BlockCipher

Challenge Points: 138 Challenge Description: We’ve developed a new restricted shell. It also allows to manage user access more securely. Let’s try it nc crypto-01.v7frkwrfyhsjtbpfcppnu.ctfz.one 1337 In this post, I will be discussing my solution for USSH-3.0 challenge from CTFZone which I think is the unintended way. The challenge was quite peculiar, involving “blind” exploit as you will see in this write-up. Some parts of the challenge might look like guessing, but if you read this write-up start-to-end, you will see that it was a well-tailored challenge. ...

This challenge was a bit overrated, there were no complications in the challenge, as you will see when we discuss the writeup. In this challenge, we are supposed to get the flag which is present in the server. The server has an input-output program running, which gives AES-ECB encryption of the input given to it. The encryption takes place as follows: Takes the input from the user Appends secret (which is the flag here) to the input Pads to make it a multiple of blocksize Encrypts the resultant string using AES in ECB mode Gives the ciphertext as the output We are only in control of the input to the server. Using the input that we give, we need to get the secret. ...

In this blog post, the attack on CBC mode of block cipher encryption will be discussed and in the end, detailed writeup for the 16th challenge of Matasano-Crypto-Challenge i.e. about the Bit Flipping Attack in AES-CBC will be provided with explanation! I want the reader to go through these concepts discussed in the following blog posts, before actually understanding how the CBC Bit-Flipping Attack works: Mode Detection Oracle Blocksize Detection Oracle We will list down all the information one must have access to, in order to initiate this attack: ...