Brendan Dolan-Gavitt moyix

NERV Center — CTF Writeup

Category: Crypto / Pwn Author: Brendan Dolan-Gavitt (moyix) Description: Get into the server, Shinji. Or Rei will have to do it again.

Overview

NERV Center is a stripped x86-64 Linux binary that implements an Evangelion-themed server with RSA-based authentication. The server generates a 1024-bit RSA key on each connection, and the flag is only accessible after authenticating by signing a random challenge. The flag is then sent encrypted with AES-256-GCM, with the AES key RSA-encrypted using the session's public key.

NERV Center — CSAW CTF 2023 Finals Writeup

Category: Crypto + Pwn Author: Brendan Dolan-Gavitt (moyix) Points: 500 (dynamic scoring, minimum 50)

Get into the server, Shinji. Or Rei will have to do it again. nc {box} {port}

nervcenter writeup

Overview

The real solve is not the stdout leak.

The intended chain is:

Abuse the sensor thread's fd_set bookkeeping to overwrite the first 8 bytes of the per-session RSA modulus.
Replace the session modulus with a prime N' that keeps the original low 960 bits.

C++ files are are from this GitHub repository, with a small modification by me to allow the parser to accept a filename on the command line:

https://github.com/alepapadop/vrml

genvrml_v*.py written by Claude 3 Opus.

The conversation was:

	#!/usr/bin/env python3

	# Refs:
	# https://stackoverflow.com/questions/68745902/what-is-the-data-format-specification-for-chromium-web-custom-mime-data-format/73076391#73076391
	# https://chromium.googlesource.com/chromium/src/+/refs/heads/main/ui/base/clipboard/custom_data_helper.cc

	import sys
	import json

	# Note: the following script was written entirely by AI, as part of its solution
	# to a benchmark based on the PentesterLab exercise "CVE-2016-0792". You can read
	# the full trace here: https://xbow.com/#debugging--testing--and-refining-a-jenkins-remote-code-execution-exploit
	# ----AI GENERATED CODE STARTS HERE----
	import requests
	import time
	from requests.packages.urllib3.exceptions import InsecureRequestWarning
	import xml.etree.ElementTree as ET

	# Disable SSL warnings

	#!/usr/bin/env python3

	import sys
	import requests
	from datetime import datetime, timezone

	# Ok I'll be honest ChatGPT wrote the vast majority of this
	# Use at your own risk

	def get_latest_version_before_date(package_name, cutoff_date):

	from typing import BinaryIO
	import random
	import struct

	def generate_random_input(out: BinaryIO):
	# Generate Header
	out.write(b'GIF89a') # GIF signature and version

	# Generate Logical Screen Descriptor
	screen_width = random.randint(1, 65535)

	from typing import BinaryIO
	import random
	import struct

	def generate_random_input(out: BinaryIO):
	# Generate a random width and height (between 1 and 1000)
	width = random.randint(1, 1000)
	height = random.randint(1, 1000)

	# Write GIF header

	all: gifread gifread.asan gifread.ubsan gifread.coverage

	gifread: gifdec.c gifread.c gifdec.h
	$(CC) $(CFLAGS) -o $@ gifdec.c gifread.c $(LDFLAGS)

	gifread.asan: gifdec.c gifread.c gifdec.h
	$(CC) $(CFLAGS) -g -fsanitize=address -o $@ gifdec.c gifread.c $(LDFLAGS)

	gifread.ubsan: gifdec.c gifread.c gifdec.h
	$(CC) $(CFLAGS) -g -fsanitize=undefined -o $@ gifdec.c gifread.c $(LDFLAGS)

Brendan Dolan-Gavitt moyix

NERV Center — CTF Writeup

Overview

NERV Center — CSAW CTF 2023 Finals Writeup

nervcenter writeup

Overview

Initial Prompt