RIwA/TBB/Kqdyp/IvMFLuaVYaJlrPYYUTrNdjIdLDptzWRWFSxAMtj9KF7gE3Ru S4tMILdpWK1X71UT6gGvKtWbFpGktg5+7gWKpHdryWo7ezs6uYp0P/DhbCIDNIHfĠMg2VDEeFTsU1QZ+pGZNQZuXuiim7laTsArLfHBGdisNjs4r29xMeEkjF4vrHIx4 Igejd+Vw8bn+cLm1zZRhv2vDn4c06ge04/anESkXm0GD0+TwqQKCAQEKsoul29Z6 Rw5kwHoL1R2LS3RwyakxQUMFpT/aChaFYaK4kGzn/0IVwJEiSNVco+BJmvH1mHe3 Q9lG30w2SK9PdxTNWE2x7NFEWMiCesIiw8oIKAwrpofBmqjfd9SYz69wDJAZ9QU4Ĭni6Q/LxvNgqFeGcTao7MwUdMa7BqU4EP4G3+yGvGXVYj9qg2/smnxGOXE6eJpIsįECrhTV6q圎DYWYpJ7dPL+J4Jbrp6deqNB2DQbk1iO2i54DNma15CsKBRvETs9Cf Qns9zOjS5cS9fnwPCjqW7/Sg3ncXZ6jiD0bJeo5fnXh41vMRbM5ruEYgFL4hh11VĬTe9JI6zWQ2V/Oehe9y90iNGXMAX1vx2+/4uS5zMSSQbpFL9+E0cgYXK0zqDxbWs L/iL9+9MyznnWF3p7Tof6uqF0IdIa6NcUh4L6SikeNUaWRXzZytnPCJHODZwulmR WHnSA/7r8ckR0bzMuLkl5a28aoUcIHK+vOoADIxIUHNqacCGXjEIJPnn3jZCnLPj IugiKnGV4OwGwIKB/8FucQbnfmi4xFEEJL7rVYL+Icw0X1NTRoK3XDaNc8kCAnppĪoICAWGMrtRH47OiP+ZhlwZpsZ/IUX8a/+9H21YctO7FYrWJh4lAiZiC9JAjbAF4ĬHlthnUyUq6X0dG2hpSQ7DCGf6cecGKuzwBX/K5r+zJMUTPRaTzFZuRMSMHuE59f LC6xgZbCyYUQGvTqxnSZOWxiQa1PJDntEfh9Z+c6I5uGXEXWWmHPD1YILegxuX+y IJMd4kbVYzTYiX1kZbIn9sCV7OGtmUx1UfCNvCH4tAaR7lH19y0FLZNSBi+QsOfF sAAAAAAAAAAB//////+wAAAAAAAAAAAB//////+wAAAAAAAAAAAB////////sAĪAAAAAAAAB///yIiIisAAAAAAAAAAB//+wAAAAAAAAAAAAAAAB//+wAAAAAAAAAAĪAAAAB//+wAAAAAAAAAAAAAAAB//+wAAAAAAAAAAAAAAAB//+wAAAAAAAAAAAAAAĪB//+wAAAAAAAAAAAAAAAB//+wAAAAAAAAAmUpPEQivjUyY4/usqY16GXlvM1IYtįJH45G7UGv2rMqsekTwpbEWnI6NxzErSGNJzpJSsUBocZ3V2uE06FwCyTjjz18gJĭJUnZ/ip2lMutElqlT+ismQfk69YMh5JGtaz4fZgDqF1djWi1HVi3/LyRb/I7VEU +wAAAAAAAAAAAAAAAB//+wAAAAAAAAAAAAAAAB///3d3d3sAAAAAAAAAAB////// MIIJKgIBAAKCAgFyb290AAAAAAAAAAAAAAAAAAAAAAAbAAAAAAAAAAAAAAAAAB// RsaCtfTool.py -publickey ~/bsides/crypto/root/key.pub -verbose -private I start by converting the DER format key into a compatible key format, to do this I extract the public key alone from the DER format key again, using. I added a bunch of attack types that might apply here, so let’s give it a whirl. A fork of a project to simplify attacks against RSA in CTF challenges.
To do this im going to use a tool I worked on about a year back called RsaCtfTool. A little bit suspicious don’t you think? The exponent doesn’t look to usual either but let’s focus on maybe trying to factor the modulus. There’s more information but the most interesting thing here is the modulus, it looks more like ASCII art than a proper modulus. Issuer: C=US, ST=New York, L=New York, O=E Corp, Before: Feb 1 00:39:00 2017 GMT Signature Algorithm: sha256WithRSAEncryption Let’s just get the human readable form of the openssl x509 -inform DER -in r -text
We save the file as r and now we can examine it with the openssl command line tools.
If we expand the Secure Sockets Layer > TLSv1.2 Record Layer: Handshake Protocol: Certificate data, all the way until we isolate the actual certificate content, we can then right click the record and “ Export Packet Bytes…”:
To do this we can use Wireshark to expert it as a DER format X509 certificate by drilling down in the “Server Hello” packet which is in frame 11 of this pcap. The verbage in the clue about “using TLS to protect the modulus fetch” though made me think of examining the certificate used in the TLS negotiation in some detail. If we examine the PCAP in wireshark to get a high level overview of the challenge here we see very little in the way of plaintext anything. Note: Flag does not follow the “Flag:” format but is recognizable Unfortunately I need someone who can do it in 60 seconds. Now, I have been told that the best crackers in the world can do this in 60 minutes. Unfortunately it seems they’re using TLS to protect the modulus fetch. Our guy inside e-corp was able to get that packet capture of their backend PKI you asked for. So hopefully a quick writeup! Here’s the clue:
0 kommentar(er)
