Hackvent 2019: Day 23

24 Dec 2019
CTF: Hackvent 2019
Link to challenge:
Date Completed: 23 December 2019


HV19.23 Internet Data Archive


We are presented with the following website:

We are allowed to enter a username and select some data to download except the flag which is classified. Upon doing this a unique zip file is generated for us containing our files and we are also provided with a password that allows us to open the encrypted zip file.

By playing around with the website we learn the following things:

  • Usernames are truncated to be at most 12 characters long (alphanumberis)
  • Passwords are always 12 digits (alphanumeric) and look like this: BxxRGJAMpmbJ
  • All links to download files contain the input username with -data appended. Example for username of mo
  • Can pass in req instead of req[] as PHP post argument to trigger PHP error:
  • Can pass in username[] instead of username as PHP post argument to make name be parsed as Array:
  • We cannot use the username Santa (it is explicitly disallowed!)

We shortly find out that the tmp directory where files are hosted has indexing on and we can see all the files that are being created. By sorting by oldest files first we discover two interesting files:

We download and discover that it contains a file called flag.txt! However, we do not know the password for this archive.
Assuming alphanumerics are used as the charset for the password our bruteforce complexity is 62^12 which not feasible.

Next, we inspect the phpinfo for any valuable information, we take note of the PHP version 7.4.1 and that the sodium module is loaded (although this doesn’t matter).

Next we write a password generator script to generate a lot of tokens:

After generating 1000 passwords we run frequency analysis on the payload and discover that certain characters never appear. These characters are 0, 1, l, I, N, n, O, o. Perhaps these characters are committed as they look similar to other characters. Eliminating this characters from our charset brings down our bruteforce complexity to 54^12 which is still not feasible.

We note the title of the challenge page IDA Pro and after researching for IDA Pro PRNG we come across this interesting article:

The author describes the same exact charset that is in use here so we try to use the same approach to break the PRNG used to encrypt the file. We decide to use PHP for this with the same version 7.4.1 as the challenge website to ensure consistency.

We make the following bruteforce.php script:

This script simply generates a random 12 length password using the first 12 bytes of randomness generated by the RNG for each seed between 0 to 2^32. However, we cannot save this data to disk easily so we will instead stream the data to a ZIP cracking utility like John the Ripper to attempt to crack the file on the fly.

We run:

After about 2 minutes we have a successful crack:

Thus our password is Kwmq3Sqmc5sA and the original seed used was 4333287.
We open flag.txt to get our daily flag!

Flag:  HV19{Cr4ckin_Passw0rdz_like_IDA_Pr0}

No Comments

Posted in Hackvent 2019


Leave a Reply