Skip to content

Instantly share code, notes, and snippets.

View hellman's full-sized avatar
🍊

Aleksei Udovenko hellman

🍊
653 followers · 26 following
View GitHub Profile
@hellman
hellman / lost_modulus_again.ipynb
Last active October 14, 2019 13:56
Hitcon CTF 2019 Quals - Lost Modulus Again
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
@hellman
hellman / 0_challenge_sol.md
Last active March 1, 2024 10:54
Balsn CTF 2019 - pyshv1,2,3 (misc)

pyshv1 (572)

The challenge contains two modules:

# File: securePickle.py

import pickle, io

whitelist = []
@hellman
hellman / 0_challenge_sol.md
Last active October 7, 2019 19:41
Balsn CTF 2019 - listcomp ppm (programming)

listcomp ppm (371)

Solve 3 super easy list-comp challenges!!! Short! Shorter!! Shortest!!!

nc easiest.balsnctf.com 9487

UPDATE: the challenge runs by python3.6 UPDATE: the original code should already be list comprehension

Question 1

@hellman
hellman / 0_writeup.md
Last active October 18, 2019 07:20
Balsn CTF 2019 - Collision (crypto)

In this challenge we see a password-verification program. The password is quite long:

assert 16 < len(passwd) < 70

The first few checks verify md5, sha1 and sha3_224 digests. Due to long password, it is unlikely to use them to recover the password. Then, three transformations applied aiming to "destroy" the password: exponentiation modulo a prime, iterated encryption with DES and AES. Though, it is easy to see that they are trivially invertible. For the final "destroyed" value, the omnihash tool is used, which checks the password using 72 different hash functions, including many CRC variants. We are given the digests of these functions in the hash.json file.

CRC functions are totally not cryptographically secure: they are affine functions. Therefore, we can efficiently use them to deduce information about the hashed value. One may try to use the definition of CRC functions as modular reductions in the ring of polynomials over GF(2) and use the Chinese Remainder Theorem to reconstruct the va

@hellman
hellman / solve_with_angr.py
Last active October 4, 2019 08:37
PwnThyBytes 2019 CTF - Primitive Obsession
#!/usr/bin/env python3
'''
time python3 solve.py
35 minutes
'''
import angr
import claripy
import hashlib
# checking functions
@hellman
hellman / 1_trace.py
Created September 30, 2019 08:40
PwnThyBytes 2019 CTF - unconventional
"""
echo pass | TRACE=trace1 time gdb -x script.py -batch ./unconventional >/dev/null
~1 minute
"""
import gdb, re, os
gdb.execute('break *0x40542f')
gdb.execute('run')
f = open(os.environ["TRACE"], "w")
@hellman
hellman / 1_solve.c
Last active October 4, 2019 08:37
PwnThyBytes 2019 CTF - avec
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <stdint.h>
#include <unistd.h>
#include <assert.h>
#include <openssl/aes.h>
/*
gcc -O3 solve.c -L. -lghash_clmul -lcrypto -o solve
@hellman
hellman / 1_solution.py
Last active October 4, 2019 08:37
PwnThyBytes 2019 CTF - LOTR
#-*- coding:utf-8 -*-
# python3 adaptation...
from __future__ import print_function, division
from sage.all import *
# begin copy paste ================
import hashlib
f = open('gov_officials_PK.txt','r')
@hellman
hellman / rsa_privleak_halflsb.py
Created May 13, 2019 06:41
RSA with half least significant bits of d leaked (optimized for larger e)
#-*- coding:utf-8 -*-
from sage.all import *
BITS = 2048
NLEAK = 1024-22
# E = 0x10001
E = next_prime(2**22)
print "E", E
@hellman
hellman / 0_sol.ipynb
Last active April 10, 2019 08:47
Midnight Sun CTF 2019 Quals - open-gyckel-krypto
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.