GiongfNef
  • 📧Readme
  • 💰Bug Bounty
    • Business Logic: Bypass 2FA to ATO
    • 1 Click Account Take Over
  • 🥑CVE
    • CVE-2024-40492: Stored XSS to ATO
    • CVE-2023-5311
  • ☕Writeup CTF
    • Crypto
      • dvCTF 2022
      • Crew CTF 2022
      • ångstromCTF 2022
      • picoCTF 2022 + wscCTF 2022
      • Securinets CTF Quals 2022
      • NsuCrypto
      • KMA chall 2022
      • SEETF 2022
      • just CTF 2022
      • zer0pts CTF 2022
    • Web
      • ASCIS 2022 - warm up
      • RISEC CTF + UMass CTF 2022
      • LIT 2022
      • UIUCTF 2022
      • nullcon CTF2022
      • 🎃Hack The Boo 2022
    • Writeup Intigriti challenge-0923
  • 🍄Linh tinh ký sự
    • 📚Books
    • note linh tinh
      • 🐞Bug logic Shopee: Giảm 5-10% khi mua sản phẩm ?
      • 💎Financial Aid Application for Coursera
  • 🫖Wargame && Others
    • 🍀OverTheWire: Bandit
      • 🌱OverTheWire: Bandit 2022 (new)
      • 🍃OverTheWire: (old) - Bandit
      • Writeup EVABSv5.apk (12levels)
    • 📲Android
      • 📲Writeup EVABSv5.apk (Solution 12 levels)
      • 🎮Writeup droids PicoCTF - (Solution 5 levels)
    • 🌵Rootme
      • 🏝️Web - Server
      • 📟App - System
        • 🎰ELF x86 - Format string bug basic 1
        • 🐰ELF x86 - Stack buffer overflow basic 1
        • 🦊ELF x86 - Stack buffer overflow basic 2
        • 🐻ELF x86 - Stack buffer overflow basic 3
        • 🐼ELF x86 - Stack buffer overflow basic 4
        • 🐧ELF x86 - Stack buffer overflow basic 6
    • 🏆Pentest
    • 🖇️Blockchain
Powered by GitBook
On this page
  • picoCTF 2022
  • Crypto
  • Web
  • wscCTF 2022
  • Crypto
  • Web
Edit on GitHub
  1. Writeup CTF
  2. Crypto

picoCTF 2022 + wscCTF 2022

Note : A JOURNEY TO GAIN KNOWLEDGE

picoCTF 2022

Crypto

basic-mod1

Following the decription:

Take each number mod 37 and map it to the following character set: 0-25 is the alphabet (uppercase), 26-35 are the decimal digits, and 36 is an underscore.

simple code:

m = [387 ,248 ,131 ,272 ,373, 221,161 ,110 ,91 ,359 ,390 ,50, 225 ,184 ,223 ,137 ,225 ,327, 42, 179, 220 ,365] 
import string
alpha = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'
test = [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25]
flag = ''
for i in m:
    if int(i%37) in test:
        for j in alpha:
            if alpha.index(j) == int(i%37) :
                flag += j
    elif int(i%37)!= 36:
        flag += str(int(i%37)%26)
    else:
        flag += '_'
print(flag)
#R0UND_N_R0UND_B0D5F596 

basic-mod2

Following the decription:

Take each number mod 41 and find the modular inverse for the result. Then map to the following character set: 1-26 are the alphabet, 27-36 are the decimal digits, and 37 is an underscore.

solve:

m = [145 ,126, 356, 272, 98 ,378 ,395 ,352, 392 ,215 ,446, 168 ,180 ,359 ,51, 190, 404, 209, 185, 115 ,363, 431 ,103 ] 
import string
alpha = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ '
test = [0,1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25]
flag = ''
enc = [28, 13, 21, 30, 17, 32, 30, 11, 24, 37, 7, 31, 17, 3, 37, 30, 34, 31, 1, 4, 34, 1, 1] #-1 
#     [28, 14, 22, 30, 18, 32, 30, 12, 25, 37, 8, 31, 18, 4, 37, 30, 34, 31, 2, 5, 34, 2, 2] 

for i in enc:
    if i in test:
        for j in alpha:
            if alpha.index(j) == i :
                flag += j
    elif i != 37:
        flag += str(i %27 )
    else:
        flag += '_'
print(flag)
# 1NV3R53LY_H4RD_374BE7BB

credstuff

find cultiris 's password: cvpbPGS{P7e1S_54I35_71Z3}

rot13: picoCTF{C7r1F_54V35_71M3}

morse-code

flag: picoCTF{WH47 H47H 90D W20U9H7}

rail-fence

substitution0

If you studied cryptography of Mr Tu in UIT, you could solve this chall by eyes =D

The flag is: picoCTF{5UB5717U710N_3V0LU710N_F96A338E}

substitution1

same one

flag is: picoCTF{FR3QU3NCY_4774CK5_4R3_C001_3645BEC6}

substitution2

THEFLAGISPICOCTF{N6R4M_4N41Y515_15_73D10U5_C823D467}

transposition-trial

heTfl g as iicpCTo{7F4NRP051N5_16_35P3X51N3_V8450214}1

Notice that:

  • "but every block of 3 got scrambled around!"

  • if we shift char of "iicpCTo" first [0] to [3] we can get "piciCTo" than "picoCTi" continue do that until the last char is '" i ".

some code for loving:

m ='iicpCTo{7F4NRP051N5_16_35P3X51N3_V8450214}1'

m = list(m)
def solve(s):
   s = list(s)
   for i in range(0, len(s)-1,3):
      s[i], s[i+3] = s[i+3], s[i]

   return ''.join(s)

print(solve(m)) 
#picoCTF{7R4N5P051N6_15_3XP3N51V3_58410214}i

Vigenere

decrypt Vigenere with key: "CYLAB". That's quite easy.

picoCTF{D0NT_US3_V1G3N3R3_C1PH3R_0df54reb}

diffie-hellman

  • Actually this chall want us to find key by diffie-hellman then decrypt Caesar with that key

  • However, we can brute force they key without using diffie-hellman so that this chall have been deleted in picoCTF

Very Smooth

def get_prime(state, bits):
    return next_prime(mpz_urandomb(state, bits) | (1 << (bits - 1)))

def get_smooth_prime(state, bits, smoothness=16):
    p = mpz(2)
    p_factors = [p]
    while p.bit_length() < bits - 2 * smoothness:
        factor = get_prime(state, smoothness)
        p_factors.append(factor)
        p *= factor

    bitcnt = (bits - p.bit_length()) // 2

    while True:
        prime1 = get_prime(state, bitcnt)
        prime2 = get_prime(state, bitcnt)
        tmpp = p * prime1 * prime2
        if tmpp.bit_length() < bits:
            bitcnt += 1
            continue
        if tmpp.bit_length() > bits:
            bitcnt -= 1
            continue
        if is_prime(tmpp + 1):
            p_factors.append(prime1)
            p_factors.append(prime2)
            p = tmpp + 1
            break

    p_factors.sort()

    return (p, p_factors)

flag: picoCTF{94287e17}

Sequences

Sum-O-Primes

NSA Backdoor

At this point, my ancestor told me to do anything so I won't write anything from now on,

thank you for reading!

flag: picoCTF{Yu_toi_nho_em!}

Web

Includes

Inspect HTML

Local Authority

Search source

Power Cookie

Roboto Sans

SQLiLite

wscCTF 2022

Crypto

ANYTHING

This could be encrypted with ANYTHING! wfa{oporteec_gvb_ogd}

Vernam Cipher (One Time Pad Vigenere) =>flag: WSC{VIGENERE_NOT_BAD}

RSA With The Dogs

source: gen.sage

from random import getrandbits
from Crypto.Util.number import bytes_to_long

p = random_prime(2^(1024//2),False,2^(1023//2))
q = random_prime(2^(1024//2),False,2^(1023//2))

n = p*q
phi = (p-1) * (q-1)

done = False
while not done:
    d = getrandbits(1024//4)
    if (gcd(d,phi) == 1 and 36*pow(d,4) < n):
        done = True
                

Flag = open('flag.txt').read().encode()
m=bytes_to_long(Flag)
e = Integer(d).inverse_mod(phi)
c=pow(m,e,n)
print("n =",n)
print("e =",e)
print("c =",c)

n = 80958280137410344469270793621735550547403923964041971008952114628165974409360380289792220885326992426579868790128162893145613324338067958789899179419581085862309223717281585829617191377490590947730109453817502130283318153315193437990052156404947863059961976057429879645314342452813233368655425822274689461707
e = 3575901247532182907389411227211529824636724376722157756567776602226084740339294992167070515627141715229879280406393029563498781044157896403506408797685517148091205601955885898295742740813509895317351882951244059944509598074900130252149053360447229439583686319853300112906033979011695531155686173063061146739
c = 80629080505342932586166479028264765764709326746119909040860609021743893395577080637958779561184335633322859567681317501709922573784403504695809067898870536224427948000498261469984511352960143456934810825186736399371084350678586129000118485271831798923746976704036847707653422361120164687989605124465224952493

assert(int(pow(c,d,n)) == m)

Notice: 36*pow(d,4) < n => P,Q computed with N,E (Wiener's attack)

flag: wsc{w13n3r5_wer3_bre4d_t0_hunt_b4dger5!}

EAV-Secure Diffie–Hellman?

source: key_exchange.py

from Crypto.Util.number import bytes_to_long

# I love making homespun cryptographic schemes!

def diffie_hellman():
    f = open("flag.txt", "r")
    flag = f.read()
    a = bytes_to_long(flag.encode('utf-8'))
    p = 320907854534300658334827579113595683489
    g = 3
    A = pow(g,a,p) #236498462734017891143727364481546318401

if __name__ == "__main__":
    diffie_hellman()

# EAV-Secure? What's that?

Workflow:

  • A = pow(g,a,p) of course that's discrete log, i used sage math to calculate easily and get this result:

  • Nice, let's decrypt and gonna flag

  • Hmm this one's no meaning. May i am wrong in somewhere ?

  • No, i ensure my result !

  • At this time i review the code and notice that:

f = open("flag.txt", "r")
flag = f.read()
a = bytes_to_long(flag.encode('utf-8'))
  • Implement the idea!

from Crypto.Util.number import *

flag = 67514057458967447420279566091192598301
p = 320907854534300658334827579113595683489
g = 3
A = 236498462734017891143727364481546318401
for i in range(10000000):
	flag_here = long_to_bytes(flag+(i*(p-1)))
	if b'wsc{' in flag_here:
		print(flag_here,'ehehhehhehhehe')
		break
	print(i)

After bruteforcing 8300951 times, you will get the flag :))))))

Web

Warmup: Burp

Just check history of burpsuite

We can see the redirect, send the request with cookie to get flag

SSRF 101

Notice the port, that's quite interting when private 1's port is 1001 and private2's is 10011 so that we can bypass with /ssrf?path=1/flag/

SSRF 301

dict://<user>;<auth>@<host>:<port>/d:<word>:<database>:<n>

Actually this one is standard of host and port for example:

In this situation,the host is gg.com, we connect to this one.

However, if we insert the symbol @ it will undertstand user:pass before @ and host:port after.

Now user is gg.com and fb.com is host.

payload: /ssrf?path=a@localhost:/private2:10011/flag/

Contact:

PreviousångstromCTF 2022NextSecurinets CTF Quals 2022

Last updated 2 years ago

we can you

You can code simple script as this

In my situation, i use the

Here we can see that flag may be bigger than p or flag may be add with phi(p) then after calculating modulo we'll get the same result. That is .

we can see this clearly in .

Thanks for reading. Have a good day !

❤️
tool online
tool
smooth number
guy
primefac
Fermat's little theorem
link full file
SSRF
☕
facebook
Page cover image