[Write-up] Programming 01 & Blockchain – WhiteHat Grand Prix 06 – Quals 2020

Thursday, 09/01/2020

Tram Ho

Programming 01

Threads

nc 15.164.75.32 1999

1 2	nc 15.164.75.32 1999

The answer

Connect test we get the following screen:

PROGRAMING - WHITEHAT GRANDPRIX 06:

--&gt; COUNT THE NUMBER OF POSSIBLE TRIANGLES &lt;--

HOW MANY TRIANGLES ARE CREATED BY N (1..N) NUMBER. N &lt; 10^6

Example:  N = 5
OUTPUT : 3 

(2,3,4),(3,4,5),(2,4,5)
................/...................|...................
.............../  ..................| ..................
............../    .................|  .................
............./      ................|   ................
............/        ...............|    ...............
.........../          ..............|     ..............
........../____________.............|______.............

n = 11
Answer: %

PROGRAMING - WHITEHAT GRANDPRIX 06:

--> COUNT THE NUMBER OF POSSIBLE TRIANGLES <--

HOW MANY TRIANGLES ARE CREATED BY N (1..N) NUMBER. N < 10^6

Example: N = 5

OUTPUT : 3

(2,3,4),(3,4,5),(2,4,5)

................/...................|...................

.............../ ..................| ..................

............../ .................| .................

............./ ................| ................

............/ ...............| ...............

.........../ ..............| ..............

........../____________.............|______.............

n = 11

Answer: %

Vậy là đề bài yêu cầu tìm số hình tam giác có cạnh là số nguyên, có thể tạo được bằng các số tự nhiên từ 1 cho đến N. Vì N rất lớn (&gt; 99999) nên khả năng cao là sẽ có công thức toán cho đáp án, ta có thể google hoặc ngồi phân tích thuật toán. Cơ mà mình dốt toán nên sẽ google :cry:. Code nhanh 1 chương trình tìm số tam giác theo đúng yêu cầu đề bài:

Vậy là đề bài yêu cầu tìm số hình tam giác có cạnh là số nguyên, có thể tạo được bằng các số tự nhiên từ 1 cho đến N. Vì N rất lớn (> 99999) nên khả năng cao là sẽ có công thức toán cho đáp án, ta có thể google hoặc ngồi phân tích thuật toán. Cơ mà mình dốt toán nên sẽ google :cry:. Code nhanh 1 chương trình tìm số tam giác theo đúng yêu cầu đề bài:

<span class="token keyword">from</span> itertools <span class="token keyword">import</span> permutations

<span class="token keyword">for</span> N <span class="token keyword">in</span> <span class="token builtin">range</span> <span class="token punctuation">(</span> <span class="token number">4</span> <span class="token punctuation">,</span> <span class="token number">10</span> <span class="token punctuation">)</span> <span class="token punctuation">:</span>
    ans <span class="token operator">=</span> <span class="token punctuation">[</span> <span class="token punctuation">]</span>
    <span class="token keyword">for</span> a <span class="token punctuation">,</span> b <span class="token punctuation">,</span> c <span class="token keyword">in</span> permutations <span class="token punctuation">(</span> <span class="token builtin">range</span> <span class="token punctuation">(</span> <span class="token number">1</span> <span class="token punctuation">,</span> N <span class="token operator">+</span> <span class="token number">1</span> <span class="token punctuation">)</span> <span class="token punctuation">,</span> <span class="token number">3</span> <span class="token punctuation">)</span> <span class="token punctuation">:</span>
        <span class="token keyword">if</span> a <span class="token operator">+</span> b <span class="token operator">&gt;</span> c <span class="token operator">and</span> b <span class="token operator">+</span> c <span class="token operator">&gt;</span> a <span class="token operator">and</span> a <span class="token operator">+</span> c <span class="token operator">&gt;</span> b <span class="token punctuation">:</span>
            ans <span class="token punctuation">.</span> append <span class="token punctuation">(</span> <span class="token string">"-"</span> <span class="token punctuation">.</span> join <span class="token punctuation">(</span> <span class="token builtin">map</span> <span class="token punctuation">(</span> <span class="token builtin">str</span> <span class="token punctuation">,</span> <span class="token builtin">sorted</span> <span class="token punctuation">(</span> <span class="token punctuation">[</span> a <span class="token punctuation">,</span> b <span class="token punctuation">,</span> c <span class="token punctuation">]</span> <span class="token punctuation">)</span> <span class="token punctuation">)</span> <span class="token punctuation">)</span> <span class="token punctuation">)</span>
    ans <span class="token operator">=</span> <span class="token builtin">set</span> <span class="token punctuation">(</span> ans <span class="token punctuation">)</span>
    <span class="token comment"># print(ans)</span>
    <span class="token keyword">print</span> <span class="token punctuation">(</span> <span class="token builtin">len</span> <span class="token punctuation">(</span> ans <span class="token punctuation">)</span> <span class="token punctuation">)</span>

from itertools import permutations

for N in range ( 4 , 10 ) :

ans = [ ]

for a , b , c in permutations ( range ( 1 , N + 1 ) , 3 ) :

if a + b > c and b + c > a and a + c > b :

ans . append ( "-" . join ( map ( str , sorted ( [ a , b , c ] ) ) ) )

ans = set ( ans )

# print(ans)

print ( len ( ans ) )

then try to run with small N (4, 5, 6, 7, …), then the following sequence:

➜  whqual2020 python brute_triangle.py
1
3
7
13
22
34

➜ whqual2020 python brute_triangle.py

Google tried this sequence and the result was: https://oeis.org/A173196

a (n-1) is the number of integer-sided scalene triangles with largest side <= n, including degenerate (ie, collinear) triangles. a (n-2) is the number of non-degenerate integer-sided scalene triangles. – Alexander Evnin, Oct 12 2010

OK, so the only job that implements the calculation formula, connect and get the flag (note the offset of N threads against n of the sequence):

<span class="token keyword">from</span> netcatlib <span class="token keyword">import</span> Netcat

nc <span class="token operator">=</span> Netcat <span class="token punctuation">(</span> <span class="token string">'15.164.75.32'</span> <span class="token punctuation">,</span> <span class="token number">1999</span> <span class="token punctuation">)</span>
resp <span class="token operator">=</span> nc <span class="token punctuation">.</span> read_until <span class="token punctuation">(</span> <span class="token string">"Answer:"</span> <span class="token punctuation">)</span>
<span class="token keyword">while</span> <span class="token boolean">True</span> <span class="token punctuation">:</span>
    <span class="token keyword">for</span> line <span class="token keyword">in</span> resp <span class="token punctuation">.</span> split <span class="token punctuation">(</span> <span class="token string">"n"</span> <span class="token punctuation">)</span> <span class="token punctuation">:</span>
        <span class="token keyword">print</span> <span class="token punctuation">(</span> line <span class="token punctuation">)</span>
        <span class="token keyword">if</span> <span class="token string">"n = "</span> <span class="token keyword">in</span> line <span class="token punctuation">:</span>
            N <span class="token operator">=</span> <span class="token builtin">int</span> <span class="token punctuation">(</span> line <span class="token punctuation">[</span> line <span class="token punctuation">.</span> index <span class="token punctuation">(</span> <span class="token string">"n = "</span> <span class="token punctuation">)</span> <span class="token operator">+</span> <span class="token number">4</span> <span class="token punctuation">:</span> <span class="token punctuation">]</span> <span class="token punctuation">)</span>
            <span class="token keyword">print</span> <span class="token punctuation">(</span> N <span class="token punctuation">)</span>
            <span class="token keyword">break</span>
    K <span class="token operator">=</span> N <span class="token operator">-</span> <span class="token number">2</span>
    ans <span class="token operator">=</span> <span class="token punctuation">(</span> <span class="token number">4</span> <span class="token operator">*</span> K <span class="token operator">**</span> <span class="token number">3</span> <span class="token operator">+</span> <span class="token number">6</span> <span class="token operator">*</span> K <span class="token operator">**</span> <span class="token number">2</span> <span class="token operator">-</span> <span class="token number">4</span> <span class="token operator">*</span> K <span class="token operator">-</span> <span class="token number">3</span> <span class="token operator">+</span> <span class="token number">3</span> <span class="token operator">*</span> <span class="token punctuation">(</span> <span class="token operator">-</span> <span class="token number">1</span> <span class="token punctuation">)</span> <span class="token operator">**</span> K <span class="token punctuation">)</span> <span class="token operator">/</span> <span class="token number">48</span>
    <span class="token keyword">print</span> <span class="token punctuation">(</span> <span class="token string">"ans = "</span> <span class="token punctuation">,</span> ans <span class="token punctuation">)</span>
    nc <span class="token punctuation">.</span> write <span class="token punctuation">(</span> <span class="token builtin">str</span> <span class="token punctuation">(</span> ans <span class="token punctuation">)</span> <span class="token operator">+</span> <span class="token string">"n"</span> <span class="token punctuation">)</span>
    resp <span class="token operator">=</span> nc <span class="token punctuation">.</span> read_until <span class="token punctuation">(</span> <span class="token string">":"</span> <span class="token punctuation">)</span>
    <span class="token keyword">print</span> <span class="token punctuation">(</span> resp <span class="token punctuation">)</span>

from netcatlib import Netcat

nc = Netcat ( '15.164.75.32' , 1999 )

resp = nc . read_until ( "Answer:" )

while True :

for line in resp . split ( "n" ) :

print ( line )

if "n = " in line :

N = int ( line [ line . index ( "n = " ) + 4 : ] )

print ( N )

break

K = N - 2

ans = ( 4 * K ** 3 + 6 * K ** 2 - 4 * K - 3 + 3 * ( - 1 ) ** K ) / 48

print ( "ans = " , ans )

nc . write ( str ( ans ) + "n" )

print ( resp )

Run and get the flag:

➜  whqual2020 python prog01.py      

PROGRAMING - WHITEHAT GRANDPRIX 06:

-- <span class="token operator">&gt;</span> COUNT THE NUMBER OF POSSIBLE TRIANGLES <span class="token operator">&lt;</span> --

HOW MANY TRIANGLES ARE CREATED BY N <span class="token punctuation">(</span> 1 <span class="token punctuation">..</span> N <span class="token punctuation">)</span> NUMBER. N <span class="token operator">&lt;</span> 10^6

Example:  N <span class="token operator">=</span> 5
OUTPUT <span class="token keyword">:</span> 3 

<span class="token punctuation">(</span> 2,3,4 <span class="token punctuation">)</span> , <span class="token punctuation">(</span> 3,4,5 <span class="token punctuation">)</span> , <span class="token punctuation">(</span> 2,4,5 <span class="token punctuation">)</span>
<span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> / <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> . <span class="token operator">|</span>  <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> .
<span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> ./   <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token operator">|</span>  <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span>
<span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> /     <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> . <span class="token operator">|</span>   <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> .
<span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> ./       <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token operator">|</span>    <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span>
<span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> /         <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> . <span class="token operator">|</span>     <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> .
<span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> ./           <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token operator">|</span>      <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span>
<span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> /____________ <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> . <span class="token operator">|</span> ______ <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> <span class="token punctuation">..</span> .

n <span class="token operator">=</span> 7
7
<span class="token punctuation">(</span> <span class="token string">'ans = '</span> , 13 <span class="token punctuation">)</span>
 Well done <span class="token operator">!</span> Let <span class="token string">'s accelerate.n = 9999
Answer:
 Well done! Let'</span> s accelerate.n <span class="token operator">=</span> 9999
9999
<span class="token punctuation">(</span> <span class="token string">'ans = '</span> , 83270847499 <span class="token punctuation">)</span>
 Great <span class="token operator">!</span> the last challenge. n <span class="token operator">=</span> 1000000
Answer:
 Great <span class="token operator">!</span> the last challenge. n <span class="token operator">=</span> 1000000
1000000
<span class="token punctuation">(</span> <span class="token string">'ans = '</span> , 83332958333750000 <span class="token punctuation">)</span>
  You are Victorious <span class="token keyword">:</span> 
  You are Victorious <span class="token keyword">:</span> WhiteHat <span class="token punctuation">{</span> Y0u_h4v3_4_Sm4rt_Br41n <span class="token punctuation">}</span>
<span class="token punctuation">(</span> <span class="token string">'ans = '</span> , 83332958333750000 <span class="token punctuation">)</span>
Traceback <span class="token punctuation">(</span> most recent call last <span class="token punctuation">)</span> :
  File <span class="token string">"prog01.py"</span> , line 18, <span class="token keyword">in</span> <span class="token operator">&lt;</span> module <span class="token operator">&gt;</span>
    resp <span class="token operator">=</span> nc.read_until <span class="token punctuation">(</span> <span class="token string">":"</span> <span class="token punctuation">)</span>
  File <span class="token string">"/Users/nguyen.anh.tien/ctf/whqual2020/netcatlib.py"</span> , line 22, <span class="token keyword">in</span> read_until
    self.buff + <span class="token operator">=</span> self.socket.recv <span class="token punctuation">(</span> 1024 <span class="token punctuation">)</span>
socket.error: <span class="token punctuation">[</span> Errno 54 <span class="token punctuation">]</span> Connection reset by peer

➜ whqual2020 python prog01.py

PROGRAMING - WHITEHAT GRANDPRIX 06:

-- > COUNT THE NUMBER OF POSSIBLE TRIANGLES < --

HOW MANY TRIANGLES ARE CREATED BY N ( 1 .. N ) NUMBER. N < 10^6

Example: N = 5

OUTPUT : 3

( 2,3,4 ) , ( 3,4,5 ) , ( 2,4,5 )

.. .. .. .. .. .. .. .. / .. .. .. .. .. .. .. .. .. . | .. .. .. .. .. .. .. .. .. .

.. .. .. .. .. .. .. ./ .. .. .. .. .. .. .. .. .. | .. .. .. .. .. .. .. .. ..

.. .. .. .. .. .. .. / .. .. .. .. .. .. .. .. . | .. .. .. .. .. .. .. .. .

.. .. .. .. .. .. ./ .. .. .. .. .. .. .. .. | .. .. .. .. .. .. .. ..

.. .. .. .. .. .. / .. .. .. .. .. .. .. . | .. .. .. .. .. .. .. .

.. .. .. .. .. ./ .. .. .. .. .. .. .. | .. .. .. .. .. .. ..

n = 7

( 'ans = ' , 13 )

Well done ! Let 's accelerate.n = 9999

Answer:

Well done! Let' s accelerate.n = 9999

9999

( 'ans = ' , 83270847499 )

Great ! the last challenge. n = 1000000

Answer:

Great ! the last challenge. n = 1000000

1000000

( 'ans = ' , 83332958333750000 )

You are Victorious :

You are Victorious : WhiteHat { Y0u_h4v3_4_Sm4rt_Br41n }

( 'ans = ' , 83332958333750000 )

Traceback ( most recent call last ) :

File "prog01.py" , line 18, in < module >

resp = nc.read_until ( ":" )

File "/Users/nguyen.anh.tien/ctf/whqual2020/netcatlib.py" , line 22, in read_until

self.buff + = self.socket.recv ( 1024 )

socket.error: [ Errno 54 ] Connection reset by peer

So the flag is WhiteHat{Y0u_h4v3_4_Sm4rt_Br41n} .

Blockchain – Misc

Threads

Blockchain application in IOT system.
Using vulnerable chipset to generate public keys.

http://52.78.210.118/Blockchain.zip

Blockchain application in IOT system.

Using vulnerable chipset to generate public keys.

http://52.78.210.118/Blockchain.zip

The answer

At first glance at the title, I thought that there would be something related to blockchain with hash, timestamp, block, and so on, but once done, it was simply a disguised crypto post. . Unzip the zip file we have:

.
├── 34a7370734caff5d129ad355f78f3ccf.pem
├── 8a95963d7bedd2b81ad09cd1838c7a4d.pem
├── block1.json
├── block2.json
├── block3.json
└── flag.zip

├── 34a7370734caff5d129ad355f78f3ccf.pem

├── 8a95963d7bedd2b81ad09cd1838c7a4d.pem

├── block1.json

├── block2.json

├── block3.json

└── flag.zip

The flag.zip file inside has a flag.txt file with a password, our task will be to find the password to decode this file. Reviewing the 2 pem files, the public key is very short, adding a hint to the article Using vulnerable chipset to generate public keys. it is possible that the factor will be or these 2 public keys will have the same factor. And it is true that the problem is in the second direction. We quickly find the corresponding p and q for 2 keys:

<span class="token comment"># 8a95963d7bedd2b81ad09cd1838c7a4d</span>

p1 <span class="token operator">=</span> <span class="token number">1091951834898382993408357240646061116416467734213916798265279491274843400183</span>
q1 <span class="token operator">=</span> <span class="token number">968357930958770928862265655524254201820039464684491130864944605493368598601</span>

<span class="token comment"># 34a7370734caff5d129ad355f78f3ccf</span>
p2 <span class="token operator">=</span> <span class="token number">1091951834898382993408357240646061116416467734213916798265279491274843400183</span>
q2 <span class="token operator">=</span> <span class="token number">3602083547017910155331521957638413821351348404017103506647493207187611603783</span>

# 8a95963d7bedd2b81ad09cd1838c7a4d

p1 = 1091951834898382993408357240646061116416467734213916798265279491274843400183

q1 = 968357930958770928862265655524254201820039464684491130864944605493368598601

# 34a7370734caff5d129ad355f78f3ccf

p2 = 1091951834898382993408357240646061116416467734213916798265279491274843400183

q2 = 3602083547017910155331521957638413821351348404017103506647493207187611603783

Check out the content of block1.json :

<span class="token punctuation">{</span>
  <span class="token property">"data_block"</span> <span class="token operator">:</span> <span class="token punctuation">[</span>
    <span class="token punctuation">{</span>
      <span class="token property">"34a7370734caff5d129ad355f78f3ccf"</span> <span class="token operator">:</span> <span class="token punctuation">{</span>
        <span class="token property">"messger"</span> <span class="token operator">:</span> <span class="token string">"864826346328927043007924641380681736981324987926997370887020532699182309378599192043216478265476219278213123962074508284028662403643532629433329761492"</span>
      <span class="token punctuation">}</span>
    <span class="token punctuation">}</span> <span class="token punctuation">,</span>
    <span class="token punctuation">{</span>
      <span class="token property">"8a95963d7bedd2b81ad09cd1838c7a4d"</span> <span class="token operator">:</span> <span class="token punctuation">{</span>
        <span class="token property">"messger"</span> <span class="token operator">:</span> <span class="token string">"259242051785557714557594066190019826465030870294179284671916925100489488841761299528416294893049464518482888070747927907550583942630013791833474340284"</span>
      <span class="token punctuation">}</span>
    <span class="token punctuation">}</span>
  <span class="token punctuation">]</span>
<span class="token punctuation">}</span>

{

"data_block" : [

{

"34a7370734caff5d129ad355f78f3ccf" : {

"messger" : "864826346328927043007924641380681736981324987926997370887020532699182309378599192043216478265476219278213123962074508284028662403643532629433329761492"

}

} ,

{

"8a95963d7bedd2b81ad09cd1838c7a4d" : {

"messger" : "259242051785557714557594066190019826465030870294179284671916925100489488841761299528416294893049464518482888070747927907550583942630013791833474340284"

}

]

}

We tried decrypt with the corresponding private key for the 2 messages will produce a plaintext, and surprisingly, both block 2 and block 3 can do the same (regardless of the front block? !!, seems to be due the checking is removed, leaving only the data inside). Quick code decoding file:

<span class="token keyword">import</span> binascii
<span class="token comment"># 8a95963d7bedd2b81ad09cd1838c7a4d</span>

p1 <span class="token operator">=</span> <span class="token number">1091951834898382993408357240646061116416467734213916798265279491274843400183</span>
q1 <span class="token operator">=</span> <span class="token number">968357930958770928862265655524254201820039464684491130864944605493368598601</span>
d1 <span class="token operator">=</span> <span class="token number">890409172165972946654999517131765096619044495455563634699347004973962052351583003107345858884088740814369362782066954018932838938065269321325801558673</span>
n1 <span class="token operator">=</span> p1 <span class="token operator">*</span> q1

<span class="token comment"># 34a7370734caff5d129ad355f78f3ccf</span>
p2 <span class="token operator">=</span> <span class="token number">1091951834898382993408357240646061116416467734213916798265279491274843400183</span>
q2 <span class="token operator">=</span> <span class="token number">3602083547017910155331521957638413821351348404017103506647493207187611603783</span>
d2 <span class="token operator">=</span> <span class="token number">693850823202558629985086506870478277795253330491028235428549797234329350960719509661597224650158883970045955832376666148611503822720520111138909455845</span>
n2 <span class="token operator">=</span> p2 <span class="token operator">*</span> q2

b1m1 <span class="token operator">=</span> <span class="token number">259242051785557714557594066190019826465030870294179284671916925100489488841761299528416294893049464518482888070747927907550583942630013791833474340284</span>
b1m2 <span class="token operator">=</span> <span class="token number">864826346328927043007924641380681736981324987926997370887020532699182309378599192043216478265476219278213123962074508284028662403643532629433329761492</span>

b2m1 <span class="token operator">=</span> <span class="token number">260259490441096686614518844301454718739843509738983969165420676005404297357230613482141235832583253831691051931351295653801889428212969414301414329852</span>
b2m2 <span class="token operator">=</span> <span class="token number">3467074671076858427887425157777463145087476633275513864943463990703623032280801013924306443879332057123214793127862390154827554625137418534583896303616</span>

b3m2 <span class="token operator">=</span> <span class="token number">1535086324597057729311343510271769159442400498252787851926410538373297030193590329732950032623600137243772129943527400615893561445637150940979108765230</span>
b3m1 <span class="token operator">=</span> <span class="token number">182842058942028668693782090218012558408325328016978308589264490683273716484502724907545336344750909005728737352410277713521976130375761311818569486299</span>


<span class="token keyword">def</span> <span class="token function">decrypt1</span> <span class="token punctuation">(</span> x <span class="token punctuation">)</span> <span class="token punctuation">:</span>
    <span class="token keyword">return</span> <span class="token builtin">pow</span> <span class="token punctuation">(</span> x <span class="token punctuation">,</span> d1 <span class="token punctuation">,</span> n1 <span class="token punctuation">)</span>


<span class="token keyword">def</span> <span class="token function">decrypt2</span> <span class="token punctuation">(</span> x <span class="token punctuation">)</span> <span class="token punctuation">:</span>
    <span class="token keyword">return</span> <span class="token builtin">pow</span> <span class="token punctuation">(</span> x <span class="token punctuation">,</span> d2 <span class="token punctuation">,</span> n2 <span class="token punctuation">)</span>


<span class="token keyword">def</span> <span class="token function">de</span> <span class="token punctuation">(</span> x <span class="token punctuation">)</span> <span class="token punctuation">:</span>
    k <span class="token operator">=</span> <span class="token builtin">hex</span> <span class="token punctuation">(</span> x <span class="token punctuation">)</span> <span class="token punctuation">[</span> <span class="token number">2</span> <span class="token punctuation">:</span> <span class="token operator">-</span> <span class="token number">1</span> <span class="token punctuation">]</span>
    <span class="token keyword">if</span> <span class="token builtin">len</span> <span class="token punctuation">(</span> k <span class="token punctuation">)</span> <span class="token operator">%</span> <span class="token number">2</span> <span class="token operator">!=</span> <span class="token number">0</span> <span class="token punctuation">:</span>
        k <span class="token operator">=</span> <span class="token string">"0"</span> <span class="token operator">+</span> k
    <span class="token keyword">return</span> binascii <span class="token punctuation">.</span> unhexlify <span class="token punctuation">(</span> k <span class="token punctuation">)</span>


<span class="token keyword">print</span> <span class="token punctuation">(</span> de <span class="token punctuation">(</span> decrypt1 <span class="token punctuation">(</span> b1m1 <span class="token punctuation">)</span> <span class="token punctuation">)</span> <span class="token punctuation">)</span>
<span class="token keyword">print</span> <span class="token punctuation">(</span> de <span class="token punctuation">(</span> decrypt2 <span class="token punctuation">(</span> b1m2 <span class="token punctuation">)</span> <span class="token punctuation">)</span> <span class="token punctuation">)</span>

<span class="token keyword">print</span> <span class="token punctuation">(</span> de <span class="token punctuation">(</span> decrypt1 <span class="token punctuation">(</span> b2m1 <span class="token punctuation">)</span> <span class="token punctuation">)</span> <span class="token punctuation">)</span>
<span class="token keyword">print</span> <span class="token punctuation">(</span> de <span class="token punctuation">(</span> decrypt2 <span class="token punctuation">(</span> b2m2 <span class="token punctuation">)</span> <span class="token punctuation">)</span> <span class="token punctuation">)</span>

<span class="token keyword">print</span> <span class="token punctuation">(</span> de <span class="token punctuation">(</span> decrypt1 <span class="token punctuation">(</span> b3m1 <span class="token punctuation">)</span> <span class="token punctuation">)</span> <span class="token punctuation">)</span>
<span class="token keyword">print</span> <span class="token punctuation">(</span> de <span class="token punctuation">(</span> decrypt2 <span class="token punctuation">(</span> b3m2 <span class="token punctuation">)</span> <span class="token punctuation">)</span> <span class="token punctuation">)</span>

import binascii

# 8a95963d7bedd2b81ad09cd1838c7a4d

p1 = 1091951834898382993408357240646061116416467734213916798265279491274843400183

q1 = 968357930958770928862265655524254201820039464684491130864944605493368598601

d1 = 890409172165972946654999517131765096619044495455563634699347004973962052351583003107345858884088740814369362782066954018932838938065269321325801558673

n1 = p1 * q1

# 34a7370734caff5d129ad355f78f3ccf

p2 = 1091951834898382993408357240646061116416467734213916798265279491274843400183

q2 = 3602083547017910155331521957638413821351348404017103506647493207187611603783

d2 = 693850823202558629985086506870478277795253330491028235428549797234329350960719509661597224650158883970045955832376666148611503822720520111138909455845

n2 = p2 * q2

b1m1 = 259242051785557714557594066190019826465030870294179284671916925100489488841761299528416294893049464518482888070747927907550583942630013791833474340284

b1m2 = 864826346328927043007924641380681736981324987926997370887020532699182309378599192043216478265476219278213123962074508284028662403643532629433329761492

b2m1 = 260259490441096686614518844301454718739843509738983969165420676005404297357230613482141235832583253831691051931351295653801889428212969414301414329852

b2m2 = 3467074671076858427887425157777463145087476633275513864943463990703623032280801013924306443879332057123214793127862390154827554625137418534583896303616

b3m2 = 1535086324597057729311343510271769159442400498252787851926410538373297030193590329732950032623600137243772129943527400615893561445637150940979108765230

b3m1 = 182842058942028668693782090218012558408325328016978308589264490683273716484502724907545336344750909005728737352410277713521976130375761311818569486299

def decrypt1 ( x ) :

return pow ( x , d1 , n1 )

def decrypt2 ( x ) :

return pow ( x , d2 , n2 )

def de ( x ) :

k = hex ( x ) [ 2 : - 1 ]

if len ( k ) % 2 != 0 :

k = "0" + k

return binascii . unhexlify ( k )

print ( de ( decrypt1 ( b1m1 ) ) )

print ( de ( decrypt2 ( b1m2 ) ) )

print ( de ( decrypt1 ( b2m1 ) ) )

print ( de ( decrypt2 ( b2m2 ) ) )

print ( de ( decrypt1 ( b3m1 ) ) )

print ( de ( decrypt2 ( b3m2 ) ) )

and run:

➜  whqual2020 python blockchain.py 
Password using open flag.zip
Do you understand the blockchain?
Password = Password1+Password2
flag in flag.txt
Password2:' <a class="__cf_email__" href="/cdn-cgi/l/email-protection">[email protected]</a> !4P##Ij'
Password1:'irVOwoJR7d'

➜ whqual2020 python blockchain.py

Password using open flag.zip

Do you understand the blockchain?

Password = Password1+Password2

flag in flag.txt

Password2:' <a class="__cf_email__" href="/cdn-cgi/l/email-protection">[email protected]</a> !4P##Ij'

Password1:'irVOwoJR7d'

Use password [email protected] !4P##Ij extract the flag.zip file, we get a new file with the content base64, decode to a QR image file. Scan this QR code and we have the flag:

Flag: Whitehat{the_ flag_blockchain_ iot}

Conclusion

Share the news now

Source : Viblo

[Write-up] Programming 01 & Blockchain – WhiteHat Grand Prix 06 – Quals 2020

Programming 01

Threads

The answer

Blockchain – Misc

Threads

The answer

Conclusion

TikTok becomes the second largest social platform in South Africa

The fastest depreciating after 9 months of launch, iPhone 14 Pro Max continues to break the bottom in Vietnam

Beginner's guide to R: Introduction

10 essential SublimeText plugins for JavaScript developers