I hereby claim:
- I am lense on github.
- I am lense (https://keybase.io/lense) on keybase.
- I have a public key whose fingerprint is CDC6 56E1 4573 D016 91CB 4E35 4596 4BC9 C3E2 AFE3
To claim this, I am signing this object:
Lense
/ keybase.md
Created
August 13, 2014 17:43
Lense
/ Automate_Steam_linkfilter.user.js
Last active
August 29, 2015 14:05
Userscript to automate Steam linkfilter
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // ==UserScript== | |
| // @name Automate Steam linkfilter | |
| // @namespace https://github.com/lense | |
| // @description Skip the Steam link filter on trusted domains | |
| // @include https://steamcommunity.com/linkfilter/?url=* | |
| // @version 1 | |
| // @grant none | |
| // @run-at document-start | |
| // ==/UserScript== |
Extract the key!
Written by RyanWithZombies
Update: The key is not "flag{ don't trust the Cheshire cat!! he works for the Queen of Hearts }". Sorry about that. It's an artifact from an easier version of this challenge. You need to extract key.jpg.
HINT:
CSAWLZ is a completely custom format! You won't find decompressing tools on the internet. We made it just for you. :)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Preface: | |
| # I'm not putting this online because I think it's a particularly good | |
| # solution--it's buggy and thrown together. I'm instead uploading it because | |
| # of the sheer amount of time I spent on it. Making it public makes me feel | |
| # better for wasting 12 or so hours of my life on this problem, to not even | |
| # end up getting points for it. 6 of those were after getting the flag, but | |
| # uppercase instead of lowercase. A significant amount of time was also spent | |
| # trying to use the built in parser of rubinius to at least dump the rbc | |
| # instructions, but I have no idea how to write Ruby, and eventually decided | |
| # it would be easier to rewrite everything rather than do anything in Ruby. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #/usr/bin/env python | |
| from Crypto.PublicKey import RSA, DSA | |
| from Crypto.Random import random, atfork | |
| from Crypto.Cipher import PKCS1_OAEP | |
| import SocketServer,threading,os,time | |
| import socket | |
| from priv import privkey, privkey_enc |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # https://github.com/pablocelayes/rsa-wiener-attack | |
| import RSAwienerHacker | |
| def int2ascii(n): | |
| # Cut off 0x and L | |
| h = hex(n)[2:-1] | |
| # Convert each hex byte to ascii char | |
| return "".join([chr(int(h[i:i+2], 16)) for i in range(0, len(h), 2)]) |
First thing I did was figure out that it was a git repo, search Google for how to extract the code, and run
git archive master | tar x -C code. It asks for 2 prime factors of a number which doesn't have exactly 2 prime factors, from
which it can be assumed that something was wrong with the code.
Running git fsck (after more Google searching) showed 3 hashes not matching up, which means that the hash of the file contents
(plus header metadata) didn't match the filename. I then read https://git-scm.com/book/en/v2/Git-Internals-Git-Objects (side-note: the Pro Git book is a fantastic introduction to and reference for git).
3 Files are corrupted: sharp.cpp in each of the 3 commits (see git log).
Then I tool a leap of faith and assumed that a single byte was wrong (corrupted, hence the SATA controller comment) in each blob, and wrote a script to brute force it. It worked for first one, and then doom had to remind me to propagate the changes: the first
We found these System/360 punch cards and we need to extract the data. We already read the data off for you.
It looks encrypted. Can you help?
HINT: This is actually encrypted. With technology and techniques that were available in 1965
HINT: https://gist.github.com/withzombies/40554f02d6c7055fb0bc punchout.tar.xz-24504ddc1e81092010497ee49fc52e1c
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| SOLARIZED HEX 16/8 TERMCOL XTERM/HEX L*A*B RGB HSB | |
| --------- ------- ---- ------- ----------- ---------- ----------- ----------- | |
| base03 #002b36 8/4 brblack 234 #1c1c1c 15 -12 -12 0 43 54 193 100 21 | |
| base02 #073642 0/4 black 235 #262626 20 -12 -12 7 54 66 192 90 26 | |
| base01 #586e75 10/7 brgreen 240 #585858 45 -07 -07 88 110 117 194 25 46 | |
| base00 #657b83 11/7 bryellow 241 #626262 50 -07 -07 101 123 131 195 23 51 | |
| base0 #839496 12/6 brblue 244 #808080 60 -06 -03 131 148 150 186 13 59 | |
| base1 #93a1a1 14/4 brcyan 245 #8a8a8a 65 -05 -02 147 161 161 180 9 63 | |
| base2 #eee8d5 7/7 white 254 #e4e4e4 92 -00 10 238 232 213 44 11 93 | |
| base3 #fdf6e3 15/7 brwhite 230 #ffffd7 97 00 10 253 246 227 44 10 99 |
###Good writeup is at https://github.com/p4-team/ctf/tree/master/2015-12-05-seccon/paillier_crypto_200#eng-version
I use the fact that h=co (mod n*n) to brute force n, which took around 45 minutes.
Then I factor n to get p and q, and make into phi.
Then I plug everything into the "simpler variant" on https://en.wikipedia.org/wiki/Paillier_cryptosystem
OlderNewer