2tp

Category: Cryptography

Points: 144

Description: Venez tester notre chiffreur universel ! Nous utilisons des technologies de pointe, garanties inviolables ! Pour preuve, nous vous donnons le flag chiffré et jamais vous ne pourrez le retrouver. nc challenges.ecsc-teamfrance.fr 2000

Files: None

TL;DR

A server gives us the flag encrypted with AES-GSM and allows us to send it a string that it returns to us encrypted. Sending a null byte allows us to xor the returned key with the encrypted flag to recover it.

Methodology

A first connection to the server gives us the flag encrypted with AES-GSM and asks us to send it a string to encrypt it.

>_ nc challenges.ecsc-teamfrance.fr 2000

Welcome to our state-of-the-art encryption service!
We use PBKDF2 and AES-GCM!
As an example, here is the encrypted flag: 7b656d3993152e8f04f8273ca1509e27a3e39249cf4784e23b81d5f2524fee75f6b28a6a07a128e4880e770bc70b32bd7d5f37bb5eba76d38edb8d1964733b
Now, enter your text: 

Out of curiosity we send a string with the flag format ECSC{.

Now, enter your text: ECSC{givemetheflag

Here is your ciphertext: 7b656d399316709c51ad727af0079c72f7e2f5849a0dc411487c8845081b3fb04601

We notice that the first 7 chars of the ciphertext returned are the same as the encrypted flag and when we send several times the same string we get the same result.

Interesting !

Interesting

It is assumed that the key used for encryption is always the same.

It is possible to find it by sending a null byte to make a xor of the key on the flag.

We send null bytes so that they are longer than the flag:

>_ cat get_key.py
#!/usr/bin/env python3

from pwn import *

HOST = 'challenges.ecsc-teamfrance.fr'
PORT = 2000

m = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"

r = remote(HOST, PORT)

rep = r.recvuntil('Now, enter your text: ').decode('UTF-8')
print(rep)

rep = m
print(rep)

r.send(rep+"\n")
rep = r.recv().decode("UTF-8")
print(rep)

r.close()
>_ ./get_key.py
[+] Opening connection to challenges.ecsc-teamfrance.fr on port 2000: Done
Welcome to our state-of-the-art encryption service!
We use PBKDF2 and AES-GCM!
As an example, here is the encrypted flag: 7b656d3993152e8f04f8273ca1509e27a3e39249cf4784e23b81d5f2524fee75f6b28a6a07a128e4880e770bc70b32bd7d5f37bb5eba76d38edb8d1964733b

Now, enter your text: 
\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00

Here is your ciphertext: 3e263e7ae87119ea34c0170e9862fa1e9685a37afe22b4d509b5e4936b778a16c0d1bb0b669018d6bf374f33fe763835b874bfe06b31923fd2a58905290add80aaed75d00a519f33037203e1801cb26f8fd01b427f566d14a75e344320f6f42355b18c6435c829c0

[*] Closed connection to challenges.ecsc-teamfrance.fr port 2000

Now that we have the key, all we have to do is make a xor.

>_ cat xor.py
#!/usr/bin/env python3
import binascii

enc_flag = binascii.unhexlify("7b656d3993152e8f04f8273ca1509e27a3e39249cf4784e23b81d5f2524fee75f6b28a6a07a128e4880e770bc70b32bd7d5f37bb5eba76d38edb8d1964733b")
key = binascii.unhexlify("3e263e7ae87119ea34c0170e9862fa1e9685a37afe22b4d509b5e4936b778a16c0d1bb0b669018d6bf374f33fe763835b874bfe06b31923fd2a58905290add80aaed75d00a519f33037203e1801cb26f8fd01b427f566d14a75e344320f6f42355b18c6435c829c0")

#Xor func
flag = bytearray(len(enc_flag))
for i in range(len(enc_flag)):
    flag[i] = enc_flag[i] ^ key[i]

print (flag.decode("ISO-8859-1"))
>_ ./xor.py
ECSC{d7e080292d95f131e07241a98dc6c1aa10279889}
Å+[5äì\\~Myæ

FLAG_IS:

ECSC{d7e080292d95f131e07241a98dc6c1aa10279889}