Published on

BYUCTF 2023 – PBKDF2

Authors
  • avatar
    Name
    Lumy
    Twitter

PBKDF2

Can you unzip the file to get the flag??

Table of Contents

  1. Source code
  2. Solution

Source code 

// IMPORTS
const express = require('express')
const spawn = require('child_process').spawnSync

// APP
const app = express()
app.get('/', (req, res) => {
  if (!req.query.password || typeof req.query.password !== 'string') {
    return res.send('No password provided! Try /?password=yourpasswordhere')
  }

  console.log('Password: ' + req.query.password)

  if (
    req.query.password ===
    'isnt-byuctf-one-of-your-most-favorite-ctfs-even-though-this-is-only-our-second-year-3HF4z'
  ) {
    return res.send(
      "Psssssssh like I'm just gonna let you use the password I provided? Nice try :)"
    )
  }

  // this is NOT a web challenge, it's misc on purpose
  var output = spawn('7z', ['e', 'flag.zip', '-o/tmp', '-p' + req.query.password]).stdout.toString()

  if (output.includes('Everything is Ok')) {
    var flag = spawn('cat', ['/tmp/flag.txt']).stdout
    spawn('rm', ['/tmp/flag.txt']) // remove flag
    res.set('Content-Type', 'text/plain')
    return res.send(flag)
  } else {
    spawn('rm', ['/tmp/flag.txt']) // remove empty file
    return res.send('Incorrect password')
  }
})

// SERVER
app.listen(8080, () => {
  console.log(`Running on http://0.0.0.0:8080`)
})

Solution

Website used : bleepingcomputer.com/news/security/an-encrypted-zip-file-can-have-two-correct-passwords-heres-why/

When producing password-protected ZIP archives with AES-256 mode enabled, the ZIP format uses the PBKDF2 algorithm and hashes the password provided by the user, if the password is too long (64 bytes). Instead of the user's chosen password (in this case "isnt-byuctf...") this newly calculated hash becomes the actual password to the file.

The solution is to use the ASCCI representation of the SHA-1 checksum of the previous password put on the ZIP file.

To do so :

┌──(kali㉿kali)-[~/]
└─$ hexdump -C previous_password_zip.txt 
00000000  69 73 6e 74 2d 62 79 75  63 74 66 2d 6f 6e 65 2d  |isnt-byuctf-one-|
00000010  6f 66 2d 79 6f 75 72 2d  6d 6f 73 74 2d 66 61 76  |of-your-most-fav|
00000020  6f 72 69 74 65 2d 63 74  66 73 2d 65 76 65 6e 2d  |orite-ctfs-even-|
00000030  74 68 6f 75 67 68 2d 74  68 69 73 2d 69 73 2d 6f  |though-this-is-o|
00000040  6e 6c 79 2d 6f 75 72 2d  73 65 63 6f 6e 64 2d 79  |nly-our-second-y|
00000050  65 61 72 2d 33 48 46 34  7a                       |ear-3HF4z|
00000059
                                                                                                                                          
┌──(kali㉿kali)-[~/]
└─$ sha1sum previous_password_zip.txt 
3a683b56345c255432455628407e5d5936322438  previous_password_zip.txt

┌──(kali㉿kali)-[~/Desktop]
└─$ echo "3a683b56345c255432455628407e5d5936322438" | xxd -r -p
:h;V4\%T2EV(@~]Y62$8

FLAG : byuctf{th4nk_y0u_4rs3n1y_sh4r0g14z0v}