updates

Unibw 2023/crypto/T800 - I'm Back/00_create_chall_sig_csv.py

@@ -0,0 +1,42 @@
+import requests
+from time import sleep
+from base64 import b64decode
+import sys
+
+URL = 'https://t800.codectf.localos.io/challenge'
+OUTPUT = 'challenges.csv'
+SIGCOUNT = 4
+INTERVAL = 30 # chall ändert sich alle 30s
+ORDER = 115792089210356248762697446949407573529996955224135760342422259061068512044369 #NIST256p
+
+HPNAME = "ctf2023"
+HPPASS = "t,FcUGJ>h:7=.woy"
+
+def sigdecode(sig, order):
+	bl = (order.bit_length() + 7) // 8 # bytelength
+	sig = b64decode(sig.encode('utf-8'))
+	assert len(sig) == 2 * bl
+	r = int.from_bytes(sig[:bl], 'big') # ab bytelength
+	s = int.from_bytes(sig[bl:], 'big') # bis bytelength
+	return r % order, s % order
+
+if __name__ == '__main__':
+	with open(OUTPUT, 'w') as outfile:
+		count = 0
+		last_chal = None
+		
+		while count < SIGCOUNT:
+			s = requests.Session()
+			s.auth = (HPNAME, HPPASS) # session auth
+			
+			resp = s.get(URL, verify = False)
+			data = resp.json()
+			r, s = sigdecode(data['sig'], ORDER)
+			chal = data['challenge']
+			
+			if chal != last_chal:
+				print(chal, r, s, sep=',', file=outfile)
+				last_chal = chal
+				count += 1
+			
+			sleep(INTERVAL / 2)

Unibw 2023/crypto/T800 - I'm Back/challenges.csv

@@ -0,0 +1,13 @@
+1700847030,103212689316720442713110245172491724265642386432064709268562883378472765546362,27570785100405427479638454093960533643156886667960673546908172046935877989036
+1700847060,19223603755572751593728557346968163943726372137386804983896588864164764239537,74847396429649245807677184098422968864292643147372507217650024609970834035235
+1700847090,69632469991638642475282479459527970764300839765982099501058079976353175931423,73924238490748771108019271471777492350618477761667395182852798739810068114461
+1700847120,35931958938312186433744877572967643879702031061511321661663552212434277489189,93760901016644053339332594943931083613835851287602662307855403190078105832802
+1700847150,50806110590624501747534872737854453377163405079912439627097733643618167872359,99381514970219964449385744106093164620269125328883285068989025227606096568603
+1700847180,13422112570068293876055441825903781001430065939930541531895292946328863103691,19562470247120181117656754090345023965385882454016286281064962961868612402775
+1700847210,42382845092316820515520379160984676075394731690996642804251249229287836097189,43757583821324294984297885176734580133689956394323021866409334655033388852446
+1700847240,8433570965609288778910743256787316740229430345930563634743866877224245232479,110124969439297824903029108350618400048819093104597849948815615232081538970193
+1700847270,12239314457332724722130410276312500309039498098176147024033711949050272155974,74128810784756725907139157104966315243652678003676374828310462835556715012862
+1700847300,107470886335335223248231920276450140312743053108698191149938227163683346427203,65616339986533163462895771781572798911889341694904888954645182834966114841007
+1700847330,45103635964382730042787510775768943344124205899661725832773760008557245840430,80551397938109693071821900773029279165251942192620944065979251270005878722105
+1700847360,82138937537299746186537297551370741527839085532782804549504008439058116026718,44524887697129044989301942487401532587411356330260294909590474611771922676480
+1700847390,24402719564998263171582562414080018324569987364726371165432807478098057616937,60472669746675830171981142997958426811646687188124106502425178509921942592437

Unibw 2023/crypto/T800 - I'm Back/utils.js

@@ -0,0 +1,124 @@
+"use strict";
+
+async function postJSON(url, data) {
+	const response = await fetch(url, {
+		method: 'POST',
+		headers: {
+			'Content-Type': 'application/json'
+		},
+		body: JSON.stringify(data),
+	});
+	if (!response.ok) {
+		if (response.statusText) {
+			throw new Error(response.statusText);
+		} else {
+			throw new Error("Something went wrong");
+		}
+	}
+	return response.json();
+}
+
+async function getJSON(url) {
+	const response = await fetch(url);
+	if (!response.ok) {
+		if (response.statusText) {
+			throw new Error(response.statusText);
+		} else {
+			throw new Error("Something went wrong");
+		}
+	}
+	return response.json();
+}
+
+function verifySig(pubkey, signature, data) {
+	return window.crypto.subtle.verify(
+		{
+			name: "ECDSA",
+			hash: { name: "SHA-256" },
+		},
+		pubkey,
+		signature,
+		data,
+	);
+}
+
+function signData(privkey, data) {
+	return window.crypto.subtle.sign(
+		{
+			name: "ECDSA",
+			hash: { name: "SHA-256" },
+		},
+		privkey,
+		data,
+	);
+}
+
+function ab2str(buf) {
+	let binary = '';
+	const bytes = new Uint8Array(buf);
+	for (let i = 0, len = bytes.byteLength; i < len; i++) {
+		binary += String.fromCharCode(bytes[i]);
+	}
+	return binary;
+}
+
+// PEM key import code from:
+// https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/importKey#pkcs_8_import
+
+function str2ab(str) {
+	const buf = new ArrayBuffer(str.length);
+	const bufView = new Uint8Array(buf);
+	for (let i = 0, len = str.length; i < len; i++) {
+		bufView[i] = str.charCodeAt(i);
+	}
+	return buf;
+}
+
+function importPrivateKey(pem) {
+	// fetch the part of the PEM string between header and footer
+	const pemHeader = "-----BEGIN PRIVATE KEY-----";
+	const pemFooter = "-----END PRIVATE KEY-----";
+	if (pem.length < pemHeader.length + pemFooter.length + 90 ||
+		  pem.indexOf(pemHeader) < 0 ||
+		  pem.indexOf(pemFooter) < 0) {
+		throw new Error("Invalid PEM key format");
+	}
+	const pemContents = pem.substring(
+		pem.indexOf(pemHeader) + pemHeader.length,
+		pem.indexOf(pemFooter),
+	);
+	// base64 decode the string to get the binary data
+	const binaryDerString = window.atob(pemContents);
+	// convert from a binary string to an ArrayBuffer
+	const binaryDer = str2ab(binaryDerString);
+
+	return window.crypto.subtle.importKey(
+		"pkcs8",
+		binaryDer,
+		{
+			name: "ECDSA",
+			namedCurve: "P-256",
+		},
+		false,
+		["sign"],
+	);
+}
+
+function adminPublicKey() {
+	const pemContents = "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEG4nMe1/gySwCCGQxHL4nlwmpcOYllW1PDH0nQhoNYhGHK/UBtfgUKG9u/XjcWfEYFY2cvZWGrPyHzhzxVnV8bA==";
+	// base64 decode the string to get the binary data
+	const binaryDerString = window.atob(pemContents);
+	// convert from a binary string to an ArrayBuffer
+	const binaryDer = str2ab(binaryDerString);
+
+	return window.crypto.subtle.importKey(
+		"spki",
+		binaryDer,
+		{
+			name: "ECDSA",
+			namedCurve: "P-256",
+		},
+		false,
+		["verify"],
+	);
+}

Unibw 2023/forensics/LuckyLuks/README.md

@@ -0,0 +1,3 @@
+LuckyLuks
+
+A copy of Brewster's data might be interesting. If Luk is happy, you'll rock it. It works without arsenic and lace.

Unibw 2023/rev/shelly/ape.py

@@ -0,0 +1,28 @@
+s = "/code showtime"
+alphabet = "0123456789abcdefghijklmnopqrstuvwxyz .,-!?+*'<>#@$ۤ%&/()[]0"
+
+last_letter = "1"
+
+output = []
+
+for h in s:
+    int_h = int(alphabet.index(h))
+    int_ll = int(alphabet.index(last_letter))
+    diff = int_h - int_ll
+    sym = ""
+    if diff > 0:
+        sym = ">"
+    if diff < 0:
+        sym = "<"
+    if diff == 0:
+        pass
+    for i in range(abs(diff)):
+        print(sym)
+    if diff != 0:
+        print("!")
+    else:
+        pass
+    last_letter = h
+    pass
+
+print("p")

Unibw 2023/rev/shelly/ape2.py

@@ -0,0 +1,4 @@
+for i in range(100):
+    print(">")
+    print("!")
+    print("p")