Write up CryptoHack.org

# Write up CryptoHack.org ## I. Introduction ### 1. Finding Flags Each challenge is designed to help introduce you to a new piece of cryptography. Solving a challenge will require you to find a "flag". These flags will usually be in the format **crypto{y0ur_f1rst_fl4g}**. The flag format helps you verify that you found the correct solution. Try submitting this flag into the form below to solve your first challenge. ``` Flag : crypto{y0ur_f1rst_fl4g} ``` ### 2. Great Snakes Modern cryptography involves code, and code involves coding. CryptoHack provides a good opportunity to sharpen your skills. Of all modern programming languages, Python 3 stands out as ideal for quickly writing cryptographic scripts and attacks. For more information about why we think Python is so great for this, please see the FAQ. Run the attached Python script and it will output your flag. ##### Challenge files: - [great_snakes.py](https://cryptohack.org/static/challenges/great_snakes_35381fca29d68d8f3f25c9fa0a9026fb.py) #### Solution: Run the downloaded file, we get flag: ```bash $ python3 great_snakes.py Here is your flag: crypto{z3n_0f_pyth0n} ``` ``` Flag: crypto{z3n_0f_pyth0n} ``` ### 3. Network Attacks Several of the challenges are dynamic and require you to talk to our challenge servers over the network. This allows you to perform man-in-the-middle attacks on people trying to communicate, or directly attack a vulnerable service. To keep things consistent, our interactive servers always send and receive JSON objects. Python makes such network communication easy with the telnetlib module. Conveniently, it's part of Python's standard library, so let's use it for now. ` The example script below contains the beginnings of a solution for you to modify, and you can reuse it for later challenges.` ##### Challenge files: - [telnetlib_example.py](https://cryptohack.org/static/challenges/telnetlib_example_dbc6ff5dc4dcfac568d7978a801d3ead.py) #### Solution: For this challenge, connect to `socket.cryptohack.org` on port 11112. Send a JSON object with the key buy and value flag. Connect at ```nc socket.cryptohack.org 11112``` ```bash $ nc socket.cryptohack.org 11112 Welcome to netcat's flag shop! What would you like to buy? I only speak JSON, I hope that's ok. ``` Create JSON object with the key buy and value flag. ```json! {"buy" : "flag"} ``` Send JSON object, we get flag. ```bash! $ nc socket.cryptohack.org 11112 Welcome to netcat's flag shop! What would you like to buy? I only speak JSON, I hope that's ok. {"buy" : "flag"} {"flag": "crypto{sh0pp1ng_f0r_fl4g5}"} ``` ``` Flag: crypto{sh0pp1ng_f0r_fl4g5} ``` ## II. General ### 1. Encoding #### ASCII ASCII là một tiêu chuẩn mã hóa 7 bit cho phép biểu diễn văn bản bằng cách sử dụng các số nguyên 0-127. Sử dụng mảng số nguyên bên dưới, chuyển đổi các số thành ký tự ASCII tương ứng của chúng để lấy cờ. `[99, 114, 121, 112, 116, 111, 123, 65, 83, 67, 73, 73, 95, 112, 114, 49, 110, 116, 52, 98, 108, 51, 125] ` `` Trong Python, chr()hàm này có thể được sử dụng để chuyển đổi một số thứ tự ASCII thành một ký tự ( ord()hàm thực hiện ngược lại). `` ##### Solution: In this challenge we use **Python** and use **chr()** function to convert integers into characters. **Source code**: ```python! #ASCII.py lst = [99, 114, 121, 112, 116, 111, 123, 65, 83, 67, 73, 73, 95, 112, 114, 49, 110, 116, 52, 98, 108, 51, 125] result = "" for i in lst: result += chr(i) print("Flag: {}".format(result)) ``` Run file, we get flag. ```bash $ python3 ASCII.py Flag: crypto{ASCII_pr1nt4bl3} ``` ``` Flag: crypto{ASCII_pr1nt4bl3} ``` #### Hex When we encrypt something the resulting ciphertext commonly has bytes which are not printable ASCII characters. If we want to share our encrypted data, it's common to encode it into something more user-friendly and portable across different systems. Hexadecimal can be used in such a way to represent ASCII strings. First each letter is converted to an ordinal number according to the ASCII table (as in the previous challenge). Then the decimal numbers are converted to base-16 numbers, otherwise known as hexadecimal. The numbers can be combined together, into one long hex string. Included below is a flag encoded as a hex string. Decode this back into bytes to get the flag. ```! 63727970746f7b596f755f77696c6c5f62655f776f726b696e675f776974685f6865785f737472696e67735f615f6c6f747d ``` ```! In Python, the bytes.fromhex() function can be used to convert hex to bytes. The .hex() instance method can be called on byte strings to get the hex representation. ``` ##### Solution: We will write a code in **Python** and use **bytes.fromhex()** function to convert hex to bytes. **Source code:** ```python! #Hex.py encoded="63727970746f7b596f755f77696c6c5f62655f776f726b696e675f776974685f6865785f737472696e67735f615f6c6f747d" flag = bytes.fromhex(encoded) print("Flag: {}".format(flag)) ``` **Or** ```python! #Hex.py from binascii import unhexlify flag = unhexlify(b'63727970746f7b596f755f77696c6c5f62655f776f726b696e675f776974685f6865785f737472696e67735f615f6c6f747d') print("Flag: {}".format(flag)) ``` Run file Hex.py, we get flag. ```bash! $ python3 Hex.py Flag: b'crypto{You_will_be_working_with_hex_strings_a_lot}' ``` ```! Flag: crypto{You_will_be_working_with_hex_strings_a_lot} ``` #### Base64 Another common encoding scheme is Base64, which allows us to represent binary data as an ASCII string using an alphabet of 64 characters. One character of a Base64 string encodes 6 binary digits (bits), and so 4 characters of Base64 encode three 8-bit bytes. Base64 is most commonly used online, so binary data such as images can be easily included into HTML or CSS files. Take the below hex string, decode it into bytes and then encode it into Base64. ```! 72bca9b68fc16ac7beeb8f849dca1d8a783e8acf9679bf9269f7bf ``` ```! In Python, after importing the base64 module with import base64, you can use the base64.b64encode() function. Remember to decode the hex first as the challenge description states. ``` #### Mono Prime **Chanllenge file**: [output.txt](https://cryptohack.org/static/challenges/output_086036e35349a406b94bfac9a7af6cca.txt) ```bash! $ cat output.txt n=17173137121806544412548253630224591541560331838028039238529183647229975274793460724647750850782728407576391![Uploading file..._vhqdpmo6t]() 6730501174684224762831699697733802434362875737452413626075851586450943530278173593853103057628908679894 ``` Using the website to analyze n products of factors we find that n is a prime number: ![](https://i.imgur.com/CGJz70H.png) An Euler's formulation is: ![](https://i.imgur.com/JzcLXpJ.png) ##### Source code: ```python! c=161367550346730604451454756189028938964941280347662098798775466019463375610700074840105776873791605070092554650190486030367121011578171525759600774739890458414593857709994072516290998135846956596662071379067305011746842247628316996977338024343628757374524136260758515864509435302781735938531030576289086798942 e = 65537 n=171731371218065444125482536302245915415603318380280392385291836472299752747934607246477508507827284075763910264995326010251268493630501989810855418416643352631102434317900028697993224868629935657273062472544675693365930943308086634291936846505861203914449338007760990051788980485462592823446469606824421932591 phi = (n - 1) d = pow (e , -1 , phi ) ct = pow ( c, d, n ) print(bytes.fromhex(hex(ct)[2:]).decode()) ``` #### Square Eyes