Press "Enter" to skip to content

[CSAW2017] baby_crypt


In this question, the socket service will be based on our input and append the flag in the end to do aes cbc encryption.


In AES ecb mod encryption, each block is 16bytes (32 hex). For example:

Block1 Block2 Block3
aaaaaaaaaaaaaaaa bbbbbbbbbbbbbbbb cccccccccccccccc


If there are not 16 bytes, it will use the padding to fill in. For example:

Block1 Block2 Block3
aaaaaaaaaaaaaaaa bbbbbbbbbbbbbbbb ccccccccc0000000


In this question, the blocks will be like this:

Block1 Block2 Block3
inputinputinputi flag{xxxxxxxxxx xxxxxxxxxxxxxxx}


So we can control the value of block1. What if we just input 15 character as out input?

The first character of flag will be stored in Block1:

Block1 Block2 Block3
inputinputinputf lag{xxxxxxxxxxx xxxxxxxxxxxxxx}0


So, we can make the block like this to brute force the flag:

Block1 Block2 Block3 ...
aaaaaaaaaaaaaaaX aaaaaaaaaaaaaaaf lag{xxxxxxxxxxx ...
Block1 Block2 Block3 ...
aaaaaaaaaaaaaafX aaaaaaaaaaaaaafl ag{xxxxxxxxxxxx ...
Block1 Block2 Block3 ...
aaaaaaaaaaaaaflX aaaaaaaaaaaaafla g{xxxxxxxxxxxxx ...


To test all printable value in X. If Block1 equals to Block2. Which means the first characters are correct.

Based on this concept, i wrote a script to test it automatically.


Be First to Comment

Leave a Reply

Your email address will not be published. Required fields are marked *