GithubHelp home page GithubHelp logo

2012-crypto-b's Introduction

Crypto Challenge, 300 points:

Summary: Flag appears as text in an image, which is then encrypted using Blowfish in a weak mode of operation. The encrypted image and the encryption algorithm is available; the image encrypted was in .bmp format which is hinted at in the file name. The image is encrypted in ECB mode, which is not secure. I think this challenge is made a lot easier by the fact that a google search for "encrypted bitmap wikipedia" returns a page "Block cipher modes of operation" as its second result which gives an example of exactly the trick they need to use.

Challenge files:

index.html -- The challenge entry point.
/files -- this should be a readable sub-folder.
  /files/flag.bmp.encrypted -- pointed to by index.html

Solution walkthrough:

The problem with the encryption method used to encrypt flag.bmp is

that it uses ECB, an insecure mode of operation.

flag.bmp is the actual file that was encrypted.  This is just for

reference, students should not be able to easily recover it.

  From flag.bmp.encrypted, students have to work to understand the

.bmp file format. They'll need to make some guesses; I would expect it's likely students will try using Windows paint to export into .bmp file, which (with the 24-bit color setting) produces the right kind of headers.
They'll have to figure out what the size is; from the filesize of flag.bmp.encrypted, given the correct color settings and the 64-bit IV, the file would contain 1024000 2/3 pixels. Naturally this suggests 1024000 pixels with 2 bytes of padding. There are a number of likely image sizes (1024x1000 springs to mind, but it turns out to be 1280x800). A .bmp file header can be created by hand; Wikipedia has a good explanation of the format with an example. Students will find that overwriting the first N bytes with a basic .bmp header doesn't work, because the file was padded by 2 bytes; this can be learned from the algorithm and observing the file sizes of flag_original.bmp and flag.bmp.encrypted.

  Walkthrough continues: open both flag.bmp and flag.bmp.encrypted

in a hex editor such as the one included. Copy the first 54 bytes from flag.bmp to flag.bmp.encrypted.ecb. Delete the last byte also, to make the pixel array the correct size. Save this as a .bmp file. flag.bmp.ecb.bmp is the result of this process.

Open flag.bmp.ecb.bmp in an image viewer.  The image is garbled but

the flag string pops out clearly.

2012-crypto-b's People

Watchers

avatar avatar avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.