워게임/CryptoHack
[CryptoHack] HASH FUNCTIONS (Collider)
- -
Collider
문제
입자 물리학에 관한 내 문서 시스템을 확인해보세요. 각 문서는 해시로 고유하게 참조됩니다. nc socket.cryptohack.org 13389 으로 접속하세요. |
풀이
더보기
import hashlib
from utils import listener
FLAG = "crypto{???????????????????????????????????}"
class Challenge():
def __init__(self):
self.before_input = "Give me a document to store\n"
self.documents = {
"508dcc4dbe9113b15a1f971639b335bd": b"Particle physics (also known as high energy physics) is a branch of physics that studies the nature of the particles that constitute matter and radiation. Although the word particle can refer to various types of very small objects (e.g. protons, gas particles, or even household dust), particle physics usually investigates the irreducibly smallest detectable particles and the fundamental interactions necessary to explain their behaviour.",
"cb07ff7a5f043361b698c31046b8b0ab": b"The Large Hadron Collider (LHC) is the world's largest and highest-energy particle collider and the largest machine in the world. It was built by the European Organization for Nuclear Research (CERN) between 1998 and 2008 in collaboration with over 10,000 scientists and hundreds of universities and laboratories, as well as more than 100 countries.",
}
def challenge(self, msg):
if "document" not in msg:
self.exit = True
return {"error": "You must send a document"}
document = bytes.fromhex(msg["document"])
document_hash = hashlib.md5(document).hexdigest()
if document_hash in self.documents.keys():
self.exit = True
if self.documents[document_hash] == document:
return {"error": "Document already exists in system"}
else:
return {"error": f"Document system crash, leaking flag: {FLAG}"}
self.documents[document_hash] = document
if len(self.documents) > 5:
self.exit = True
return {"error": "Too many documents in the system"}
return {"success": f"Document {document_hash} added to system"}
"""
When you connect, the 'challenge' function will be called on your JSON
input.
"""
listener.start_server(port=13389)
이번 문제의 상황은 문서를 추가하는 상황이다.
코드를 보게 되면 'Document system crash'부분을 보게되면
충돌이 일어나게 될 경우 플래그 값을 보여주게 된다.
https://ko.wikipedia.org/wiki/%ED%95%B4%EC%8B%9C_%EC%B6%A9%EB%8F%8C
이번문제는 해시 충돌, 즉 해시 함수가 서로 다른 두개의 입력값에 대해 동일한 출력값을 내는 상황을 의미하는 문제이다.
이러한 해시함수에 대한 충돌쌍같은 경우는
https://www.mscs.dal.ca/~selinger/md5collision/
해당 사이트에서 md5 충돌쌍을 찾았고, 넷캣 입력값에 JSON방식이어야 하기 때문에
{"document":"d131dd02c5e6eec4693d9a0698aff95c2fcab58712467eab4004583eb8fb7f8955ad340609f4b30283e488832571415a085125e8f7cdc99fd91dbdf280373c5bd8823e3156348f5bae6dacd436c919c6dd53e2b487da03fd02396306d248cda0e99f33420f577ee8ce54b67080a80d1ec69821bcb6a8839396f9652b6ff72a70"}
{"document":"d131dd02c5e6eec4693d9a0698aff95c2fcab50712467eab4004583eb8fb7f8955ad340609f4b30283e4888325f1415a085125e8f7cdc99fd91dbd7280373c5bd8823e3156348f5bae6dacd436c919c6dd53e23487da03fd02396306d248cda0e99f33420f577ee8ce54b67080280d1ec69821bcb6a8839396f965ab6ff72a70"}
이 두값을 입력해볼 것이다.
{"error": "Document system crash, leaking flag: crypto{m0re_th4n_ju5t_p1g30nh0le_pr1nc1ple}"}
crash가 되면서 플래그 값을 도출해내었다.
플래그 값은 crypto{m0re_th4n_ju5t_p1g30nh0le_pr1nc1ple}이다.
'워게임 > CryptoHack' 카테고리의 다른 글
[CryptoHack] MATHMATICS(Vectors) (0) | 2023.08.31 |
---|---|
[CryptoHack] Misc (Gotta Go Fast) (0) | 2023.07.30 |
[CryptoHack] DIFFIE-HELLMAN (Script Kiddie) (0) | 2023.06.30 |
[CryptoHack] DIFFIE-HELLMAN (Diffie-Hellman Starter 3, 4, 5) (0) | 2023.06.28 |
[CryptoHack] DIFFIE-HELLMAN (Diffie-Hellman Starter 1, 2) (0) | 2023.05.31 |
Contents