Add challenges written by Mystiz

Author: samueltangz

calm-down/.gitkeep

@@ -0,0 +1,20 @@
+Calm Down
+===
+
+## Category
+
+Crypto
+
+## Solves
+
+* 1/69 (Tertiary division)
+
+## Description
+  
+I am so excited having a chance talking to Alice. She told me to calm down - and sent me an encrypted secret.
+
+* [chall.py](public/chall.py)
+
+## Flag
+
+`hkcert20{c4lm_d0wn_4nd_s0lv3_th3_ch4llen9e}`

calm-down/README.md

@@ -0,0 +1,75 @@
+# Challenge written by Mystiz.
+# Signature: PHNjcmlwdD5jb25zb2xlLmxvZygnVEhJUyBDSEFMTEVOR0UgSVMgV1JJVFRFTiBGT1IgSEtDRVJUIENURiBBTkQgSVMgTk9UIEZPUiBGUkFOS0lFIExFVU5HIFRPIFBMQUdBUklaRS4nKTwvc2NyaXB0Pg==
+
+import base64
+import binascii
+import hashlib
+import os
+import random
+from Crypto.PublicKey import RSA
+from Crypto.Util.number import bytes_to_long, long_to_bytes
+
+from secret import message
+
+class RSAKey:
+    def __init__(self, e, d, n):
+        self.e = e
+        self.d = d
+        self.n = n
+
+    def encrypt(self, message):
+        message = bytes_to_long(message)
+        ciphertext = pow(message, self.e, self.n)
+        return long_to_bytes(ciphertext)
+
+    def decrypt(self, ciphertext):
+        ciphertext = bytes_to_long(ciphertext)
+        message = pow(ciphertext, self.d, self.n)
+        return long_to_bytes(message)
+
+
+class Challenge:
+    def __init__(self, message):
+        self.generate_key()
+        self.message = message
+
+    def generate_key(self):
+        key = RSA.generate(2048)
+        self.key = RSAKey(key.e, key.d, key.n)
+
+    def get_public_key(self):
+        n = base64.b64encode(long_to_bytes(self.key.n)).decode()
+        print(f'[pkey] {n}')
+
+    def get_secret_message(self):
+        target = long_to_bytes(random.randint(0, self.key.n-1))
+        print(f'[targ] {base64.b64encode(target).decode()}')
+        ciphertext = self.key.encrypt(target)
+        ciphertext = base64.b64encode(ciphertext).decode()
+        print(f'[shhh] {ciphertext}')
+
+    def send(self, ciphertext):
+        ciphertext = base64.b64decode(ciphertext)
+        message = self.key.decrypt(ciphertext)
+        if message[-1:] != b'.':
+            raise Exception('Be polite. Your message should terminate with a full-stop.')
+        print('nice')
+
+def main():
+    c = Challenge(message)
+
+    while True:
+        command = input('[cmd] ').split(' ')
+
+        try:
+            if command[0] == 'send':
+                c.send(command[1])
+            elif command[0] == 'pkey':
+                c.get_public_key()
+            elif command[0] == 'read':
+                c.get_secret_message()
+        except:
+            print('nope')
+
+if __name__ == '__main__':
+    main()

calm-down/env/chall.py

@@ -0,0 +1 @@
+message = b'Hey, congratulations on solving the challenge. But please hkcert20{c4lm_d0wn_4nd_s0lv3_th3_ch4llen9e}.'

calm-down/env/secret.py

@@ -0,0 +1,72 @@
+# Challenge written by Mystiz.
+# Signature: PHNjcmlwdD5jb25zb2xlLmxvZygnVEhJUyBDSEFMTEVOR0UgSVMgV1JJVFRFTiBGT1IgSEtDRVJUIENURiBBTkQgSVMgTk9UIEZPUiBGUkFOS0lFIExFVU5HIFRPIFBMQUdBUklaRS4nKTwvc2NyaXB0Pg==
+
+import base64
+import binascii
+import hashlib
+import os
+from Crypto.PublicKey import RSA
+from Crypto.Util.number import bytes_to_long, long_to_bytes
+
+from secret import message
+
+class RSAKey:
+    def __init__(self, e, d, n):
+        self.e = e
+        self.d = d
+        self.n = n
+
+    def encrypt(self, message):
+        message = bytes_to_long(message)
+        ciphertext = pow(message, self.e, self.n)
+        return long_to_bytes(ciphertext)
+
+    def decrypt(self, ciphertext):
+        ciphertext = bytes_to_long(ciphertext)
+        message = pow(ciphertext, self.d, self.n)
+        return long_to_bytes(message)
+
+
+class Challenge:
+    def __init__(self, message):
+        self.generate_key()
+        self.message = message
+
+    def generate_key(self):
+        key = RSA.generate(2048)
+        self.key = RSAKey(key.e, key.d, key.n)
+
+    def get_public_key(self):
+        n = base64.b64encode(long_to_bytes(self.key.n)).decode()
+        print(f'[pkey] {n}')
+
+    def get_secret_message(self):
+        ciphertext = self.key.encrypt(self.message)
+        ciphertext = base64.b64encode(ciphertext).decode()
+        print(f'[shhh] {ciphertext}')
+
+    def send(self, ciphertext):
+        ciphertext = base64.b64decode(ciphertext)
+        message = self.key.decrypt(ciphertext)
+        if message[-1:] != b'.':
+            raise Exception('Be polite. Your message should terminate with a full-stop.')
+        print('nice')
+
+def main():
+    c = Challenge(message)
+
+    while True:
+        command = input('[cmd] ').split(' ')
+
+        try:
+            if command[0] == 'send':
+                c.send(command[1])
+            elif command[0] == 'pkey':
+                c.get_public_key()
+            elif command[0] == 'read':
+                c.get_secret_message()
+        except:
+            print('nope')
+
+if __name__ == '__main__':
+    main()

calm-down/public/chall.py

@@ -0,0 +1,74 @@
+#!/usr/bin/env python3
+# -*- coding: UTF-8 -*-
+
+from pwn import *
+import requests
+import binascii
+import base64
+from Crypto.PublicKey import RSA
+from Crypto.Cipher import AES
+import hashlib
+from gmpy2 import powmod
+import itertools
+
+def connect():
+    HOST = 'tertiary.pwnable.hk'
+    PORT = 50013
+
+    global debug
+    if debug:
+        context.log_level = 'debug'
+    r = remote(HOST, PORT)
+    return r
+
+def pkey(r):
+    r.sendlineafter('[cmd] ', 'pkey')
+    r.recvuntil('[pkey] ')
+    return int.from_bytes(base64.b64decode(r.recvline().strip()), 'big')
+
+def read(r):
+    r.sendlineafter('[cmd] ', 'read')
+    r.recvuntil('[shhh] ')
+    return int.from_bytes(base64.b64decode(r.recvline().strip()), 'big')
+
+def send(r, ciphertext):
+    ciphertext = int(ciphertext)
+    ciphertext = int.to_bytes(ciphertext, length=(ciphertext.bit_length()+7)//8, byteorder='big')
+    ciphertext = base64.b64encode(ciphertext).decode()
+    r.sendlineafter('[cmd] ', f'send {ciphertext}')
+    return r.recvline().strip() == b'nice'
+
+def main():
+    r = connect()
+
+    n, e = pkey(r), 65537
+    c0 = read(r)
+    
+    m = 1
+    while True:
+        print(f'[{m//2}, {m})')
+        c = pow(0x80 * m + 1, e, n) * c0 % n
+        if not send(r, c): break
+        m *= 2
+
+    lb, rb = m//2, m
+    while lb + 1 < rb:
+        print(f'[{lb}, {rb})')
+        m = (lb + rb) // 2
+        c = pow(0x80 * m + 1, e, n) * c0 % n
+        if send(r, c): lb = m
+        else:          rb = m
+
+    print('n =', n)
+    print('k =', lb)
+
+    m = int(n // (0x80 * lb + 1))
+    m = int.to_bytes(m, length=(m.bit_length()+7)//8, byteorder='big')
+    print(m)
+
+
+if __name__ == '__main__':
+    global debug
+    debug = 'debug' in os.environ
+
+    main()

calm-down/src/solve.py

@@ -0,0 +1 @@
+lf2

lf2/.gitignore

@@ -0,0 +1,21 @@
+LF2
+===
+
+## Category
+
+Reverse Engineering
+
+## Solves
+
+* 1/69 (Tertiary division)
+* 0/74 (Secondary division)
+
+## Description
+
+Have you ever played Little Fighter 2? I have modified _stage.dat_ to make the game more interesting. Of course, I hid a flag inside, too.
+	
+* [stage.dat](public/stage.dat)
+
+## Flag
+
+`hkcert20{lf2_i5_st1l1_awes0me}`