diff --git a/Unibw 2023/crypto/T800 - I'm Back/00_create_chall_sig_csv.py b/Unibw 2023/crypto/T800 - I'm Back/00_create_chall_sig_csv.py new file mode 100644 index 00000000..5117e932 --- /dev/null +++ b/Unibw 2023/crypto/T800 - I'm Back/00_create_chall_sig_csv.py @@ -0,0 +1,42 @@ +import requests +from time import sleep +from base64 import b64decode +import sys + +URL = 'https://t800.codectf.localos.io/challenge' +OUTPUT = 'challenges.csv' +SIGCOUNT = 4 +INTERVAL = 30 # chall ändert sich alle 30s +ORDER = 115792089210356248762697446949407573529996955224135760342422259061068512044369 #NIST256p + +HPNAME = "ctf2023" +HPPASS = "t,FcUGJ>h:7=.woy" + +def sigdecode(sig, order): + bl = (order.bit_length() + 7) // 8 # bytelength + sig = b64decode(sig.encode('utf-8')) + assert len(sig) == 2 * bl + r = int.from_bytes(sig[:bl], 'big') # ab bytelength + s = int.from_bytes(sig[bl:], 'big') # bis bytelength + return r % order, s % order + +if __name__ == '__main__': + with open(OUTPUT, 'w') as outfile: + count = 0 + last_chal = None + + while count < SIGCOUNT: + s = requests.Session() + s.auth = (HPNAME, HPPASS) # session auth + + resp = s.get(URL, verify = False) + data = resp.json() + r, s = sigdecode(data['sig'], ORDER) + chal = data['challenge'] + + if chal != last_chal: + print(chal, r, s, sep=',', file=outfile) + last_chal = chal + count += 1 + + sleep(INTERVAL / 2) \ No newline at end of file diff --git a/Unibw 2023/crypto/T800 - I'm Back/challenges.csv b/Unibw 2023/crypto/T800 - I'm Back/challenges.csv new file mode 100644 index 00000000..d939d3b9 --- /dev/null +++ b/Unibw 2023/crypto/T800 - I'm Back/challenges.csv @@ -0,0 +1,13 @@ +1700847030,103212689316720442713110245172491724265642386432064709268562883378472765546362,27570785100405427479638454093960533643156886667960673546908172046935877989036 +1700847060,19223603755572751593728557346968163943726372137386804983896588864164764239537,74847396429649245807677184098422968864292643147372507217650024609970834035235 +1700847090,69632469991638642475282479459527970764300839765982099501058079976353175931423,73924238490748771108019271471777492350618477761667395182852798739810068114461 +1700847120,35931958938312186433744877572967643879702031061511321661663552212434277489189,93760901016644053339332594943931083613835851287602662307855403190078105832802 +1700847150,50806110590624501747534872737854453377163405079912439627097733643618167872359,99381514970219964449385744106093164620269125328883285068989025227606096568603 +1700847180,13422112570068293876055441825903781001430065939930541531895292946328863103691,19562470247120181117656754090345023965385882454016286281064962961868612402775 +1700847210,42382845092316820515520379160984676075394731690996642804251249229287836097189,43757583821324294984297885176734580133689956394323021866409334655033388852446 +1700847240,8433570965609288778910743256787316740229430345930563634743866877224245232479,110124969439297824903029108350618400048819093104597849948815615232081538970193 +1700847270,12239314457332724722130410276312500309039498098176147024033711949050272155974,74128810784756725907139157104966315243652678003676374828310462835556715012862 +1700847300,107470886335335223248231920276450140312743053108698191149938227163683346427203,65616339986533163462895771781572798911889341694904888954645182834966114841007 +1700847330,45103635964382730042787510775768943344124205899661725832773760008557245840430,80551397938109693071821900773029279165251942192620944065979251270005878722105 +1700847360,82138937537299746186537297551370741527839085532782804549504008439058116026718,44524887697129044989301942487401532587411356330260294909590474611771922676480 +1700847390,24402719564998263171582562414080018324569987364726371165432807478098057616937,60472669746675830171981142997958426811646687188124106502425178509921942592437 diff --git a/Unibw 2023/crypto/T800 - I'm Back/utils.js b/Unibw 2023/crypto/T800 - I'm Back/utils.js new file mode 100644 index 00000000..b18e7c12 --- /dev/null +++ b/Unibw 2023/crypto/T800 - I'm Back/utils.js @@ -0,0 +1,124 @@ +"use strict"; + +async function postJSON(url, data) { + const response = await fetch(url, { + method: 'POST', + headers: { + 'Content-Type': 'application/json' + }, + body: JSON.stringify(data), + }); + if (!response.ok) { + if (response.statusText) { + throw new Error(response.statusText); + } else { + throw new Error("Something went wrong"); + } + } + return response.json(); +} + +async function getJSON(url) { + const response = await fetch(url); + if (!response.ok) { + if (response.statusText) { + throw new Error(response.statusText); + } else { + throw new Error("Something went wrong"); + } + } + return response.json(); +} + +function verifySig(pubkey, signature, data) { + return window.crypto.subtle.verify( + { + name: "ECDSA", + hash: { name: "SHA-256" }, + }, + pubkey, + signature, + data, + ); +} + +function signData(privkey, data) { + return window.crypto.subtle.sign( + { + name: "ECDSA", + hash: { name: "SHA-256" }, + }, + privkey, + data, + ); +} + +function ab2str(buf) { + let binary = ''; + const bytes = new Uint8Array(buf); + for (let i = 0, len = bytes.byteLength; i < len; i++) { + binary += String.fromCharCode(bytes[i]); + } + return binary; +} + +// PEM key import code from: +// https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/importKey#pkcs_8_import + +function str2ab(str) { + const buf = new ArrayBuffer(str.length); + const bufView = new Uint8Array(buf); + for (let i = 0, len = str.length; i < len; i++) { + bufView[i] = str.charCodeAt(i); + } + return buf; +} + +function importPrivateKey(pem) { + // fetch the part of the PEM string between header and footer + const pemHeader = "-----BEGIN PRIVATE KEY-----"; + const pemFooter = "-----END PRIVATE KEY-----"; + if (pem.length < pemHeader.length + pemFooter.length + 90 || + pem.indexOf(pemHeader) < 0 || + pem.indexOf(pemFooter) < 0) { + throw new Error("Invalid PEM key format"); + } + const pemContents = pem.substring( + pem.indexOf(pemHeader) + pemHeader.length, + pem.indexOf(pemFooter), + ); + // base64 decode the string to get the binary data + const binaryDerString = window.atob(pemContents); + // convert from a binary string to an ArrayBuffer + const binaryDer = str2ab(binaryDerString); + + return window.crypto.subtle.importKey( + "pkcs8", + binaryDer, + { + name: "ECDSA", + namedCurve: "P-256", + }, + false, + ["sign"], + ); +} + +function adminPublicKey() { + const pemContents = "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEG4nMe1/gySwCCGQxHL4nlwmpcOYllW1PDH0nQhoNYhGHK/UBtfgUKG9u/XjcWfEYFY2cvZWGrPyHzhzxVnV8bA=="; + // base64 decode the string to get the binary data + const binaryDerString = window.atob(pemContents); + // convert from a binary string to an ArrayBuffer + const binaryDer = str2ab(binaryDerString); + + return window.crypto.subtle.importKey( + "spki", + binaryDer, + { + name: "ECDSA", + namedCurve: "P-256", + }, + false, + ["verify"], + ); +} diff --git a/Unibw 2023/forensics/LuckyLuks/9b107acdc6a601b9ce8e6bcd800cfaae.bz2 b/Unibw 2023/forensics/LuckyLuks/9b107acdc6a601b9ce8e6bcd800cfaae.bz2 new file mode 100644 index 00000000..6c3d480c Binary files /dev/null and b/Unibw 2023/forensics/LuckyLuks/9b107acdc6a601b9ce8e6bcd800cfaae.bz2 differ diff --git a/Unibw 2023/forensics/LuckyLuks/README.md b/Unibw 2023/forensics/LuckyLuks/README.md new file mode 100644 index 00000000..e3593094 --- /dev/null +++ b/Unibw 2023/forensics/LuckyLuks/README.md @@ -0,0 +1,3 @@ +LuckyLuks + +A copy of Brewster's data might be interesting. If Luk is happy, you'll rock it. It works without arsenic and lace. diff --git a/Unibw 2023/rev/shelly/ape.py b/Unibw 2023/rev/shelly/ape.py new file mode 100644 index 00000000..4dca2adb --- /dev/null +++ b/Unibw 2023/rev/shelly/ape.py @@ -0,0 +1,28 @@ +s = "/code showtime" +alphabet = "0123456789abcdefghijklmnopqrstuvwxyz .,-!?+*'<>#@$€§%&/()[]0" + +last_letter = "1" + +output = [] + +for h in s: + int_h = int(alphabet.index(h)) + int_ll = int(alphabet.index(last_letter)) + diff = int_h - int_ll + sym = "" + if diff > 0: + sym = ">" + if diff < 0: + sym = "<" + if diff == 0: + pass + for i in range(abs(diff)): + print(sym) + if diff != 0: + print("!") + else: + pass + last_letter = h + pass + +print("p") diff --git a/Unibw 2023/rev/shelly/ape2.py b/Unibw 2023/rev/shelly/ape2.py new file mode 100644 index 00000000..58876454 --- /dev/null +++ b/Unibw 2023/rev/shelly/ape2.py @@ -0,0 +1,4 @@ +for i in range(100): + print(">") + print("!") + print("p") \ No newline at end of file