Wednesday, March 17, 2010

Write-up Codegate 2010 #17 - Crypto, Linear Congruential Generators and Vernam Cipher, the power of XOR

Challenge #17 was crypto, based on Linear Congruential Generators (LCG), a well known pseudorandom number generator (PRNG), and the Vernam Cipher which is basically a XOR cipher relying on exclusive OR . Sadly, we did not succeed this challenge in time. However my friend Ivan found it afterwards thanks to Julianor (a staff member).

Basically, there is a TCP server listening to incoming connections. We simply use netcat (or telnet) to connect to it:
$ nc ctf3.codegate.org 10909
a?

c?

m?

Bad values

Tuesday, March 16, 2010

Write-up Codegate 2010 #19 - Forensic, introduction to the Sleuth Kit and Autopsy

Challenge #19 was also interesting, at least for the story:
Found a dead guy on the street, assumed that a guy committed suicide.
How can you assume that? Find the clue.
And they gave us a simple binary file: 56DACF1C6CF363F27501FFCA50CC0415 (9.6MB).

Monday, March 15, 2010

Write-up Codegate 2010 #7 - Decrypting HTTPS SSL/TLSv1 using RSA 768bits with Wireshark

Last week-end, I was a challenger at Codegate 2010 Capture the Flag with team Nibbles. Well organized by Koreans guys (who didn't sleep a lot either ;), the CTF proposed quality challenges and I thought it would be a great subject for a few posts.

Challenge #7 was a network capture file (ssl.pcap) containing an encrypted https session. The hint was: does the modulus look familiar?. The goal is obviously to decrypt the https to find the flag. Let's see how we can do that!

Steps:
  1. Extract public certificate
  2. Identify encryption
  3. Create private certificate
  4. Decrypt https

Friday, March 12, 2010

Nanosecond time measurement with clock_gettime, CPU idling

Recently, I had to do latency testing of message passing between kernel-land and user-land, so I first looked after time structures and functions available in both the kernel and the libc, and then I looked after possible tuning of the kernel.

Obviously gettimeofday is not precise enough because it returns a timeval structure (defined in time.h), which only has a microsecond resolution:
struct timeval {
  time_t      tv_sec;       /* seconds */
  suseconds_t tv_usec; /* microseconds */
};