined100h [129] 001020a2 00 undefined100h [130] 001020a3 00 undefined100h [131] 001020a4 40 undefined140h [132] 001020a5 00 undefined100h [133] 001020a6 00 undefined100h [134] 001020a7 00 undefined100h [135] 001020a8 52 undefined152h [136] 001020a9 00 undefined100h [137] 001020aa 00 undefined100h [138] 001020ab 00 undefined100h [139] 001020ac d5 undefined1D5h [140] 001020ad 00 undefined100h [141] 001020ae 00 undefined100h [142] 001020af 00 undefined100h [143] 001020b0 05 undefined105h [144] 001020b1 00 undefined100h [145] 001020b2 00 undefined100h [146] 001020b3 00 undefined100h [147] 001020b4 6d undefined16Dh [148] 001020b5 00 undefined100h [149] 001020b6 00 undefined100h [150] 001020b7 00 undefined100h [151] 001020b8 90 undefined190h [152] 001020b9 00 undefined100h [153] 001020ba 00 undefined100h [154] 001020bb 00 undefined100h [155] 001020bc 3e undefined13Eh [156] 001020bd 00 undefined100h [157] 001020be 00 undefined100h [158] 001020bf 00 undefined100h [159] 001020c0 7a undefined17Ah [160] 001020c1 00 undefined100h [161] 001020c2 00 undefined100h [162] 001020c3 00 undefined100h [163] 001020c4 1b undefined11Bh [164] 001020c5 00 undefined100h [165] 001020c6 00 undefined100h [166] 001020c7 00 undefined100h [167] 001020c8 69 undefined169h [168] 001020c9 00 undefined100h [169] 001020ca 00 undefined100h [170] 001020cb 00 undefined100h [171] 001020cc 23 undefined123h [172] 001020cd 00 undefined100h [173] 001020ce 00 undefined100h [174] 001020cf 00 undefined100h [175] 001020d0 1f undefined11Fh [176] 001020d1 00 undefined100h [177] 001020d2 00 undefined100h [178] 001020d3 00 undefined100h [179] 001020d4 b6 undefined1B6h [180] 001020d5 00 undefined100h [181] 001020d6 00 undefined100h [182] 001020d7 00 undefined100h [183] 001020d8 1d undefined11Dh [184] 001020d9 00 undefined100h [185] 001020da 00 undefined100h [186] 001020db 00 undefined100h [187] 001020dc bc undefined1BCh [188] 001020dd 00 undefined100h [189] 001020de 00 undefined100h [190] 001020df 00 undefined100h [191] 001020e0 98 undefined198h [192] 001020e1 00 undefined100h [193] 001020e2 00 undefined100h [194] 001020e3 00 undefined100h [195] 001020e4 d1 undefined1D1h [196] 001020e5 00 undefined100h [197] 001020e6 00 undefined100h [198] 001020e7 00 undefined100h [199] 001020e8 a6 undefined1A6h [200] 001020e9 00 undefined100h [201] 001020ea 00 undefined100h [202] 001020eb 00 undefined100h [203] 001020ec 83 undefined183h [204] 001020ed 00 undefined100h [205] 001020ee 00 undefined100h [206] 001020ef 00 undefined100h [207] 001020f0 e9 undefined1E9h [208] 001020f1 00 undefined100h [209] 001020f2 00 undefined100h [210] 001020f3 00 undefined100h [211] 001020f4 eb undefined1EBh [212] 001020f5 00 undefined100h [213] 001020f6 00 undefined100h [214] 001020f7 00 undefined100h [215] 001020f8 13 undefined113h [216] 001020f9 00 undefined100h [217] 001020fa 00 undefined100h [218] 001020fb 00 undefined100h [219] 001020fc 21 undefined121h [220] 001020fd 00 undefined100h [221] 001020fe 00 undefined100h [222] 001020ff 00 undefined100h [223] 00102100 3d undefined13Dh [224] 00102101 00 undefined100h [225] 00102102 00 undefined100h [226] 00102103 00 undefined100h [227] 00102104 f8 undefined1F8h [228] 00102105 00 undefined100h [229] 00102106 00 undefined100h [230] 00102107 00 undefined100h [231] 00102108 2b undefined12Bh [232] 00102109 00 undefined100h [233] 0010210a 00 undefined100h [234] 0010210b 00 undefined100h [235] 0010210c 79 undefined179h [236] 0010210d 00 undefined100h [237] 0010210e 00 undefined100h [238] 0010210f 00 undefined100h [239] 00102110 53 undefined153h [240] 00102111 00 undefined100h [241] 00102112 00 undefined100h [242] 00102113 00 undefined100h [243] 00102114 4f undefined14Fh [244] 00102115 00 undefined100h [245] 00102116 00 undefined100h [246] 00102117 00 undefined100h [247] 00102118 a1 undefined1A1h [248] 00102119 00 undefined100h [249] 0010211a 00 undefined100h [250] 0010211b 00 undefined100h [251]
乱数を使っているが、入力文字の積をseedとしており、0となると推測して乱数を取得して、復号する。
$ cat solve.c #include <stdio.h> #include <string.h> #include <stdlib.h> void main() { unsigned int seed = 0; int r; char flag[64]; int target[63] = {0x33, 0x84, 0x3d, 0x3f, 0x2a, 0x93, 0x7b, 0x82, 0x1a, 0xac, 0x8e, 0xf4, 0xb1, 0xcb, 0x8d, 0x21, 0x0e, 0xb7, 0x67, 0x96, 0x2c, 0x81, 0xd3, 0xbc, 0x29, 0x6c, 0x4b, 0x0d, 0x00, 0xed, 0xfd, 0xee, 0x56, 0x40, 0x52, 0xd5, 0x05, 0x6d, 0x90, 0x3e, 0x7a, 0x1b, 0x69, 0x23, 0x1f, 0xb6, 0x1d, 0xbc, 0x98, 0xd1, 0xa6, 0x83, 0xe9, 0xeb, 0x13, 0x21, 0x3d, 0xf8, 0x2b, 0x79, 0x53, 0x4f, 0xa1}; srand(seed); for (int i; i<0x3f; i++) { r = rand() % 256; flag[i] = r ^ target[i]; } printf("%s\n", flag); } $ gcc solve.c -o solve $ ./solve TBTL{l1n3a4_C0ngru3n7i41_6en3r4t0r_b453d_Fl4G_Ch3ckEr_G03z_8rr}
TBTL{l1n3a4_C0ngru3n7i41_6en3r4t0r_b453d_Fl4G_Ch3ckEr_G03z_8rr}
Fence Building (Crypto)
Rail Fence Cipher。https://www.dcode.fr/rail-fence-cipherで復号する。レールの数は4で、復号できた。
TBTL{G00d_F3nce5_m4k3_g00D_n31ghb0ur5}
School Essay (Crypto)
Tonelli-Shanks Algorithmを使って、Modulo上の平方根を求める。
#!/usr/bin/env python3 from Crypto.Util.number import * def legendre(a, p): return pow(a, (p - 1) // 2, p) def tonelli_shanks(a, p): if legendre(a, p) != 1: raise Exception("not a square (mod p)") q = p - 1 s = 0 while q % 2 == 0: q >>= 1 s += 1 for z in range(2, p): if legendre(z, p) == p - 1: break m = s c = pow(z, q, p) t = pow(a, q, p) r = pow(a, (q + 1) // 2, p) t2 = 0 while True: if t == 0: return 0 if t == 1: return r t2 = (t * t) % p for i in range(1, m): if t2 % p == 1: break t2 = (t2 * t2) % p b = pow(c, 1 << (m - i - 1), p) m = i c = (b * b) % p t = (t * c) % p r = (r * b) % p N = 59557942237937483757629838075432240015613811860811898821186897952866236010569299041278104165604573 value_1 = 34994952631013563439857468985559745199379391295940238707110695903159545061311344766055629477728657 m = tonelli_shanks(value_1, N) ms = [m, N - m] for m in ms: flag = long_to_bytes(m) if flag.startswith(b'TBTL'): flag = flag.decode() print(flag) break
TBTL{J0hn_J4c0b_J1n6leH31mer_Schm1d7_<3}
Wikipedia Signatures (Crypto)
サーバの処理概要は以下の通り。
・TARGET = b'I challenge you to sign this message!' ・rsa_key: 1024ビット鍵 ・public_key = (rsa_key.n, rsa_key.e) ・public_keyを表示 ・以下10回繰り返し ・line: 入力 ・action: lineのスペース区切りの1個目 ・data: lineのスペース区切りの2個目 ・actionが1の場合 ・res = wikipedia_verify(TARGET, data, rsa_key.n, rsa_key.e) ・pow(data, e, n)がTARGETの数値化したものと一致している場合はTrueを返却 ・pow(data, e, n)がTARGETの数値化したものと一致していない場合はFalseを返却 ・resがTrueの場合、フラグを表示して終了 ・resがFalseの場合、エラーメッセージを表示 ・actionが2の場合 ・dataをrsa_key.nで割った余りがTARGETの数値化したものと一致している場合、エラーメッセージを表示 ・dataをrsa_key.nで割った余りがTARGETの数値化したものと一致していない場合 ・sig = wikipedia_sign(data, rsa_key.n, rsa_key.d) ・pow(data, d, n)を返却 ・sigを表示
TARGETを数値化したものを因数分解して、それぞれを復号したものの積がTARGETを復号したものになる。このことを使って、条件を満たし、フラグを表示させる。
#!/usr/bin/env python3 import socket from Crypto.Util.number import * def recvuntil(s, tail): data = b'' while True: if tail in data: return data.decode() data += s.recv(1) TARGET = b'I challenge you to sign this message!' i_TARGET = bytes_to_long(TARGET) for i in range(2, 1024): if i_TARGET % i == 0: t0 = i t1 = i_TARGET // i break s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect(('0.cloud.chals.io', 31148)) data = recvuntil(s, b'\n').rstrip() print(data) n, e = eval(data.split(': ')[1]) data = recvuntil(s, b'RSA\n').rstrip() print(data) payload = '2' + ' ' + str(t0) data = recvuntil(s, b'> ') print(data + payload) s.sendall(payload.encode() + b'\n') data = recvuntil(s, b'\n').rstrip() print(data) m0 = int(data) payload = '2' + ' ' + str(t1) data = recvuntil(s, b'> ') print(data + payload) s.sendall(payload.encode() + b'\n') data = recvuntil(s, b'\n').rstrip() print(data) m1 = int(data) m = (m0 * m1) % n payload = '1' + ' ' + str(m) data = recvuntil(s, b'> ') print(data + payload) s.sendall(payload.encode() + b'\n') data = recvuntil(s, b'\n').rstrip() print(data)
実行結果は以下の通り。
RSA public key: (156543786784601934234963778417015994007333613098782281489068694290445799504786682782436855276636412905968105400201347307189484718202880889023981474944541012213465267875216760672853383519529257040438105390454203568842903094907937131383194986899073148215293170209348330139099594510080233845415837484880899895837, 65537)
Options:
1 <sig> -- Submit signature for b'I challenge you to sign this message!' and win
2 <msg> -- Sign any other message using wikipedia-RSA
> 2 29
156109323516426834646000276787347076409723364364415074920900690621699887701950463758642952786494924447541431001689938831237392605929562363319922980754833612248091308583310860711542175362379307402700432872200055223008242633432471174914206069597495244612588458868212598016904763268693819465315750118315647974383
> 2 1254052276657957635992599386432327037189685919760116725060825167234229855917162350047701
38792628231158083306296814780765682468134267238548428530869738282966159972288225664625217198962001306703135896975295619891815770213233859460051855245148682867928142272323842284408528299630747929219264429903520971170630209401463936183607595268619005743566863581404366441926702482694225227006520132293669494315
> 1 152424764722853289751556231542150953378914209330580678523081022040512587959421930143239095264853113089012474821135537278396713781696812592525137969547438634544200002904952420239858294244190237056183068517520131818729044997091191322097872565776971151000230460489079730710791594115964748011905201128329211558179
b'TBTL{r3p347_4f73r_m3-d16174l_516n47ur3_15_n07_3ncryp710n}'
TBTL{r3p347_4f73r_m3-d16174l_516n47ur3_15_n07_3ncryp710n}
