This shows you the differences between two versions of the page.
isc:labs:02 [2023/10/15 21:01] florin.stancu |
isc:labs:02 [2024/03/03 13:03] (current) vlad_iulius.nastase [05 [20p] We want Jokes instead of Nukes] |
||
---|---|---|---|
Line 3: | Line 3: | ||
===== Objectives ===== | ===== Objectives ===== | ||
* Basic Cryptography | * Basic Cryptography | ||
- | * Block Cipher Modes | + | * Symmetric Cryptography: AES |
- | * RSA | + | * Block Cipher Modes |
+ | * Asymmetric Cryptography: RSA | ||
===== Resources ===== | ===== Resources ===== | ||
Line 19: | Line 20: | ||
===== Overview ===== | ===== Overview ===== | ||
+ | |||
+ | Cryptography refers to the technique of securing information and communications through use of codes, especially to prevent unauthorised access. | ||
+ | |||
+ | There are two main types: | ||
+ | * Symmetric | ||
+ | * Asymmetric | ||
==== Symmetric Key Encryption ==== | ==== Symmetric Key Encryption ==== | ||
Line 146: | Line 153: | ||
{{:isc:labs:isc-lab02-secret.zip|This file (compressed as .zip)}} was encrypted using the following code. Can you decrypt it? | {{:isc:labs:isc-lab02-secret.zip|This file (compressed as .zip)}} was encrypted using the following code. Can you decrypt it? | ||
- | <code> | + | <code python> |
from Crypto.Cipher import AES | from Crypto.Cipher import AES | ||
from Crypto import Random | from Crypto import Random | ||
Line 175: | Line 181: | ||
f_out.write(enc) | f_out.write(enc) | ||
f_out.close() | f_out.close() | ||
+ | </code> | ||
+ | <note info> | ||
+ | You might need to install ''pycryptodome'':<code> | ||
+ | pip3 install pycryptodome | ||
</code> | </code> | ||
+ | </note> | ||
<solution -hidden> | <solution -hidden> | ||
- | <code> | + | <code python> |
from Crypto.Cipher import AES | from Crypto.Cipher import AES | ||
Line 185: | Line 196: | ||
BLOCK_SIZE = 32 | BLOCK_SIZE = 32 | ||
- | PADDING = '#' | + | PADDING = b'#' |
- | iv = "\x00" * 16 | + | iv = b'\x00' * 16 |
def decrypt(key, iv, data): | def decrypt(key, iv, data): | ||
Line 193: | Line 204: | ||
return data | return data | ||
- | with open('secret.enc', 'rb') as f: | + | with open('isc-lab02-secret.enc', 'rb') as f: |
data = f.read() | data = f.read() | ||
extr_key = data[:32] | extr_key = data[:32] | ||
extr_data = data[32:] | extr_data = data[32:] | ||
- | f_dec = open("decr.jpg", 'wb') | + | f_dec = open('plain.jgp', 'wb') |
f_dec.write(decrypt(extr_key, iv, extr_data).rstrip(PADDING)) | f_dec.write(decrypt(extr_key, iv, extr_data).rstrip(PADDING)) | ||
f_dec.close() | f_dec.close() | ||
Line 219: | Line 230: | ||
</code> | </code> | ||
* **Note**: the result is a decimal number, you need to convert it to an ASCII text using the snippet below: | * **Note**: the result is a decimal number, you need to convert it to an ASCII text using the snippet below: | ||
- | <code> | + | <code python> |
print(hex(message)[2:].decode("hex")) # python 2 | print(hex(message)[2:].decode("hex")) # python 2 | ||
print(bytearray.fromhex(hex(message)[2:])) # python 3 | print(bytearray.fromhex(hex(message)[2:])) # python 3 | ||
Line 228: | Line 239: | ||
<solution -hidden> | <solution -hidden> | ||
- | <code> | + | <code python> |
- | #!/usr/bin/env python | + | |
import gmpy2 | import gmpy2 | ||
- | c = 48150432592505707552503950434421170873397025541574547497460326222962564730297 | + | c = 28822365203577929536184039125870638440692316100772583657817939349051546473185 |
n = 70736025239265239976315088690174594021646654881626421461009089480870633400973 | n = 70736025239265239976315088690174594021646654881626421461009089480870633400973 | ||
e = 3 | e = 3 | ||
Line 238: | Line 249: | ||
q = 238324208831434331628131715304428889871 | q = 238324208831434331628131715304428889871 | ||
- | phi = (p-1)*(q-1) | + | phi = (p - 1) * (q - 1) |
d = gmpy2.invert(e, phi) | d = gmpy2.invert(e, phi) | ||
pt = pow(c, d, n) | pt = pow(c, d, n) | ||
- | print( "plaintext: " + hex(pt)[2:].decode("hex")) | + | print( "plaintext: " + bytearray.fromhex(hex(pt)[2:]).decode('utf-8')) |
</code> | </code> | ||
</solution> | </solution> | ||
Line 251: | Line 263: | ||
* However, he failed to understand that you should not use the same byte for the entire key. | * However, he failed to understand that you should not use the same byte for the entire key. | ||
* **Hint:** bruteforce | * **Hint:** bruteforce | ||
+ | |||
+ | <solution -hidden> | ||
+ | <code python> | ||
+ | |||
+ | # Key = 1e: i_guess_it_kinda_is_otp | ||
+ | |||
+ | from itertools import cycle | ||
+ | |||
+ | c = 'wAyk{mmAwjAuwpzAwmAqjn' | ||
+ | |||
+ | for i in range(0,256): | ||
+ | print("".join([chr(x[0] ^ ord(x[1])) for x in zip(cycle([i]), c)])) | ||
+ | |||
+ | </code> | ||
+ | </solution> | ||
==== 04 [20p] Many Time Pad ==== | ==== 04 [20p] Many Time Pad ==== | ||
Line 257: | Line 284: | ||
* Knowing that the key starts with "ALEXCTF{", can you determine the rest? | * Knowing that the key starts with "ALEXCTF{", can you determine the rest? | ||
* **Hint:** take a close look at the folder for this task. | * **Hint:** take a close look at the folder for this task. | ||
+ | |||
+ | <solution -hidden> | ||
+ | <code> | ||
+ | |||
+ | ALEXCTF{HERE_GOES_THE_KEY} | ||
+ | |||
+ | </code> | ||
+ | </solution> | ||
==== 05 [20p] We want Jokes instead of Nukes ==== | ==== 05 [20p] We want Jokes instead of Nukes ==== | ||
Line 268: | Line 303: | ||
<note important> | <note important> | ||
- | If this looks cringy to you, wait until you see the assignments ;)) | + | If you find this cringe, just wait until you see the assignments! ;) |
</note> | </note> | ||
+ | |||
+ | <solution -hidden> | ||
+ | <code python> | ||
+ | |||
+ | original_iv = bytes.fromhex('7ec00bc6fd663984c1b6c6fd95ceeef1') | ||
+ | original_plaintext = b'FIRE_NUKES_MELA!' | ||
+ | new_plaintext = b'SEND_NUDES_MELA!' | ||
+ | |||
+ | xor_result = bytes(a ^ b for a, b in zip(original_plaintext, new_plaintext)) | ||
+ | new_iv_bytes = bytes(a ^ b for a, b in zip(original_iv, xor_result)) | ||
+ | |||
+ | print("New IV in hexadecimal:", new_iv_bytes.hex()) | ||
+ | |||
+ | </code> | ||
+ | </solution> | ||
+ | |||
==== 6. [10p] Feedback ==== | ==== 6. [10p] Feedback ==== | ||
Please take a minute to fill in the [[https://docs.google.com/forms/d/e/1FAIpQLSeMrKoWY6UKe1N_BASUARA-HixTuvSfrEnx_FKstT-RW464NQ/viewform |feedback form]] for this lab. | Please take a minute to fill in the [[https://docs.google.com/forms/d/e/1FAIpQLSeMrKoWY6UKe1N_BASUARA-HixTuvSfrEnx_FKstT-RW464NQ/viewform |feedback form]] for this lab. | ||
- | |||