diff --git a/rootme/challenges/cryptanalyse/code-pseudo-random-number-generator/break.py b/rootme/challenges/cryptanalyse/code-pseudo-random-number-generator/break.py new file mode 100644 index 0000000..2e075c0 --- /dev/null +++ b/rootme/challenges/cryptanalyse/code-pseudo-random-number-generator/break.py @@ -0,0 +1,42 @@ +#!/usr/bin/python3 + +from datetime import datetime + +CHARSET = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ123456789" +KEY_SIZE = 32 +FIRST_SEED = 1354320000 +LAST_SEED = 1356998400 +DAY_DURATION = 86400 +BZ2_HEADER = b'\x42\x5a\x68' + +def gen_key(seed): + rand = seed + key = [0]*KEY_SIZE + for i in range(KEY_SIZE): + rand = (rand * 214013 + 2531011) & 0xffffffff + rand2 = (rand >> 16) & 0x7fff + key[i] = CHARSET[rand2 % len(CHARSET)] + return key + +def decipher_bz2(data, key): + out = bytearray() + for i in range(len(data)): + if i > 3 and out[0:3] != BZ2_HEADER: + return None + out.append(data[i] ^ ord(key[i % KEY_SIZE])) + return out + +f = open("oDjbNkIoLpaMo.bz2.crypt", mode="rb") +data = f.read() +f.close() +seed = FIRST_SEED +print(datetime.fromtimestamp(seed)) +while seed <= LAST_SEED: + out = decipher_bz2(data, gen_key(seed)) + if out: + f = open(f"out-{seed}.bz2", mode="wb") + f.write(out) + f.close() + seed += 1 + if (seed - FIRST_SEED) % DAY_DURATION == 0: + print(datetime.fromtimestamp(seed)) diff --git a/rootme/challenges/cryptanalyse/code-pseudo-random-number-generator/ch16.tgz b/rootme/challenges/cryptanalyse/code-pseudo-random-number-generator/ch16.tgz new file mode 100644 index 0000000..c378f18 Binary files /dev/null and b/rootme/challenges/cryptanalyse/code-pseudo-random-number-generator/ch16.tgz differ diff --git a/rootme/challenges/cryptanalyse/code-pseudo-random-number-generator/find_bz2_file.sh b/rootme/challenges/cryptanalyse/code-pseudo-random-number-generator/find_bz2_file.sh new file mode 100755 index 0000000..e029912 --- /dev/null +++ b/rootme/challenges/cryptanalyse/code-pseudo-random-number-generator/find_bz2_file.sh @@ -0,0 +1,11 @@ +#!/bin/sh + +for f in out-*.bz2 ; do + echo "Check file $f" + if bunzip2 -c "$f" &> /dev/null ; then + echo "$f is a BZ2 file !!!" + echo "=> out" + bunzip2 -c "$f" > out + exit + fi +done diff --git a/rootme/challenges/cryptanalyse/file-insecure-storage-1/notes b/rootme/challenges/cryptanalyse/file-insecure-storage-1/notes new file mode 100644 index 0000000..df8aad7 --- /dev/null +++ b/rootme/challenges/cryptanalyse/file-insecure-storage-1/notes @@ -0,0 +1,6 @@ +git clone https://github.com/lclevy/firepwd.git +cd firepwd +python3 -m venv env +. env/bin/activate +pip install -r requirements.txt +firepwd.py -d ch20/firefox/o0s0xxhl.default/ diff --git a/rootme/challenges/forensic/docker-layers/notes b/rootme/challenges/forensic/docker-layers/notes new file mode 100644 index 0000000..44deddd --- /dev/null +++ b/rootme/challenges/forensic/docker-layers/notes @@ -0,0 +1,3 @@ +tar -xf 316bbb8c58be42c73eefeb8fc0fdc6abb99bf3d5686dd5145fc7bb2f32790229.tar +tar -xf 3309d6da2bd696689a815f55f18db3f173bc9b9a180e5616faf4927436cf199d.tar +cat flag.enc | openssl enc -d -aes-256-cbc -iter 10 -pass pass:$(cat pass.txt) -out flag diff --git a/rootme/challenges/web-serveur/php-configuration-apache/.htaccess b/rootme/challenges/web-serveur/php-configuration-apache/.htaccess new file mode 100644 index 0000000..a2edf8d --- /dev/null +++ b/rootme/challenges/web-serveur/php-configuration-apache/.htaccess @@ -0,0 +1,5 @@ + + + SetHandler application/x-httpd-php + + diff --git a/rootme/challenges/web-serveur/php-configuration-apache/twerk.lama b/rootme/challenges/web-serveur/php-configuration-apache/twerk.lama new file mode 100644 index 0000000..6aed446 --- /dev/null +++ b/rootme/challenges/web-serveur/php-configuration-apache/twerk.lama @@ -0,0 +1,3 @@ +