Pay TV Writeup – Hack.lu CTF 2013

The Problem:

Selection_001

(Yes every problem is robot/beer related)

The (probably mspaint) webpage

The (probably mspaint) webpage, the newspaper secretly gives you a hint of the problem at hand. (Sneaky isn’t it?)

Here is what happens when we enter in a password:

Selection_004

Let’s dive into the source shall we?

Selection_005

Ooh, key.js – looks like something we’d be interested in!

Do you see it?

Do you see it?

Take a look through the source, you’ll notice something very particular. Bring your attention to:

Selection_007

It appears when this webpage was created the admin had a debug feature built in. This will probably give us a bit more data!

This script takes one argument and submits it with the debug variable set

We get this as an output:

Selection_009

 

Interesting, so we get two floats along with our response/success boolean. It would appear that this will show you how long the password check took.

Any ideas? I smiled on this problem because it’s very cool (at this point I had it figured out). Basically the idea is the program will stop checking the password once it encounters the first bad character.

Something like this:

Password = test

User input = tango

Computer says “Yep he’s got the t, that matches…Oh! ‘e’ isn’t correct, no need to go any further – stop execution and alert user of bad password.

So logically whatever character takes the longest for the program to compute is the correct letter! This is what is known in cryptography as a side channel attack.

Theory seems sound, let’s code it!

Selection_010

Simple function to try a key and return only relevant data from response

 

Infinite loop to try everything in character set and use whatever took the longest amount of time

Now that we have our code, let’s run it and hope for the best (or at least get a better picture of how this works if you haven’t gotten there yet!)

Selection_012

Selection_013

Character “A” had the longest load time

 

Selection_014

Ever closer! (Hope are charset is good!)

A_Few_Moments_Later

GOT IT! Thanks to our code alerting us when the password was good

Got it! Out comes our key and we’ve solved the challenge. This was very cool for me because it was a practical example of a side channel attack which I’ve always found very interesting. :)

Hope that elaborates clearly enough – any questions or comments please let me know!

Till next time,

-mandatory

 

Matthew Bryant (mandatory)

Matthew Bryant (mandatory)
Security researcher who needs to sleep more. Opinions expressed are solely my own and do not express the views or opinions of my employer.