This was a super fun ctf organized by DiaryofHackers and hosted by HackTheBox. The challs were kinda easy really so, my team was able to complete all the challs and landed second place.
I solved the cryptos and forensics.
This was a crypto chall. You're given an encrypted file called top_secret and the python script used to encrypt the file.
From the script, the file seems to be encrypted using AES algorithm using a random key.
The AES mode used is CBC which normally uses an Initialization Vector(iv) with the encryption key. In the code it uses the key as the iv, so the only task is to find the encyption key and we can easily decrypt the file.
The first few lines are nothing too interesting, there's the normal public exponent with the usual integer value, the two random secret prime numbers, p and q, and n which is the multiple of p and q. We also get d which is the secret exponent and a leak which is d%(p-1)
.
As i'm not too good with crypto, i used this blog to finish up the chall with a quick script.
Running this, got the flag.
We're given a python script and the flag which is encrypted.
This challenge is pretty simple since the decrypt function is included here. So, the idea was to basically use the decrypt function from the script to recursively decrypt the hex encoded flag until we get the flag. Made a quick script for that.
Running this gives us the flag.
But, the logic behind my script is that, we already know the flag format right, but, what if that wasn't in our disposal. So, my friend f11snipe came up with his own version to solve this.
Running this as well, gets the flag.
This might just be one of the easiest forensics challs out there. We are given a macro enabled word document and when i think of macro in a ctf i think olevba
. This is a tool used for extracting macro from word documents. To install it, just run sudo -H pip install -U oletools
.
This looks like a flag. Using python to convert the unicode integers to ascii, got the flag, kinda.
HTB{n3w_VPN_n3w_b4ckdoor}
If you look keenly, Replace is being used here to flip the o's to 0's so, the flag should actually be HTB{n3w_VPN_n3w_b4ckd00r}