-
Notifications
You must be signed in to change notification settings - Fork 56
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Adding InCTFi 2021 challenge sources
- Loading branch information
1 parent
a68b94b
commit d1b987a
Showing
2,354 changed files
with
225,164 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| inctf{w0w_DH_15_5o_c00l!_3c9cdad74c27d1fc} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,33 @@ | ||
| import hashlib, pickle | ||
| from Crypto.Cipher import AES | ||
| from Crypto.Util.Padding import unpad | ||
| from tqdm import trange | ||
|
|
||
| val = pickle.load(open('enc.pickle', 'rb')) | ||
|
|
||
| def decrypt(msg, iv, key): | ||
| key = hashlib.sha256(str(key).encode()).digest()[:16] | ||
| cipher = AES.new(key, AES.MODE_CBC, iv) | ||
| try: | ||
| out = unpad(cipher.decrypt(msg), 16) | ||
| assert b'inctf{' in out | ||
| return out | ||
| except: | ||
| return False | ||
|
|
||
| def main(EC, val): | ||
| G = EC.gens()[0] | ||
| cip = bytes.fromhex(val['cip']) | ||
| iv = bytes.fromhex(val['iv']) | ||
| for i in trange(420462, 1040400): | ||
| P = i*G | ||
| ret = decrypt(cip, iv, P.xy()[0]) | ||
| if ret!=False: | ||
| return ret | ||
|
|
||
| if __name__ == '__main__': | ||
| p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF | ||
| a = p - 3 | ||
| b = 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B | ||
| EC = EllipticCurve(GF(p), [a, b]) | ||
| print(main(EC, val)) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,40 @@ | ||
|
|
||
|
|
||
| # This file was *autogenerated* from the file sol.sage | ||
| from sage.all_cmdline import * # import sage library | ||
|
|
||
| _sage_const_16 = Integer(16); _sage_const_0 = Integer(0); _sage_const_420462 = Integer(420462); _sage_const_1040400 = Integer(1040400); _sage_const_0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF = Integer(0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF); _sage_const_3 = Integer(3); _sage_const_0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B = Integer(0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B) | ||
| import hashlib, pickle | ||
| from Crypto.Cipher import AES | ||
| from Crypto.Util.Padding import unpad | ||
| from tqdm import trange | ||
|
|
||
| val = pickle.load(open('enc.pickle', 'rb')) | ||
|
|
||
| def decrypt(msg, iv, key): | ||
| key = hashlib.sha256(str(key).encode()).digest()[:_sage_const_16 ] | ||
| cipher = AES.new(key, AES.MODE_CBC, iv) | ||
| try: | ||
| out = unpad(cipher.decrypt(msg), _sage_const_16 ) | ||
| assert b'inctf{' in out | ||
| return out | ||
| except: | ||
| return False | ||
|
|
||
| def main(EC, val): | ||
| G = EC.gens()[_sage_const_0 ] | ||
| cip = bytes.fromhex(val['cip']) | ||
| iv = bytes.fromhex(val['iv']) | ||
| for i in trange(_sage_const_420462 , _sage_const_1040400 ): | ||
| P = i*G | ||
| ret = decrypt(cip, iv, P.xy()[_sage_const_0 ]) | ||
| if ret!=False: | ||
| return ret | ||
|
|
||
| if __name__ == '__main__': | ||
| p = _sage_const_0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF | ||
| a = p - _sage_const_3 | ||
| b = _sage_const_0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B | ||
| EC = EllipticCurve(GF(p), [a, b]) | ||
| print(main(EC, val)) | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,42 @@ | ||
| import os, hashlib, pickle | ||
| from Crypto.Cipher import AES | ||
| from Crypto.Util.Padding import pad, unpad | ||
|
|
||
| key = os.urandom(4) | ||
| FLAG = open('flag.txt', 'rb').read() | ||
| p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF | ||
| a = p - 3 | ||
| b = 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B | ||
|
|
||
| def gen_key(G, pvkey): | ||
| G = sum([i*G for i in pvkey]) | ||
| return G | ||
|
|
||
| def encrypt(msg, key): | ||
| key = hashlib.sha256(str(key).encode()).digest()[:16] | ||
| cipher = AES.new(key, AES.MODE_CBC, os.urandom(16)) | ||
| return {'cip': cipher.encrypt(pad(msg, 16)).hex(), 'iv': cipher.IV.hex()} | ||
|
|
||
| def gen_bob_key(EC, G): | ||
| bkey = os.urandom(4) | ||
| B = gen_key(G, bkey) | ||
| return B, bkey | ||
|
|
||
| def main(): | ||
| EC = EllipticCurve(GF(p), [a, b]) | ||
| G = EC.gens()[0] | ||
| # Bx = int(input("Enter Bob X value: ")) | ||
| # By = int(input("Enter Bob Y value: ")) | ||
| # B = EC(Bx, By) | ||
| B, bkey = gen_bob_key(EC, G) | ||
| P = gen_key(G, key) | ||
| SS = gen_key(B, key) | ||
| assert sum(bkey)*sum(key)*G == SS | ||
| print(sum(bkey)*sum(key)) | ||
| cip = encrypt(FLAG, SS.xy()[0]) | ||
| cip['G'] = str(G) | ||
| return cip | ||
|
|
||
| if __name__ == '__main__': | ||
| cip = main() | ||
| pickle.dump(cip, open('enc.pickle', 'wb')) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,49 @@ | ||
|
|
||
|
|
||
| # This file was *autogenerated* from the file test.sage | ||
| from sage.all_cmdline import * # import sage library | ||
|
|
||
| _sage_const_4 = Integer(4); _sage_const_0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF = Integer(0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF); _sage_const_3 = Integer(3); _sage_const_0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B = Integer(0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B); _sage_const_16 = Integer(16); _sage_const_0 = Integer(0) | ||
| import os, hashlib, pickle | ||
| from Crypto.Cipher import AES | ||
| from Crypto.Util.Padding import pad, unpad | ||
|
|
||
| key = os.urandom(_sage_const_4 ) | ||
| FLAG = open('flag.txt', 'rb').read() | ||
| p = _sage_const_0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF | ||
| a = p - _sage_const_3 | ||
| b = _sage_const_0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B | ||
|
|
||
| def gen_key(G, pvkey): | ||
| G = sum([i*G for i in pvkey]) | ||
| return G | ||
|
|
||
| def encrypt(msg, key): | ||
| key = hashlib.sha256(str(key).encode()).digest()[:_sage_const_16 ] | ||
| cipher = AES.new(key, AES.MODE_CBC, os.urandom(_sage_const_16 )) | ||
| return {'cip': cipher.encrypt(pad(msg, _sage_const_16 )).hex(), 'iv': cipher.IV.hex()} | ||
|
|
||
| def gen_bob_key(EC, G): | ||
| bkey = os.urandom(_sage_const_4 ) | ||
| B = gen_key(G, bkey) | ||
| return B, bkey | ||
|
|
||
| def main(): | ||
| EC = EllipticCurve(GF(p), [a, b]) | ||
| G = EC.gens()[_sage_const_0 ] | ||
| # Bx = int(input("Enter Bob X value: ")) | ||
| # By = int(input("Enter Bob Y value: ")) | ||
| # B = EC(Bx, By) | ||
| B, bkey = gen_bob_key(EC, G) | ||
| P = gen_key(G, key) | ||
| SS = gen_key(B, key) | ||
| assert sum(bkey)*sum(key)*G == SS | ||
| print(sum(bkey)*sum(key)) | ||
| cip = encrypt(FLAG, SS.xy()[_sage_const_0 ]) | ||
| cip['G'] = str(G) | ||
| return cip | ||
|
|
||
| if __name__ == '__main__': | ||
| cip = main() | ||
| pickle.dump(cip, open('enc.pickle', 'wb')) | ||
|
|
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,39 @@ | ||
| import os, hashlib, pickle | ||
| from Crypto.Cipher import AES | ||
| from Crypto.Util.Padding import pad, unpad | ||
|
|
||
| key = os.urandom(4) | ||
| FLAG = open('flag.txt', 'rb').read() | ||
| p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF | ||
| a = p - 3 | ||
| b = 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B | ||
|
|
||
| def gen_key(G, pvkey): | ||
| G = sum([i*G for i in pvkey]) | ||
| return G | ||
|
|
||
| def encrypt(msg, key): | ||
| key = hashlib.sha256(str(key).encode()).digest()[:16] | ||
| cipher = AES.new(key, AES.MODE_CBC, os.urandom(16)) | ||
| return {'cip': cipher.encrypt(pad(msg, 16)).hex(), 'iv': cipher.IV.hex()} | ||
|
|
||
| def gen_bob_key(EC, G): | ||
| bkey = os.urandom(4) | ||
| B = gen_key(G, bkey) | ||
| return B, bkey | ||
|
|
||
| def main(): | ||
| EC = EllipticCurve(GF(p), [a, b]) | ||
| G = EC.gens()[0] | ||
| Bx = int(input("Enter Bob X value: ")) | ||
| By = int(input("Enter Bob Y value: ")) | ||
| B = EC(Bx, By) | ||
| P = gen_key(G, key) | ||
| SS = gen_key(B, key) | ||
| cip = encrypt(FLAG, SS.xy()[0]) | ||
| cip['G'] = str(G) | ||
| return cip | ||
|
|
||
| if __name__ == '__main__': | ||
| cip = main() | ||
| pickle.dump(cip, open('enc.pickle', 'wb')) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,33 @@ | ||
| # Eazy Xchange | ||
|
|
||
| ### Description | ||
|
|
||
| My older brother found a new way to implement the DH Key Exchange. I tried my best to recreate his method. Hope I didn't make a mistake... | ||
|
|
||
| **Challenge file**: | ||
| + [Google Drive](https://drive.google.com/file/d/1ecoAFhDc2rfUgrFbnXykoxveUqAWNGZI/view?usp=sharing) | ||
| + [Mega](https://mega.nz/file/BjZmkRLJ#EV13r061yTDGH6638AADdnPlRlz0sOeDf6VoB9EZ7cI) | ||
|
|
||
| **MD5 Hash**: `src.zip 677edcba5b74a91d090abb46cfffb095` | ||
|
|
||
| ### Short Writeup | ||
|
|
||
| * Challenge Files given:- | ||
| - main.sage | ||
| - enc.pickle | ||
|
|
||
| * The challenge describes a Diffie-Hellman Key Exchange using ECC. | ||
|
|
||
| * The flaw in the system is in the **exponentiation** of the private key with the public key. | ||
|
|
||
| * Instead of using a large variable the function multiplies bytes and adds them together. This results in a reduced size key than expected. | ||
|
|
||
| * The key can easily be brute-forced in \~5mins. | ||
|
|
||
| ### Flag | ||
|
|
||
| `inctf{w0w_DH_15_5o_c00l!_3c9cdad74c27d1fc}` | ||
|
|
||
| ### Author | ||
|
|
||
| Alekh (xxMajinxx) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,50 @@ | ||
| cmake_minimum_required (VERSION 3.5.1) | ||
|
|
||
| ### To use gcc/g++ on a Macintosh, you must set the Compilers | ||
| ### here, not inside the project | ||
| ##if(APPLE) | ||
| ## set(CMAKE_C_COMPILER "/usr/local/bin/gcc-7") | ||
| ## set(CMAKE_CXX_COMPILER "/usr/local/bin/g++-7") | ||
| ##endif() | ||
| ### TODO: for now, we use CLang for Mac | ||
| ### | ||
| ### In order to create PALISADE's static libraries you should enable | ||
| ### the BUILD_STATIC option. For that, you run "cmake .. -DBUILD_STATIC=ON". | ||
| ### After having your link completed you will find static libs | ||
| ### with the suffix "_static" in ./build/libs/. | ||
| ### Examples: PALISADEpke_static.a, PALISADEcore_static.a, etc. | ||
| ### After you run "make install" in your build directory, you can build your custom application. | ||
| ### If you need your application to be linked statically, then run "cmake .. -DBUILD_STATIC=ON" | ||
|
|
||
| project(demo CXX) | ||
| set(CMAKE_CXX_STANDARD 11) | ||
| option( BUILD_STATIC "Set to ON to include static versions of the library" OFF) | ||
|
|
||
| find_package(Palisade) | ||
|
|
||
| set( CMAKE_CXX_FLAGS ${PALISADE_CXX_FLAGS} ) | ||
|
|
||
| include_directories( ${OPENMP_INCLUDES} ) | ||
| include_directories( ${PALISADE_INCLUDE} ) | ||
| include_directories( ${PALISADE_INCLUDE}/third-party/include ) | ||
| include_directories( ${PALISADE_INCLUDE}/core ) | ||
| include_directories( ${PALISADE_INCLUDE}/pke ) | ||
| ### add directories for other PALISADE modules as needed for your project | ||
|
|
||
| link_directories( ${PALISADE_LIBDIR} ) | ||
| link_directories( ${OPENMP_LIBRARIES} ) | ||
| if(BUILD_STATIC) | ||
| set( CMAKE_EXE_LINKER_FLAGS "${PALISADE_EXE_LINKER_FLAGS} -static") | ||
| link_libraries( ${PALISADE_STATIC_LIBRARIES} ) | ||
| else() | ||
| set( CMAKE_EXE_LINKER_FLAGS ${PALISADE_EXE_LINKER_FLAGS} ) | ||
| link_libraries( ${PALISADE_SHARED_LIBRARIES} ) | ||
| endif() | ||
|
|
||
| ### ADD YOUR EXECUTABLE(s) HERE | ||
| ### add_executable( EXECUTABLE-NAME SOURCES ) | ||
| ### | ||
| ### EXAMPLE: | ||
| ### add_executable( test demo-simple-example.cpp ) | ||
| #add_executable( fhe homomorphic_system.cpp) | ||
| add_executable( chall level.cpp) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,73 @@ | ||
| # sudo docker build -t encrypted-operations . | ||
| # sudo docker run -d -p 1221:1221 --rm encrypted-operations | ||
|
|
||
| FROM ubuntu:20.04 | ||
|
|
||
| RUN apt-get -y update && \ | ||
| apt-get -y upgrade | ||
|
|
||
| RUN apt-get -y install sudo | ||
|
|
||
| RUN useradd -m build | ||
| RUN echo "build:build" | chpasswd && adduser build sudo | ||
|
|
||
| ARG repository="palisade-development" | ||
| ARG branch=master | ||
| ARG tag=master | ||
| ARG CC_param=/usr/bin/gcc-10 | ||
| ARG CXX_param=/usr/bin/g++-10 | ||
| ARG no_threads=4 | ||
|
|
||
| ENV DEBIAN_FRONTEND=noninteractive | ||
| ENV CC $CC_param | ||
| ENV CXX $CXX_param | ||
|
|
||
| #install pre-requisites for PALISADE | ||
| RUN apt update && apt install -y git \ | ||
| build-essential \ | ||
| gcc-10 \ | ||
| g++-10 \ | ||
| cmake \ | ||
| autoconf \ | ||
| clang-10 \ | ||
| libomp5 \ | ||
| libomp-dev \ | ||
| doxygen \ | ||
| graphviz \ | ||
| libboost-all-dev=1.71.0.0ubuntu2 | ||
|
|
||
| RUN apt-get clean && rm -rf /var/lib/apt/lists/* | ||
|
|
||
| #git clone the palisade-development repository and its submodules (this always clones the most latest commit) | ||
| RUN git clone https://gitlab.com/palisade/$repository.git && cd $repository && git checkout $branch && git checkout $tag && git submodule sync --recursive && git submodule update --init --recursive | ||
|
|
||
| #installing PALISADE and running tests | ||
| RUN mkdir /$repository/build && cd /$repository/build && cmake .. && make -j $no_threads && sudo make install && make testall | ||
|
|
||
| ##########################3 | ||
|
|
||
| ADD ynetd /home/build | ||
| ADD flag.txt /home/build | ||
| ADD run.sh /home/build | ||
|
|
||
| ADD CMakeLists.txt /home | ||
| ADD homomorphic_system.cpp /home | ||
| ADD level.cpp /home | ||
| ADD utils.cpp /home | ||
|
|
||
| WORKDIR /home/build | ||
|
|
||
| RUN chown -R root:root /home/build | ||
|
|
||
| RUN cmake .. | ||
| RUN make | ||
|
|
||
| RUN chmod +x run.sh | ||
| RUN chmod +x ynetd | ||
|
|
||
| USER build | ||
| EXPOSE 1221 | ||
|
|
||
| CMD ./ynetd -p 1221 ./run.sh | ||
|
|
||
|
|
Oops, something went wrong.