最初に
問題文
Description
People keep trying to trick my players with imitation flags. I want to make sure they get the real thing! I'm going to provide the SHA-256 hash and a decrypt script to help you know that my flags are legitimate.
Additional details will be available after launching your challenge instance.
Launch Instanceをしたら、以下の文章もでてきました
Remember, in a shell, passwords are hidden!
Checksum: fba9f49bf22aa7188a155768ab0dfdc1f9b86c47976cd0f7c9003af2e20598f7
To decrypt the file once you've verified the hash, run ./decrypt.sh files/.
Write up
まずは問題文にあるようにSSHでログイン
ctf-player@pico-chall$ whoami
ctf-player
ctf-player@pico-chall$ pwd
/home/ctf-player/drop-in
ctf-player@pico-chall$ ls -la
total 20
drwxr-xr-x 3 ctf-player ctf-player 57 Mar 12 2024 .
drwxr-xr-x 1 ctf-player ctf-player 20 Nov 26 13:11 ..
-rw-r--r-- 1 root root 65 Mar 12 2024 checksum.txt
-rwxr-xr-x 1 root root 856 Mar 12 2024 decrypt.sh
drwxr-xr-x 2 ctf-player ctf-player 8192 Mar 12 2024 files
ctf-player@pico-chall$
decrypt.shの中身もみておく
そんなに変なことはしていなさそう・・・
ctf-player@pico-chall$ cat decrypt.sh
#!/bin/bash
# Check if the user provided a file name as an argument
if [ $# -eq 0 ]; then
echo "Expected usage: decrypt.sh <filename>"
exit 1
fi
# Store the provided filename in a variable
file_name="$1"
# Check if the provided argument is a file and not a folder
if [ ! -f "/home/ctf-player/drop-in/$file_name" ]; then
echo "Error: '$file_name' is not a valid file. Look inside the 'files' folder with 'ls -R'!"
exit 1
fi
# If there's an error reading the file, print an error message
if ! openssl enc -d -aes-256-cbc -pbkdf2 -iter 100000 -salt -in "/home/ctf-player/drop-in/$file_name" -k picoCTF; then
echo "Error: Failed to decrypt '$file_name'. This flag is fake! Keep looking!"
fi
今回の問題でキモとなるchecksum.txtはSHA256のハッシュ値が記載されていました
fba9f49bf22aa7188a155768ab0dfdc1f9b86c47976cd0f7c9003af2e20598f7
問題文にもあったが、念のため確認
┌──(root㉿kali)-[~]
└─# hash-identifier
/usr/share/hash-identifier/hash-id.py:13: SyntaxWarning: invalid escape sequence '\ '
--------------------------------------------------
HASH: fba9f49bf22aa7188a155768ab0dfdc1f9b86c47976cd0f7c9003af2e20598f7
Possible Hashs:
[+] SHA-256
[+] Haval-256
Least Possible Hashs:
[+] GOST R 34.11-94
[+] RipeMD-256
[+] SNEFRU-256
[+] SHA-256(HMAC)
[+] Haval-256(HMAC)
[+] RipeMD-256(HMAC)
[+] SNEFRU-256(HMAC)
[+] SHA-256(md5($pass))
[+] SHA-256(sha1($pass))
--------------------------------------------------
いろいろ試してみましたが、sha256sumは動作するみたい
ctf-player@pico-chall$ sha256sum checksum.txt
da498696036e38f06e75a154878b42a28e14701405140a71f1f5a1e147e071d1 checksum.txt
files/にあるファイルを復号化して、それをHash化すればチェックサムと同じになると思った(あとから勘違いだと気が付く(-_-;))が、スクリプトを作ってFor文で回したかったが、エディタツールがことごとく無い。。。
ctf-player@pico-chall$ vi
-bash: vi: command not found
ctf-player@pico-chall$ vim
-bash: vim: command not found
ctf-player@pico-chall$ nano
-bash: nano: command not found
ctf-player@pico-chall$ gedit
-bash: gedit: command not found
ctf-player@pico-chall$
とりあえずHashcatしてみる(めちゃくちゃ勘違いしている)
┌──(root㉿kali)-[~]
└─# hashcat -m 1400 'fba9f49bf22aa7188a155768ab0dfdc1f9b86c47976cd0f7c9003af2e20598f7' /usr/share/wordlists/rockyou.txt
hashcat (v6.2.6) starting
OpenCL API (OpenCL 3.0 PoCL 6.0+debian Linux, None+Asserts, RELOC, LLVM 17.0.6, SLEEF, DISTRO, POCL_DEBUG) - Platform #1 [The pocl project]
============================================================================================================================================
* Device #1: cpu-penryn-12th Gen Intel(R) Core(TM) i5-12450H, 3110/6285 MB (1024 MB allocatable), 6MCU
Minimum password length supported by kernel: 0
Maximum password length supported by kernel: 256
Hashes: 1 digests; 1 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates
Rules: 1
結果は以下ですが、Recoveredが0/1になっているので、みつけられなかったみたい
Session..........: hashcat
Status...........: Exhausted
Hash.Mode........: 1400 (SHA2-256)
Hash.Target......: fba9f49bf22aa7188a155768ab0dfdc1f9b86c47976cd0f7c90...0598f7
Time.Started.....: Tue Nov 26 21:57:06 2024 (16 secs)
Time.Estimated...: Tue Nov 26 21:57:22 2024 (0 secs)
Kernel.Feature...: Pure Kernel
Guess.Base.......: File (/usr/share/wordlists/rockyou.txt)
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........: 562.2 kH/s (0.34ms) @ Accel:512 Loops:1 Thr:1 Vec:4
Recovered........: 0/1 (0.00%) Digests (total), 0/1 (0.00%) Digests (new)
Progress.........: 14344385/14344385 (100.00%)
Rejected.........: 0/14344385 (0.00%)
Restore.Point....: 14344385/14344385 (100.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:0-1
Candidate.Engine.: Device Generator
Candidates.#1....: $HEX[212173657879616e67656c2121] -> $HEX[042a0337c2a156616d6f732103]
Hardware.Mon.#1..: Util: 26%
Started: Tue Nov 26 21:57:05 2024
Stopped: Tue Nov 26 21:57:24 2024
ここで行き詰ってしまったので、ヒント2を見てみる
英語
You can create a SHA checksum of a file with sha256sum <file> or all files in a directory with sha256sum <directory>/*.
日本語
sha256sum <file> を使用してファイルの SHA チェックサムを作成するか、sha256sum <directory>/* を使用してディレクトリ内のすべてのファイルの SHA チェックサムを作成できます。
復号化したものをSHA256でハッシュ値を取るとチェックサムと一致すると思っていたけど、復号化する前でも一致するのか。。。?
(ここで勘違いに気が付く)
試しにやってみたところ、
ctf-player@pico-chall$ sha256sum files/* > sha256sum_output.txt
ctf-player@pico-chall$ grep 'fba9f49bf22aa7188a155768ab0dfdc1f9b86c47976cd0f7c9003af2e20598f7' sha256sum_output.txt
fba9f49bf22aa7188a155768ab0dfdc1f9b86c47976cd0f7c9003af2e20598f7 files/87590c24
ctf-player@pico-chall$ ./decrypt.sh files/87590c24
picoCTF{trust_but_verify_87590c24}
うまくいった!
最後に
今回学んだことは以下
- 使えるコマンドを頑張って探すことは大切
- 勘違いは恐ろしい(CTFに限らず)