This vulnerability exploits a weakness in the construction of the public key that allows the private key to be recovered by factorizing the modulus.
ROCA is the acronym of “Return of Coppersmith’s Attack”. This vulnerability was discovered in February 2017 by a team of Czech researchers and was given the identifier CVE 2017-15361.
Continue readingIn this post I want to share with you my way of solving reverse engineering (RE) tasks in CTFs involving simple cryptography without reading a single bit of assembly, purely by cryptanalysis.
Of course this can’t be applied on all RE tasks you’ll encounter that make use of cryptography, but sometimes it might save you a lot of pain trying to solve a difficult RE task, like I did here. You might also have to do it simply because you don’t have access to the cryptographic code (Black Box), like in one of the parts of the Black Badge challenge for Le Hack 2019, which will serve as an example throughout this post.
If you’re new in the field of cryptanalysis this might also be of interest to you to see the methodology you can apply. You might even learn something new. π
Continue readingIt’s been a long time for both of us since part 3 of this series. So to quietly resume our journey in the beautiful world of mathematics I propose you 4 rather simple topics :
In the last part we’ve found heap buffer overflows in the structure holding victim information and a stack buffer overflow when receiving the name of the file that’s been encrypted. Now we’re going to find what possibilities they can offer us and use them to craft an exploit.
Continue readingIn this part we’re going to suppose that we’ve managed to obtain a copy of the Tupper C&C server binary. Our goal is to reverse engineer it and summarize the overall operating process of Tupper.
Continue readingIn the last part we have seen that Tupper encrypts “.txt” files using RSA and “.pdf” files using a xor and custom key schedule. In this part we will write decryption scripts to recover encrypted files because Tupper doesn’t provide any decryption function.
Continue readingToday we will reverse-engineer a simple “ransomware” made specifically for this purpose. Let’s give it the name Tupper. Tupper is not really a ransomware because it doesn’t ask for a ransom, it only attacks a specific location on the filesystem and I unintentionally forgot another important feature of ransomwares, try to find it. π
Continue readingToday the focus is on oracles ! You already encountered the decipher oracle in part 1 but now you’ll meet :
Before diving right into more advanced attacks, let’s take a minute to do a quick recap because it’s been a long time since the last part. Once your mind is warmed up you can safely move on.
On the program today you have :
Spoiler: There will be Maths π
Continue reading
RSA is my favorite cryptosystem. π It’s simple and powerful.
In this series I will try to go through every attacks (that I’m aware of) against RSA which are useful for solving CTF tasks.
I’m not going to give you scripts that will do all the work for you but rather explain how the attacks work. The aim of this series is to understand the attacks you use and which one is most appropriate depending on the task. I will try to be beginner friendly and repeat myself in the beginning but afterwards I will assume that the reader has learnt the concepts. Continue reading
