-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathtask1.html
62 lines (55 loc) · 4.85 KB
/
task1.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
<html>
<head>
<!-- jQuery -->
<script src="/static/js/jquery.min.js"></script>
<!-- jQuery UI -->
<link rel="stylesheet" href="//code.jquery.com/ui/1.11.4/themes/smoothness/jquery-ui.css">
<script src="//code.jquery.com/jquery-1.10.2.js"></script>
<script src="//code.jquery.com/ui/1.11.4/jquery-ui.js"></script>
<!-- Bootstrap assets -->
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap-theme.min.css">
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/bootstrap.min.js"></script>
<!-- JavaScript assets -->
<script src="/static/js/jquery.terminal-0.8.8.min.js"></script>
<script src="/static/js/vex.combined.min.js"></script>
<!-- CSS assets -->
<link href="/static/css/jquery.terminal.css" rel="stylesheet">
<link href="/static/css/style.css" rel="stylesheet">
<link href="/static/css/vex.css" rel="stylesheet">
<link href="/static/css/vex-theme-plain.css" rel="stylesheet">
<script>vex.defaultOptions.className = 'vex-theme-plain';</script>
<!-- Meta-information -->
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="description" content="An interactive CTF tracing the history of RSA vulnerabilities.">
<meta name="author" content="">
<!-- Page styling -->
<title>Historical CTF - Task 1</title>
<link rel="icon" href="/static/img/favicon.ico">
</head>
<body style="color:#000">
<div id="terminal">
Welcome to the first challenge. Your task is to hack into Bob Badguy's server.<br><br>
---<br><br>
Back in the day, before SSL, Badguy had to send his username and password over plaintext.<br><br>
To guard against eavesdroppers, he would encrypt his password using the original implementation of RSA and his server's public key. So when he entered his password, it would get encrypted before being sent over the wire. The server could subsequently decrypt before checking for correctness.<br><br>
Because of this scheme, we have obtained Badguy's unencrypted username (<span class="highlight">bbadguy</span>) and his encrypted password (<span style="word-break: break-all" class="highlight">1038975768092424288571358000048546866166630400026574853380142467569378296392905531914873223934030479490038278456580668136595213360444112678645897499800522197036444040462313606048681906852033543309798277604304174463014647933428414137726440474724249167805138235731116268837306848824340747530035447424382643744300051125366945308607540256048798075380701892519593389688160396449776026491158099204463275419745315030615086137432351261687008827567669493102205516010255160591938496818198423232754956198400540188482156340343759508327101652193147380633437718169701312891139799113378740893172429818772434108102179595609447907017</span>).<br><br>
We have also obtained his RSA public key, which consists of a large modulus <b>N</b> (<span style="word-break: break-all" class="highlight">25978685295541844400758253137921219230470806928785102755155404976382403125097590011460962926690573389534445877819169626783574530821529032014933176428745176876336209206184298127833750711759959667396892010897855594310705116444549185413803848360220684792894004783797038725122863925219391515724194975771312329716640555734536726495212193666918666905452800257010993828980541847297861020484438933449245574172542537009025845959660619000930204034647812155656760276873622378342372743077800729256164551129593666691205730832337858976908570537099595930643528411250357329279155868408786007741848038545683400016615396779701783796589</span>) and a public exponent <b>e</b> (<span class="highlight">65537</span>).<br><br>
Unfortunately, the FBI has ruled out brute-forcing the login by bombarding the server with guesses, since Badguy implemented a one guess per second rate-limiting scheme. The modulus is also far too large to factor, so they've ruled out that approach too.<br><br>
Badguy used a home-brewed method to serialize messages into numbers to be encrypted with RSA. We've <a href="/static/scripts/task1/util.py" target="_blank">converted</a> his code to Python. But the rest is up to you.<br><br>
Can you crack the code?<br><br>
<span class="highlight">Note:</span> You can click the help icon on the right for a <span class="highlight">hint</span> at any time.
</div>
<div class="help-buttons">
<span class="glyphicon glyphicon-question-sign help-button"></span>
<span class="glyphicon glyphicon-question-sign help-button"></span>
<span class="glyphicon glyphicon-question-sign help-button"></span>
<span class="glyphicon glyphicon-question-sign help-button"></span>
</div>
<script>window.task = 1;</script>
<script src="/static/js/setup-task.js"></script>
<script src="/static/js/setup-task1.js"></script>
<script src="/static/js/setup-hints.js"></script>
</body>