jeudi 2 avril 2015

Let's go fishing with fake sstic challenge

Yesterday, as I was idling on the interwebs, I noticed a challenge on twitter:

The URL is http://static.sstic.org/challenge2015/chlg-2015 .

Yesterday was the 1st april, fool's day. I didn't expected much of that, but clicked on the link anyway:

OOOOOOkay.

We noticed immediately the Salted__ which is an openssl header, we know that it is followed by the 8 bytes of salt, and after this header, the encrypted message. Documentation says that nothing can be known of the underlying cipher or mode used from this header.

So, if we want to break by bruteforce this encryption, we have to guess the encryption scheme and the password. And we are the 1st of april, so it could just be pure random in order to laugh at us wasting CPU cycles.

But, if you watch closely the picture, you can clearly see a pattern repeating.

That's unusual. Good crypto should be undistinguishable from random. So, either this is a fake, either this is bad crypto. And we know one bad crypto mode: ECB, where identical cleartext gives identical crypt.

Let's continue with this idea. File containing a lot of identical data are uncompressed images, as of BMP. BMP is made of an header, then groups of three bytes representing a pixel (Red Green Blue value in hex).

We have a file of  3000144 bytes. 16 bytes are from openssl header, some bytes from BMP header, and the pixels. If we imagine a 1000x1000 image , we need 300000 bytes of pixel data. Let's skip those 144 bytes and watch at that.

In two lines of shell:

Tada!

We can see something :-)

If we reverse the image with convert -flip, we can better read the email and we're done.

Please, SSTIC commitee, can you reserve a place for me? (I'll pay it, it's just to be sure to have one ;) )


EDIT: it was just too easy. No need to bruteforce, first try, win:


0xMitsurugi