NuitDuhack - Matriochka+Invest
We finish rank 8 in Nuit du hack, and we qualified for the finals in Paris - Disneyland ^^/. Here are some quick writeups.
This was a series of reverse engineering challenges, each binary if solved gives the next one in base64.
Password in strings. Run and gives base64 stage2 binary
At address 0x4076b we have the password checking code. We translate it to python and solve with SAT/z3.
Gives us : Pandi_panda and stage3
It create SIGSEGV handler and SIGFPE handler, the signals are used to move to the password checking parts, each signal raised causes the next handler to run. If all checks are passed a SIGFPE is raised and calls the win function. Same as with stage2 we translate logic to python and solve with SAT/z3.
Gives us : Did_you_like_signals?, and binary for last stage
An MBR boot sector is given.
We load the binary in r2 and check for strings comparison, xoring, and some instructions.
Giving us Good_Game_!, we run the binary in qemu [~/nuit/matryochka]$ qemu-system-x86_64 -S -s -hda ./step4.base -curses attach gdb, continue, and this actually wins, but is not the Magic word. We find a bunch of places in the binary that do comparisons but with non-printable characters, for example
each one of them looks like :
Where [0x19c7] is our input, we use the index ebx, and the comparison, to recreate the required memory to win. We also find three calls to an xor function.
What caught my attention here is the third call which xors 0x18 bytes from our input with 0x18 bytes from 0x19cb. Now we know what the key should be. we xor that with the memory mentioned above and we get the key.
Gives us : Ddr1ml/frf which is the magic word.
A pcap-ng file is given, we dump http objects from wireshark. We get a bunch of encryptXX splitted file we unsplit them cat encrypt* > encrypt.bin which is an encrypted file.
next we have this image
and this key from key.txt
we translate the simple circuit to python and decode the key.
We get the following
which is a 4Ukz95F2YqPi then we try various openssl ciphers to decrypt the file.
The file out.-aes256 is the correct one with the flag behind darth vader's image.