Added some tasks

Author: akrasuski1

2016-06-04-backdoor-ctf/crypto_collision_course/README.md

@@ -0,0 +1,37 @@
+# Collision course
+
+In this task, we were given a hasher binary (`foobar`) and a file, for which we had to find
+a collision (`collider`), that is a file, which passed as input to `foobar` gives the same hash.
+There could be many solutions, but only one of them makes sense (is an English text).
+
+Analyzing the assembly, we can rewrite the binary into the following pseudocode:
+
+```
+def hash(block):
+	block^=A
+	ROR(block, 7)
+	block+=B
+	ROL(block, 7)
+	block*=C
+	return block
+
+state=0
+for 4-byte block in input:
+	h=hash(block)
+	state^=h
+	ROR(state, 7)
+	print state
+```
+
+Since state is printed out after every iteration, we know every state. Let's denote them as
+s0, s1 and so on, where s0=0 (initial state).
+```
+s(i+1)=ROR( s(i)^hash(block), 7 )
+ROL( s(i+1), 7 )=s(i)^hash(block)
+hash(block) = s(i) ^ ROL( s(i+1), 7 )
+```
+So, since we know all s(i), we easily calculate all hashes of 4-byte blocks. Since 4 bytes are
+in the brute-force range (and the search space could be significantly lowered by considering
+only printable characters), we implemented the hash in `main.cpp` and brute-forced all fitting
+input blocks. Output was not unique, but it was easy to choose the correct answer from the few
+possibilities.

2016-06-04-backdoor-ctf/crypto_collision_course/collider

@@ -0,0 +1,53 @@
+#include <cstdio>
+#include <cstdlib>
+#include <cstdint>
+
+#define	_rotr(x, n)   ((((x)>>(n)) | ((x) << (32 - (n)))))
+#define _rotl(x, n)   (((x)<<(n))|((x)>>(32-(n))))
+
+uint32_t hash(uint32_t num){
+	num^=0x24f50094U;
+	num=_rotr(num, num&0xF);
+	num+=0x2219ab34U;
+	num=_rotl(num, num&0xF);
+	num*=0x69a2c4feU;
+	return num;
+}
+
+void find_collisions(uint32_t hash_to){
+	uint32_t block=0;
+	do{
+		uint32_t h=hash(block);
+		if(h==hash_to){
+			printf("%08X %c%c%c%c\n", block, block, block>>8, block>>16, block>>24);
+		}
+	}while(++block);
+}
+
+unsigned char hashes[]="\x95\x13\xaa\xa5\x52\xe3\x2e\x2c\xad\x62\x33\xc4\xf1\x3a\x72\x8a\x5c\x5b\x8f\xc8\x79\xfe\xbf\xa9\xcb\x39\xd7\x1c\xf4\x88\x15\xe1\x0e\xf7\x76\x64\x05\x03\x88\xa3";
+
+int main(){
+	uint32_t hh=0xf113cca1;
+	printf("Debug: %x %x %x %x\n", hh, hash(hh), hash(hh)^0x9513aaa5, _rotr(hash(hh)^0x9513aaa5,7));
+
+	uint32_t temp=0;
+	for(int i=0;i<10;i++){
+		uint32_t newtemp=hashes[i*4]<<24;
+		newtemp|=hashes[i*4+1]<<16;
+		newtemp|=hashes[i*4+2]<<8;
+		newtemp|=hashes[i*4+3]<<0;
+		printf("newtemp is %x\n", newtemp);
+		// newtemp=_rotr(temp^hash(block), 7)
+		// thus:
+		// _rotl(newtemp,7)=temp^hash(block)
+		// hash(block)=_rotl(newtemp)^temp;
+		printf("Rotled: %x\n", _rotl(newtemp, 7));
+		printf("temp: %x\n", temp);
+		printf("xored: %x\n", _rotl(newtemp, 7)^temp);
+		uint32_t h=_rotl(newtemp, 7)^temp;
+		printf("Finding hash for %x\n", h);
+		find_collisions(h);
+
+		temp=newtemp;
+	}
+}

2016-06-04-backdoor-ctf/crypto_collision_course/foobar

@@ -0,0 +1,55 @@
+# CRC
+
+In this task we were given 26 encrypted zip files. It is easy to notice though, that they have
+very small size - they uncompress to 5 byte files. That means we should be able to brute force
+the actual contents, and check their validity using crc, since ZIPs contain CRC32 of 
+their uncompressed contents:
+```
+[adam@adam-Y510P ~/CTF/backdoor/zipcrc]λ unzip -lv 0.zip
+Archive:  0.zip
+ Length   Method    Size  Cmpr    Date    Time   CRC-32   Name
+--------  ------  ------- ---- ---------- ----- --------  ----
+       5  Stored        5   0% 2015-11-26 19:49 a36bb2ae  0.txt
+--------          -------  ---                            -------
+       5                5   0%                            1 file
+```
+We listed all CRCs in `list`, and wrote a brute forcer - `check.cpp`. It looped over all printable
+5-character strings and calculated its CRC, after which it checked whether it fits any zip.
+
+Unfortunately there were many collisions, so we wrote a quick visualizer showing possibilites
+for each zip (`parse.py`). Output:
+```
+[ p,id] [ func] [h&3o4] [func(] [) { e] [.ERM*] [H'9!R] [!LZW(] ["; fo] [ngxh4]
+[<?php] [<))ow] [tion ] [z:2b<] [5o'!q] [B6In]  [The F] [M?wSl] [>t|g{] [r($i ] 
+[PL]l4]                         [ESV$!] [^y#Hz]         [Qp+Rx]
+                                        [cho "]         [lag: ]                
+                                        ['3!6]          [p.;;4]                 
+
+
+[!ol:4] [$i < ] [/}g!0] [8IJE<] [echo ] [.EOE8] [)VPL7] [ (($i]
+[= 0; ] [8&|=4] [32; $] [Hu;@l] [y,4n4] [B6bA|] [E%}Hs] [<gt%}] 
+[lBQW<] [TUQ9p] [bPZL8] [T:gAx]         [^y>@h] [Yj!Ig] [qJIHu]
+                        [i++) ]         [chr(0] [d{m!?]        
+                        [udw(4]         ['.)$]  [x41 +]          
+
+
+
+
+[ ^ 0x] [-}u!1] [ 0x19] [)); e] [.ERM*] [,RS>p] [ao:tz] [2JHW<] [*4DeR]
+[PbQ5(] [12) %] [<$0-]  [5fg!q] [B6In]  [@!~:4] [} fun] [Bv9Rl]
+[q<A\d] [`PHL9] [LCU5}] [xKZLy] [^y#Hz] [\n"; ]         [^9eSx] 
+                                [cho "] [anSx]          [c(); ]         
+                                ['3!6]  [}02Rl]         [gu:4]            
+```
+We quickly noticed it should be a PHP code (`<?php` in the first block gives it away). Connecting
+the dots, we manually created the script:
+```
+function func() { 
+	echo "The Flag: "; 
+	for($i = 0; $i<32; $i++) 
+		echo chr(0x41 + (($i ^ 0x12) % 0x19)); 
+	echo "\n"; 
+} 
+func();
+```
+After running it, we got the flag.

2016-06-04-backdoor-ctf/crypto_collision_course/main.cpp

@@ -0,0 +1,108 @@
+#include <cstdio>
+#include <cstdint>
+
+using namespace std;
+
+static uint32_t crc32_tab[] = {
+	0x00000000, 0x77073096, 0xee0e612c, 0x990951ba, 0x076dc419, 0x706af48f,
+	0xe963a535, 0x9e6495a3,	0x0edb8832, 0x79dcb8a4, 0xe0d5e91e, 0x97d2d988,
+	0x09b64c2b, 0x7eb17cbd, 0xe7b82d07, 0x90bf1d91, 0x1db71064, 0x6ab020f2,
+	0xf3b97148, 0x84be41de,	0x1adad47d, 0x6ddde4eb, 0xf4d4b551, 0x83d385c7,
+	0x136c9856, 0x646ba8c0, 0xfd62f97a, 0x8a65c9ec,	0x14015c4f, 0x63066cd9,
+	0xfa0f3d63, 0x8d080df5,	0x3b6e20c8, 0x4c69105e, 0xd56041e4, 0xa2677172,
+	0x3c03e4d1, 0x4b04d447, 0xd20d85fd, 0xa50ab56b,	0x35b5a8fa, 0x42b2986c,
+	0xdbbbc9d6, 0xacbcf940,	0x32d86ce3, 0x45df5c75, 0xdcd60dcf, 0xabd13d59,
+	0x26d930ac, 0x51de003a, 0xc8d75180, 0xbfd06116, 0x21b4f4b5, 0x56b3c423,
+	0xcfba9599, 0xb8bda50f, 0x2802b89e, 0x5f058808, 0xc60cd9b2, 0xb10be924,
+	0x2f6f7c87, 0x58684c11, 0xc1611dab, 0xb6662d3d,	0x76dc4190, 0x01db7106,
+	0x98d220bc, 0xefd5102a, 0x71b18589, 0x06b6b51f, 0x9fbfe4a5, 0xe8b8d433,
+	0x7807c9a2, 0x0f00f934, 0x9609a88e, 0xe10e9818, 0x7f6a0dbb, 0x086d3d2d,
+	0x91646c97, 0xe6635c01, 0x6b6b51f4, 0x1c6c6162, 0x856530d8, 0xf262004e,
+	0x6c0695ed, 0x1b01a57b, 0x8208f4c1, 0xf50fc457, 0x65b0d9c6, 0x12b7e950,
+	0x8bbeb8ea, 0xfcb9887c, 0x62dd1ddf, 0x15da2d49, 0x8cd37cf3, 0xfbd44c65,
+	0x4db26158, 0x3ab551ce, 0xa3bc0074, 0xd4bb30e2, 0x4adfa541, 0x3dd895d7,
+	0xa4d1c46d, 0xd3d6f4fb, 0x4369e96a, 0x346ed9fc, 0xad678846, 0xda60b8d0,
+	0x44042d73, 0x33031de5, 0xaa0a4c5f, 0xdd0d7cc9, 0x5005713c, 0x270241aa,
+	0xbe0b1010, 0xc90c2086, 0x5768b525, 0x206f85b3, 0xb966d409, 0xce61e49f,
+	0x5edef90e, 0x29d9c998, 0xb0d09822, 0xc7d7a8b4, 0x59b33d17, 0x2eb40d81,
+	0xb7bd5c3b, 0xc0ba6cad, 0xedb88320, 0x9abfb3b6, 0x03b6e20c, 0x74b1d29a,
+	0xead54739, 0x9dd277af, 0x04db2615, 0x73dc1683, 0xe3630b12, 0x94643b84,
+	0x0d6d6a3e, 0x7a6a5aa8, 0xe40ecf0b, 0x9309ff9d, 0x0a00ae27, 0x7d079eb1,
+	0xf00f9344, 0x8708a3d2, 0x1e01f268, 0x6906c2fe, 0xf762575d, 0x806567cb,
+	0x196c3671, 0x6e6b06e7, 0xfed41b76, 0x89d32be0, 0x10da7a5a, 0x67dd4acc,
+	0xf9b9df6f, 0x8ebeeff9, 0x17b7be43, 0x60b08ed5, 0xd6d6a3e8, 0xa1d1937e,
+	0x38d8c2c4, 0x4fdff252, 0xd1bb67f1, 0xa6bc5767, 0x3fb506dd, 0x48b2364b,
+	0xd80d2bda, 0xaf0a1b4c, 0x36034af6, 0x41047a60, 0xdf60efc3, 0xa867df55,
+	0x316e8eef, 0x4669be79, 0xcb61b38c, 0xbc66831a, 0x256fd2a0, 0x5268e236,
+	0xcc0c7795, 0xbb0b4703, 0x220216b9, 0x5505262f, 0xc5ba3bbe, 0xb2bd0b28,
+	0x2bb45a92, 0x5cb36a04, 0xc2d7ffa7, 0xb5d0cf31, 0x2cd99e8b, 0x5bdeae1d,
+	0x9b64c2b0, 0xec63f226, 0x756aa39c, 0x026d930a, 0x9c0906a9, 0xeb0e363f,
+	0x72076785, 0x05005713, 0x95bf4a82, 0xe2b87a14, 0x7bb12bae, 0x0cb61b38,
+	0x92d28e9b, 0xe5d5be0d, 0x7cdcefb7, 0x0bdbdf21, 0x86d3d2d4, 0xf1d4e242,
+	0x68ddb3f8, 0x1fda836e, 0x81be16cd, 0xf6b9265b, 0x6fb077e1, 0x18b74777,
+	0x88085ae6, 0xff0f6a70, 0x66063bca, 0x11010b5c, 0x8f659eff, 0xf862ae69,
+	0x616bffd3, 0x166ccf45, 0xa00ae278, 0xd70dd2ee, 0x4e048354, 0x3903b3c2,
+	0xa7672661, 0xd06016f7, 0x4969474d, 0x3e6e77db, 0xaed16a4a, 0xd9d65adc,
+	0x40df0b66, 0x37d83bf0, 0xa9bcae53, 0xdebb9ec5, 0x47b2cf7f, 0x30b5ffe9,
+	0xbdbdf21c, 0xcabac28a, 0x53b39330, 0x24b4a3a6, 0xbad03605, 0xcdd70693,
+	0x54de5729, 0x23d967bf, 0xb3667a2e, 0xc4614ab8, 0x5d681b02, 0x2a6f2b94,
+	0xb40bbe37, 0xc30c8ea1, 0x5a05df1b, 0x2d02ef8d
+};
+
+uint32_t
+crc32(uint32_t crc, const void *buf, size_t size)
+{
+	const uint8_t *p;
+
+	p = (const uint8_t*)buf;
+	crc = crc ^ ~0U;
+
+	while (size--)
+		crc = crc32_tab[(crc ^ *p++) & 0xFF] ^ (crc >> 8);
+
+	return crc ^ ~0U;
+}
+
+uint32_t crcs[100];
+char alphabet[300];
+
+int main(){
+	for(int i=' ';i<=127;i++){
+		alphabet[i-' ']=i;
+	}
+
+	int cnt=0;
+	char buff[100];
+	while(true){
+		if(EOF==scanf("%s",buff)){ break; }
+		scanf("%s",buff);
+		uint32_t crc;
+		scanf("%x",&crc);
+		crcs[cnt++]=crc;
+	}
+	for(int i=0;i<cnt;i++){
+		printf("%x\n", crcs[i]);
+	}
+	buff[5]=0;
+	for(char* a=alphabet; *a; a++){
+	buff[0]=*a;
+	for(char* b=alphabet; *b; b++){
+	buff[1]=*b;
+	for(char* c=alphabet; *c; c++){
+	buff[2]=*c;
+	for(char* d=alphabet; *d; d++){
+	buff[3]=*d;
+	for(char* e=alphabet; *e; e++){
+	buff[4]=*e;
+		uint32_t crc=crc32(0, buff, 5);
+		for(int i=0;i<cnt;i++){
+			if(crc==crcs[i]){
+				printf("Found! %x (%d) for [%s]\n", crc, i, buff);
+			}
+		}
+	}
+	}
+	}
+	}
+	}
+}