added 3 challs
This commit is contained in:
parent
6095eda2a9
commit
936d094c47
|
@ -0,0 +1 @@
|
|||
Will probably refine the writeups even more later on
|
|
@ -0,0 +1,7 @@
|
|||
# RSA with the dogs
|
||||
|
||||
`e` is very large so wiener attack is possible
|
||||
|
||||
```sh
|
||||
./RsaCtfTool.py -n 80958280137410344469270793621735550547403923964041971008952114628165974409360380289792220885326992426579868790128162893145613324338067958789899179419581085862309223717281585829617191377490590947730109453817502130283318153315193437990052156404947863059961976057429879645314342452813233368655425822274689461707 -e 3575901247532182907389411227211529824636724376722157756567776602226084740339294992167070515627141715229879280406393029563498781044157896403506408797685517148091205601955885898295742740813509895317351882951244059944509598074900130252149053360447229439583686319853300112906033979011695531155686173063061146739 --uncipher 80629080505342932586166479028264765764709326746119909040860609021743893395577080637958779561184335633322859567681317501709922573784403504695809067898870536224427948000498261469984511352960143456934810825186736399371084350678586129000118485271831798923746976704036847707653422361120164687989605124465224952493 --attack wiener
|
||||
```
|
|
@ -0,0 +1,11 @@
|
|||
# ANYTHING
|
||||
|
||||
Were given the encrypted flag `wfa{oporteec_gvb_ogd}`.
|
||||
|
||||
Since this is all printable text and the curly braces are not encrypted we can deduce that this is probably some classical cipher.
|
||||
|
||||
Sice the flag format is `wsc{}` we can see that this is not doing the same operation on every letter (if it were then the `w` in the ciphertext would be something else).
|
||||
|
||||
The next obvious guess would be to try viginere, and using the hint `this could be encrypted with ANYTHING` we can try using that as our key. And we get the flag `wsc{vigenere_not_bad}`
|
||||
|
||||
Or we could just throw it into the boxentriq cipher analyzer and we would see that this is viginere and follow the same procedure ¯\\\_(ツ)\_/¯
|
|
@ -0,0 +1,17 @@
|
|||
# Johnsons bank
|
||||
|
||||
This ones just a simple timing attack
|
||||
|
||||
From the note in the login screen we can see that the username is probably his name and we find that `williamjohnson` works.
|
||||
|
||||
From the provided source we can deduce that this is probably a timing attack
|
||||
```
|
||||
// The authentication code is written in JohnsonScript, a much, much slower version of JavaScript
|
||||
```
|
||||
```javascript
|
||||
function checkPassword(userInput, correctPassword){
|
||||
return userInput === correctPassword;
|
||||
}
|
||||
```
|
||||
|
||||
Our team used some burp extension to do the timing attack
|
Loading…
Reference in New Issue