Buckeye CTF 2024 reduce_recycle write-up
In this CTF challenge, man’s best friend becomes a CTF player’s best asset! Tasked with breaking into an encrypted archive hiding a valuable flag, we’ll see how a dog, armed with some clever forensics skills, can fetch us just the right tool for the job.
Category: Forensics
Points: 269
Solves: 38 out of 648 teams
Author: corgo
Challenge:
I forgot the randomly generated 12-character password I used to encrypt these files…. is there anything you can do to help me get my flag back??
dogs_wearing_tools.zip important_flags.7z
The challenge provides two password-protected archives:
dogs_wearing_tools.zipcontaining 4.pngfiles.important_flags.7zcontainingflag.txt.
Both archives are encrypted with a 12-character random password. A brute-force approach is impractical due to the password’s length, and common wordlists do not contain the password.
Step 1: Cracking the ZIP File
To solve this, we can leverage the fact that the ZIP archive (dogs_wearing_tools.zip) uses the ZipCrypto encryption, which is weak. Additionally, since the .png files are stored uncompressed, we know they start with a predictable PNG header.
Analyzing the ZIP Structure
Using bkcrack, we can view the contents of dogs_wearing_tools.zip:
bkcrack -L dogs_wearing_tools.zip
bkcrack 1.7.0 - 2024-05-26
Archive: dogs_wearing_tools.zip
Index Encryption Compression CRC32 Uncompressed Packed size Name
----- ---------- ----------- -------- ------------ ------------ -----
0 ZipCrypto Store 346673b4 1817550 1817562 1.png
1 ZipCrypto Store 0fe18ee0 1830967 1830979 2.png
2 ZipCrypto Store 9c62018f 94416 94428 3.png
3 ZipCrypto Store ba690f9b 1210542 1210554 4.pngLeveraging Known Plaintext
To break ZipCrypto, bkcrack requires 12 bytes of known plaintext. PNG files start with the following hex header:
89 50 4E 47 0D 0A 1A 0A 00 00 00 0D 49 48 44 52 (‰PNG IHDR)Using this information, we can attempt to recover the decryption keys with:
bkcrack -C dogs_wearing_tools.zip -c 3.png -x 0 89504E470D0A1A0A0000000D49484452
bkcrack 1.7.0 - 2024-05-26
[20:03:10] Z reduction using 9 bytes of known plaintext
100.0 % (9 / 9)
[20:03:10] Attack on 744092 Z values at index 6
Keys: adf73413 6f6130e7 0cfbc537
69.1 % (514274 / 744092)
Found a solution. Stopping.
You may resume the attack with the option: --continue-attack 514274
[20:08:32] Keys
adf73413 6f6130e7 0cfbc537This gives us the keys:
Keys: adf73413 6f6130e7 0cfbc537Decrypting the ZIP Archive
Now, we can decrypt the archive and save it as an unencrypted version:
bkcrack -C dogs_wearing_tools.zip -k adf73413 6f6130e7 0cfbc537 -D dogs_with_no_password.zip
bkcrack 1.7.0 - 2024-05-26
[20:10:38] Writing decrypted archive dogs_with_no_password.zip
100.0 % (4 / 4)The decrypted ZIP file, dogs_with_no_password.zip, contains images of cute dogs. While they didn’t fetch the flag for us, they certainly brought some tools to help us tackle the CTF challenge!
Step 2: Recovering the Password
We still need the password for important_flags.7z. Using bkcrack again with the recovered keys, we can brute-force the original password.
bkcrack -k adf73413 6f6130e7 0cfbc537 --bruteforce ?p --length 12
bkcrack 1.7.0 - 2024-05-26
[20:17:14] Recovering password
length 12...
Password: 2n3Ad3&ZxDvV
19.9 % (1796 / 9025)
Found a solution. Stopping.
You may resume the password recovery with the option: --continue-recovery 327555202020
[20:17:23] Password
as bytes: 32 6e 33 41 64 33 26 5a 78 44 76 56
as text: 2n3Ad3&ZxDvVAfter a short process, the password is revealed as:
Password: 2n3Ad3&ZxDvVStep 3: Extracting the Flag
Now that we have the password, we can extract flag.txt from important_flags.7z. The contents of flag.txt reveal the flag:
bctf{wH1ch_d0g_w4s_youR_FaVOr1t3}Note: you may want to check the official solution as it takes slighty different approach to finding the password.
Comments