# LOGBOOK11 ## Task 1 In order to become a root CA we copied the openssl.cnf file to our directory, and edited it, created an empty index.txt file and a serial file with content `1000`. We then used the following command to generate the ca.crt and ca.key: ``` openssl req -x509 -newkey rsa:4096 -sha256 -days 3650 \ -keyout ca.key -out ca.crt \ -subj "/CN=www.modelCA.com/O=Model CA LTD./C=US" \ -passout pass:dees ``` ca.crt: ![](https://i.imgur.com/tiKTxrV.png) ca.key: ![](https://i.imgur.com/KkCwBj5.png) ### Question 1: What part of the certificate indicates this is a CA's certificate? We can see this is a CA certificate due to the variable CA:True in Basic Constrains section of ca.crt: ![](https://i.imgur.com/3i8fiLg.png) ### Question 2: What part of the certificate indicates this is a self-signed certificate? We know that the certificate is self assigned because the Subject Key Identifier and the Authority Key Identifier are the same in ca.crt. ![](https://i.imgur.com/cAZzqi2.png) ### Question 3: In the RSA algorithm, we have a public exponent e, a private exponent d, a modulus n, and two secret numbers p and q, such that n = pq. Please identify the values for these elements in your certificate and key files. - Public exponent e: ![](https://i.imgur.com/cuzkn73.png) - Private exponent d: ![](https://i.imgur.com/DrVWRhT.png) - Mudulus n: ![](https://i.imgur.com/o2xuyfv.png) - Secret numbers p and q: ![](https://i.imgur.com/RfiAa6E.png) ## Task 2 After this process, the next step is to create a CSR associated with the server itself. A pair of public and private keys is then generated and the CSR generated from the first one. ![](https://i.imgur.com/DWECEKa.png) - Decoded content of the CSR and private key files: ![](https://i.imgur.com/NKyP0b5.png) ![](https://i.imgur.com/7D9H09N.png) Due to the possibility of websites having multiple addresses and to be able to give this possibility to our CSR, we added several hostnames using the "subjectAltName" field. ![](https://i.imgur.com/d1ZPACW.png) ![](https://i.imgur.com/z8tsHk0.png) ## Task 3 - After adding the necessary directories and copying the serial and index.txt files to the directory demoCA, enabling the copy extention option in the configuration file and running the command we can successfully generate the certificate for our server: ![](https://i.imgur.com/SOGFsPw.png) Output: ``` Certificate: Data: Version: 3 (0x2) Serial Number: 4097 (0x1001) Signature Algorithm: sha256WithRSAEncryption Issuer: CN = www.modelCA.com, O = Model CA LTD., C = US Validity Not Before: Dec 16 09:14:14 2022 GMT Not After : Dec 13 09:14:14 2032 GMT Subject: C = US, O = Bank32 Inc., CN = www.bank32.com Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:5d:be:ce:8c:9d:61:0b:86:dd:c1:43:44:e0: 97:09:ef:a6:0f:f3:18:06:49:09:06:17:dd:57:0e: 6f:67:18:d4:94:1a:7a:a1:7a:3d:83:63:cf:ec:a6: 57:85:25:8e:2b:db:a2:c2:97:4f:46:62:2f:54:a3: 87:b9:2c:ea:97:7e:b2:4d:48:65:6e:59:17:04:98: 71:9a:84:d6:51:e4:18:ad:f9:f3:fd:bf:fa:40:d1: 21:dc:af:13:d9:36:00:15:07:22:44:20:fb:45:5e: a5:a2:79:08:42:8c:d3:71:0f:1d:0a:05:21:3d:5c: ed:ee:d6:ce:93:26:a4:eb:3f:58:ee:71:ca:b4:aa: ab:da:d2:6d:39:a7:91:fb:05:b0:16:e1:dd:e7:6e: 97:11:40:dd:cd:56:8d:56:b2:e9:5a:e8:e9:92:e8: d4:03:60:b5:0b:ff:e4:24:a2:6a:89:77:5f:de:d0: 95:f3:18:de:64:27:5a:29:8b:f8:7a:01:48:b0:1d: d5:2e:4c:4a:11:fd:6d:44:d6:71:5d:10:52:0f:6a: 7c:b3:51:30:35:96:9a:74:a8:dd:09:38:1b:25:93: be:66:eb:ad:1b:cf:d3:4f:aa:40:9a:77:c0:65:07: 58:3a:04:c6:02:d1:c9:d0:20:cb:c6:a3:c3:86:89: 29:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: CA:FALSE Netscape Comment: OpenSSL Generated Certificate X509v3 Subject Key Identifier: 34:76:EB:6F:AC:77:88:BC:DA:7E:37:14:2E:48:85:38:2E:A9:68:BB X509v3 Authority Key Identifier: keyid:D7:BA:5F:DF:8C:42:CE:A2:2E:D1:F6:09:AD:98:FC:3C:A1:E3:84:DA X509v3 Subject Alternative Name: DNS:www.bank32.com, DNS:www.bank32A.com, DNS:www.bank32B.com Signature Algorithm: sha256WithRSAEncryption 7c:51:60:0a:93:9c:3f:08:aa:d1:c1:d0:fb:62:57:66:3a:61: c2:65:21:b9:1b:af:53:fd:50:f7:ae:7e:b0:29:1a:88:20:31: 09:86:d2:8d:e8:c4:3c:ef:7d:8e:fc:c4:31:3a:f9:ce:9c:0e: 78:0d:13:64:d4:5a:98:56:c1:a3:5e:a8:97:fe:2a:6b:f0:5c: ed:68:40:96:66:ac:65:d0:7e:62:1a:00:57:0d:a3:fd:33:a9: a2:c5:30:2f:af:d1:f9:d4:33:65:30:1e:a0:33:df:c2:d2:f5: db:f3:8f:88:54:3e:b9:44:12:71:31:47:22:27:07:a8:27:5d: 40:92:3d:5e:31:dc:d3:c7:04:62:35:ca:72:11:27:91:bf:55: dc:6b:b5:8a:c3:17:18:05:4b:96:eb:3f:b5:c9:60:16:0d:99: cf:9f:01:c8:be:e5:0b:a2:30:43:0c:d4:f4:63:05:41:56:70: 21:6c:b6:e9:b8:5a:4b:0e:52:f1:69:50:d1:aa:bf:56:a1:6c: 40:02:f5:ee:ba:5e:1d:00:e7:55:af:d4:ea:ff:26:bf:77:96: c0:9b:b3:00:1d:8c:d2:e6:5b:03:88:81:cd:b9:08:f0:86:4f: 85:4d:0a:83:c2:6b:3c:04:b5:8a:a5:b8:e9:6e:1b:5a:8f:ee: fb:a3:19:3a:55:3b:54:a5:6c:ca:17:9a:91:7c:02:2d:c0:dd: 46:64:8b:8e:ca:96:30:13:8d:e2:b7:9f:c8:ca:b5:38:2e:40: d3:c2:a1:9b:ab:89:7b:9e:40:d6:9b:b3:a8:2d:9f:88:30:8b: a9:ad:29:8c:39:f1:97:cd:1f:fc:79:b2:1d:a3:0b:ac:a1:44: 78:77:fc:92:03:33:35:1b:08:2e:c4:ca:2b:50:68:10:85:02: 16:36:4e:6a:79:88:ab:40:fb:06:25:4a:1e:6f:24:e0:a5:29: 9b:53:d6:ff:3d:fd:bc:07:83:b0:9f:21:27:4b:d1:d9:43:57: 62:75:12:15:c8:b0:00:de:05:6d:c1:6f:e9:c4:b7:3f:f5:61: 2e:f3:d8:79:36:23:3a:2b:3c:42:70:7d:2e:a5:1d:4e:56:47: 1a:f1:4e:09:8f:e4:cd:9d:a6:10:82:bf:46:34:79:72:4d:34: ff:b8:5f:d8:99:68:30:15:51:45:88:95:a3:4b:c9:2f:92:48: bd:87:42:7c:ba:d5:2c:88:f2:9a:f0:1f:f6:cf:21:87:e3:71: 39:56:46:87:a9:8b:10:c3:d8:48:0c:06:02:89:dc:b7:6a:c3: 88:04:52:2d:31:43:64:de:20:f5:cd:52:7b:43:0d:67:45:45: 23:c7:c9:96:6c:4b:63:16 ``` ## Task 4 - Opening the container's terminal through ssl and going to the files we can observe the configuration of our apache server: ![](https://i.imgur.com/xSlYyoV.png) - By running the commands provided we can see that the ssl module is enabled, as well as the sites described in the file: ![](https://i.imgur.com/zoRDP78.png) - So after everything is setted up we can start the server with success: ![](https://i.imgur.com/jOx9FQ1.png) - After acccessing the `www.bank32.com` website it is presented to us that the website is potencially risky: ![](https://i.imgur.com/K4PN1xk.png) - We can still access the webiste but as we can see the security certificates are not activated yet and the browser does not trust our website: ![](https://i.imgur.com/1pIjD04.png) - To fix this we need to add our certificate to the browser. In firefox this is done in `about:preferences#privacy`, in the certificates tab, in view certificates by clicking `import`. - We import our `ca.crt` certificate file. ![](https://i.imgur.com/4chdEXz.png) - and enable 'Trust this CA to identify websites': ![](https://i.imgur.com/c9bDAaS.png) - And now our connection to the website is secure. ![](https://i.imgur.com/GplWrE9.png) - To secure our own server (the one with the url: last name + year) we redo the steps starting from task 2, making a new certificate, with the same CA, and add it to the apache server: - Added the name to the server key: ![](https://i.imgur.com/EkkhWmr.png) - Copying the files necessary for generating a certificate for our server: ![](https://i.imgur.com/jfahRle.png) ![](https://i.imgur.com/FRJTmlr.png) ![](https://i.imgur.com/mPglykn.png) - Generating the certificate: ![](https://i.imgur.com/4TrIN1B.png) - Adding the servers name to the apache configuration file: ![](https://i.imgur.com/dQY5E6P.png) - Starting the apache2 server and adding the passphrase 'dees': ![](https://i.imgur.com/kdeXFAY.png) - And this way as we can see our website is completed and the certificate is valid: ![](https://i.imgur.com/mio2O5K.png) ## Task 5 - Adding the new name of the website we pretend to impersionate: ![](https://i.imgur.com/K0echBD.png) - By changing the values of the etc/hosts: ![](https://i.imgur.com/Nh6uSvj.png) - The browser doesn't let us enter into the website because the connection is insecure, the browser does not trust the certificate: ![](https://i.imgur.com/tDpTMNk.png) ![](https://i.imgur.com/qj5RTj7.png) - This way, the user would know the site was compromised ## Task 6 - In order to redirect from tiktok onto our impersonated website, without warnings, after the previous steps we also changed the certificate that is being used in the apache server by a newly created one with the name `www.tiktok.com`. - And as we can see, after adding the new certificate when we go to the URL we now enter our website instead of the original one, without the browser raising any security problem. ![](https://i.imgur.com/xKqWchA.png) # CTF Challenge 1 - To calculate p and q we used a website Wolfram Alpha which gave us the closests numbers primes to p and q. - In hexadecimal, p being the closest prime to 2**512: `0x10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004b` - In hexadecimal, q being the closest prime to 2**513: `0x20000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009f` - d is a number such that `d*e % ((p-1)*(q-1)) = 1`, so we employed the extended Euclidean algorithm: ```python def inverse(x, m): a, b, u = 0, m, 1 while x > 0: q = b // x # integer division x, a, b, u = b % x, u, x, a - q * u if b == 1: return a % m else: raise Exception("must be co-prime") ``` - And the enc_flag is the output of the `nc ctf-fsi.fe.up.pt 6000` command, without the initial 0s. - Our python script that decoded the flag is the following: ```python from binascii import hexlify, unhexlify def inverse(x, m): a, b, u = 0, m, 1 while x > 0: q = b // x # integer division x, a, b, u = b % x, u, x, a - q * u if b == 1: return a % m else: raise Exception("must be co-prime") p = 0x10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004b # next prime 2**512 q = 0x20000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009f # next prime 2**513 n = p*q e = 0x10001 # a constant d = inverse(e, (p-1)*(q-1)) # a number such that d*e % ((p-1)*(q-1)) = 1 enc_flag = "41a71ab1acd9a0f1b71a62f695ea3f2a9455015ea63de87bbc0e232f0fe7bdd0f53df09aada578fe1f3cfadedca79d0140e3154f7b7d24846376e72afb24e74082cf0732b6d1d36091680b2b4bbdef401f5c69b6d5e67bde9222f93ce5fd042477007dd74bdf11bf1b3c3529b65b9061836d808127c9145355032ad06e9d37a7" def enc(x): int_x = int.from_bytes(x, "big") y = pow(int_x,e,n) return hexlify(y.to_bytes(256, 'big')) def dec(y): int_y = int.from_bytes(unhexlify(y), "big") x = pow(int_y,d,n) return x.to_bytes(256, 'big') y = dec(enc_flag) print(y.decode()) ``` # CTF Challenge 2 - In this ctf there are 2 people communicating through the RSA, so we have 2 expoents and one n. - The n is: n = `29802384007335836114060790946940172263849688074203847205679161119246740969024691447256543750864846273960708438254311566283952628484424015493681621963467820718118574987867439608763479491101507201581057223558989005313208698460317488564288291082719699829753178633499407801126495589784600255076069467634364857018709745459288982060955372620312140134052685549203294828798700414465539743217609556452039466944664983781342587551185679334642222972770876019643835909446132146455764152958176465019970075319062952372134839912555603753959250424342115581031979523075376134933803222122260987279941806379954414425556495125737356327411` - The first expoent is: e1 = `0x10001` - And the second expoent is: e2 = `0x10003` - Because both exponents were derived from the same modulus(n) and message, this way we know that, for a (s1, s2) pair: GCD(e1, e2) = 1, so, e1*s1 + e2*s2 = 1 - So, applying the following Extended Euclidean Algorithm, from https://www.geeksforgeeks.org/python-program-for-basic-and-extended-euclidean-algorithms-2/: ```python def gcdExtended(a, b): # Base Case if a == 0 : return b,0,1 gcd,x1,y1 = gcdExtended(b%a, a) # Update x and y using results of recursive # call x = y1 - (b//a) * x1 y = x1 return gcd,x,y ``` - We got: s1= `32769` s2= `-32768` - We know that: m = (c1 ^ s1 * c2 ^ s2)mod(n) - We also know that one of the s values will be negative and so, to avoid operations with negative exponents, from the negative s, we can calculate d so that: d ≡ c^(−1)(mod(n)) <=> c*d−n*l=1 - With this d we can calculade m like this: - if s1 is negative: m = ((d ** (-s1)) * (c2 ** s2))mod(n) - If s2 is negative: m = ((c1 ** s1) * (d ** (-s2)))mod(n) - In our case, s2 was negative so, using Extended Euclidean Algorithm again, we got: d = `39881677041816292609682755011058968576184591409611742514566700814208805466675035157400643271685198650267694110690523616691416899371547843566730917467832436356274228790651571254850127717448534236461194585480593646852668661924823134930271252041467048922918071696568177739731605518055463119222046951528767143156474441399263006082834745248188254783497631797405999978768664112025678630075355921037862572545045841895786910083344621857123429539720878374449192315940152650938287382983132928466345333405815277957353805369963554329032133550036437849823659588365705542527483170204082892958735144620308843860893989485151708488750` - With these values we know that: m = ((c1 ** s1) * (d ** (-s2)))mod(n) - And our flag is in the message m. - The following program, which followed these operations gave us the flag: ```python from binascii import hexlify, unhexlify import sys sys.setrecursionlimit(5000) def gcdExtended(a, b): # Base Case if a == 0 : return b,0,1 gcd,x1,y1 = gcdExtended(b%a, a) # Update x and y using results of recursive # call x = y1 - (b//a) * x1 y = x1 return gcd,x,y e1 = int(0x10001) e2 = int(0x10003) gcd, s1, s2 = gcdExtended(e1, e2) s1 = int(s1) s2 = int(s2) print("gcd: " + str(gcd) + " s1: " + str(s1) + " s2: " + str(s2)) n = int(29802384007335836114060790946940172263849688074203847205679161119246740969024691447256543750864846273960708438254311566283952628484424015493681621963467820718118574987867439608763479491101507201581057223558989005313208698460317488564288291082719699829753178633499407801126495589784600255076069467634364857018709745459288982060955372620312140134052685549203294828798700414465539743217609556452039466944664983781342587551185679334642222972770876019643835909446132146455764152958176465019970075319062952372134839912555603753959250424342115581031979523075376134933803222122260987279941806379954414425556495125737356327411) c1str = "b125a0cc42e38f51c9ed43c8d997ff1dad5fee936c8ddda9ff8e08b412991a0e2ef33565f994dbc61716caf807bd90a32a751ab593db1fc985d97da421876c8e7db40d2fe338e414e3e612b17f6f82c65204849f6128fcb63096ef465737067eb1ed25d9ce637ea2ccf173176c38e9913519707e3ff6bd19127ba894758584037f3dc8d95c20e92b2500b5711e6d5c1ddd46e64e0eb94af2ab6f5ce4ae605451cb86010f23b4ec9fe5abdaeabc33f676d430a2e8099f161a9b3eaf18622acae7ff003c058a07d86a9f231fd30b8c702aa63710e4e6fd65b4db0c3ab3e24a2ac02b161fffaefd2d593370d3367abbffc994a2d9c45cc103f60ad77e9997e8e338" c2str = "4594f45b3b4cca81e266fa5cb57a5fedae99ac08fe82d11d99e3113c44584fef3a45eda50112da447f54de365f7e15646b10c3a604c4c9d5f508218286cdeefb046a7696e7a37c8c43063abbc8e8dec56292bdfe74fe9a68de486bfa54d43206adc3d0ed966c485a373fd8d3d55d9a515a56aba1b025ddffd461f09b85288daaadb8529923894d2e298fb5f8c655a05cfe136b5e22c243449df31e4742574063b5557acd9c26a83de4f109b12a5b144544e62422c9760b19a276afb8775f3e00db02553fc6866db4b1764ab3d08b4cb8d4d491e6545c2f70edcf9cdf56e41f654f351a82b93a545936d1b706981edc444ff32f7c2184982f96fc3f7d2d019504" c1 = int.from_bytes(unhexlify(c1str), 'big') c2 = int.from_bytes(unhexlify(c2str), 'big') if(s1 < 0): first = True gcd, d, l = gcdExtended(c1, n) d = int(d) d = d + n d = int(d) else: first = False gcd, d, l = gcdExtended(c2, n) d = int(d) d = d + n d = int(d) if first: m = int((d ** (-s1)) * (c2 ** s2)) else: m = int((c1 ** s1) * (d** (-s2))) m = m % n mstr = m.to_bytes(256, 'big') print("m: \n" + mstr.decode()) ``` The flag is: flag{9dc30943200f484d7351529378bad162}
Last changed by  
FSI l14g02
90

Read more

PFL_TP2_T08_Yoxii_4

Elementos: André Morais (50% contribuição) Lucas Sousa (50% contribuição) Instalação e Execução: Após instalar o SICTUS PROLOG é apenas preciso de consultar o ficheiro main.pl:consult('main.pl') e rodar o comando play. para poder começar a jogar. Descrição do jogo: Yoxii é um jogo que para ganhar devemos de circular o totem com as nossas peças mais fortes. O totem começa no centro do tabuleiro de jogo, que possui 37 quadrados e se assemelha a um retângulo sem cantos.

1/2/2023
LOGBOOK 10

Tarefas #1 a #4 Task #1 To embed a javascript profile in our profile, in the editing page we typed <script>alert('XSS');</script> in the brief description area. Now when we view our profile, the script is executed and we see an alert with XSS. Task #2 In order to display a user's cookies, we typed the following script on our brief description section in the profile: <script>alert(document.cookie);</script>

12/8/2022
LOGBOOK 8

TASK 1: In this task, we interact with the MySQL database through a shell in the docker container. We login with mysql -u root -pdees, select the database Database changed and see the tables show tables;: We then use the SQL query SELECT * FROM credential WHERE name='alice'; to print Alice's information: | ID | Name | EID | Salary | birth | SSN | PhoneNumber | Address | Email | NickName | Password | | 1 | Alice | 10000 | 20000 | 9/20 | 10211002 ||||| fdbe918bdae83000aa54747fc95fe0470fff4976 | TASK 2.1 In order to login as an admin, we inject the the following username: admin'# or admin'--. Taking into account this query:

12/2/2022
LOGBOOK 6

TASK 1 In order to crash the program running in the docker container we send a message with the %s formatter. By doing echo %s the program will print the memory address in string format, but has the memory address can't be converted into a string the program crashes, as we can see because it didn't print: (^_^)(^_^) Returned properly (^_^)(^_^). TASK 2.A To discover how many %x we need for the server to print out our input we sent a mesage composed of @@@@ and many %x. We chose @@@@ because it's easy to recognize in hexadecimal as 40404040. We discovered our input in the 64th position of the server output. TASK 2.B In order to print out the secret message, we modified build_string.py to build our message. The message has the adress of the secret message, taking into account little-endian adresses, followed by 63 %x and a %s to print the message. In the server container we see that the secret message is A secret message. TASK 3.A

11/18/2022
Read more from FSI l14g02
Published on HackMD