PoliCTF challenge testata e funzionante. Polishing

.gitignore

@@ -1,4 +1,5 @@
 *.gipu
 *.out
 *.elf
+*.pasticciotto
 .vscode/

assembler/assembler.py

@@ -1,7 +1,6 @@
 import sys
 import re
 import struct
-import IPython
 import copy
 import argparse
 

emulator/emulator.cpp

@@ -1,5 +1,5 @@
-#include "debug.h"
-#include "vm.h"
+#include "../vm/debug.h"
+#include "../vm/vm.h"
 #include <fstream>
 #include <stdint.h>
 #include <stdio.h>

polictf/asms/decrypt.pstc

@@ -0,0 +1,111 @@
+def datastrlen:
+###############
+# r0 = offset of str in data
+# retval (r0) = strlen
+###############
+push r1
+push r2
+push r3
+movr s2, r0
+movi s1, 0
+lodr s0, s2
+cmpb s0, 0
+jpei exit
+loop:
+movi s2, 0
+addi s1, 1
+addr s2, s1
+lodr s0, s2
+cmpb s0, 0
+jpni loop
+exit:
+movr r0, s1
+poop r3
+poop r2
+poop r1
+retn
+
+def round: # round(uint16_t text[2])
+#################
+# r0 = offset of text[0] in data
+# r1 = offset of text[1] in data
+# r2 = text[0]
+# r3 = text[1]
+# retval = void
+################
+push r1
+push r2
+push r3
+lodr r2, r0 # text[0]
+lodr r3, r1 # text[1]
+movi s0, 0 # i
+movi s1, 0 # sum
+loop:
+push s0 # saving i
+# s0 and s1 will be used as tmps
+#########
+# calc v1
+#########
+movr s0, r2
+shli s0, 4
+addi s0, 0x7275 # s0 = (text[0] << 4) + k2
+movr s1, r2
+xorr s0, s1 # s0 = ((text[0] << 4) + k2) ^ text[0]
+push s0
+movr s0, r2
+shri s0, 5
+addi s0, 0x6e73 # s0 = (text[0] >> 5) + k3
+poop s1
+xorr s0, s1 # s0 = ((text[0] << 4) + k2) ^ text[0] ^ ((text[0] >> 5) + k3)
+subr r3, s0 # r3 -= s0
+#########
+# calc v0
+#########
+movr s0, r3
+shli s0, 4
+addi s0, 0x7065 # s0 = (text[1] << 4) + k0
+movr s1, r3
+xorr s0, s1 # s0 = ((text[1] << 4) + k0) ^ text[1]
+push s0
+movr s0, r3
+shri s0, 5
+addi s0, 0x7065 # s0 = (text[1] >> 5) + k1
+poop s1
+xorr s0, s1 # s0 = ((text[1] << 4) + k0) ^ text[1] ^ ((text[1] >> 5) + k1)
+subr r2, s0 # r2 -= s0
+######
+# end loop
+#####
+poop s0 # restoring i
+addi s0, 1
+cmpb s0, 127 # while (i < 128)
+jpbi loop
+# saving the values
+strr r0, r2
+strr r1, r3
+poop r3
+poop r2
+poop r1
+retn
+
+def main:
+movi r0, 0
+call datastrlen
+movr r2, r0
+movi s0, 0
+decrypt:
+push s0
+movi r0, 0
+movi r1, 2
+addr r0, s0
+addr r1, s0
+call round
+poop s0
+addi s0, 4
+cmpr s0, r2
+jpbi decrypt
+lodi r0, 0
+lodi r1, 2
+lodi r2, 4
+lodi r3, 6
+shit

polictf/asms/encrypt.pstc

@@ -53,7 +53,7 @@ shli s0, 4
 addi s0, 0x7065 # s0 = (text[1] << 4) + k0
 movr s1, r3
 poop s3 # restoring sum in s3
-addr s1, s3 # s1 = text[1] + sum
+#addr s1, s3 # s1 = text[1] + sum
 push s3 # saving sum again
 xorr s0, s1 # s0 = ((text[1] << 4) + k0) ^ (text[1] + sum)
 push s0
@@ -71,7 +71,7 @@ shli s0, 4
 addi s0, 0x7275 # s0 = (text[0] << 4) + k2
 movr s1, r2
 poop s3 # restoring sum in s3
-addr s1, s3 # s1 = text[0] + sum
+#addr s1, s3 # s1 = text[0] + sum
 push s3 # saving sum again
 xorr s0, s1 # s0 = ((text[0] << 4) + k2) ^ (text[0] + sum)
 push s0
@@ -118,7 +118,7 @@ addr r0, s0
 addr r1, s0
 call round
 poop s0
-addi s0, 1
+addi s0, 4
 cmpr s0, r2
 jpbi encrypt
 lodi r0, 0

polictf/client/pasticciotto_local.cpp

@@ -1,4 +1,4 @@
-#include "../vm/vm.h"
+#include "../../vm/vm.h"
 #include <fstream>
 #include <stdint.h>
 #include <stdio.h>

polictf/res/decrypteddatasection.txt

@@ -1 +1 @@
-TheDataSectionHasBeenEncrypted
+TheDataSectionHasBeenEncrypted!WhoAreYouGonnaCall?TheRuNasss!

polictf/res/encrypteddatasection

@@ -0,0 +1 @@
+Œê¾ªí Ðk™R%¹æØÿùé’zÅÄ~*ìg2E$ÐLdYí¦xþ­Ñ¼àØ:ùûùùn\RXF<58>UXE!

polictf/server/pasticciotto_server.cpp

@@ -1,5 +1,5 @@
-#include "../vm/vm.h"
-#include "../vm/debug.h"
+#include "../../vm/vm.h"
+#include "../../vm/debug.h"
 #include <fstream>
 #include <iostream>
 #include <stdint.h>
@@ -25,13 +25,18 @@ void gen_random(uint8_t *s, const int len) {
 }
 
 unsigned char encrypted_data[] = {
-    0xcc, 0x8d, 0x5a, 0xcc, 0x73, 0xb5, 0xf2, 0xa3, 0xf3, 0x92,
-    0xa8, 0x8f, 0x2f, 0xf1, 0x3e, 0xf4, 0x69, 0x00, 0x4a, 0xcb,
-    0xed, 0xc4, 0x57, 0x9b, 0xf6, 0x9a, 0x78, 0x46, 0x83, 0xe9};
-unsigned int encrypted_data_len = 30;
+  0x8c, 0xea, 0xbe, 0xaa, 0xed, 0xa0, 0xd0, 0x6b, 0x99, 0x1c, 0x52, 0x25,
+  0xb9, 0xe6, 0xd8, 0xff, 0xf9, 0xe9, 0x92, 0x7a, 0x1c, 0xc5, 0xc4, 0x7e,
+  0x2a, 0xec, 0x67, 0x32, 0x1f, 0x45, 0x24, 0xd0, 0x4c, 0x7f, 0x15, 0x64,
+  0x59, 0xed, 0xa6, 0x78, 0xfe, 0xad, 0xd1, 0xbc, 0xe0, 0xd8, 0x3a, 0xf9,
+  0xfb, 0xf9, 0xf9, 0x6e, 0x5c, 0x52, 0x58, 0x46, 0x8d, 0x55, 0x58, 0x45,
+  0x21
+};
+unsigned int encrypted_data_len = 61;
+
 
 int main(int argc, char *argv[]) {
-  uint8_t *key = new uint8_t[KEYLEN], *decdatasec = new uint8_t[DATAKEYLEN],
+  uint8_t *key = new uint8_t[KEYLEN], *decdatasec = new uint8_t[encrypted_data_len],
           *flag = new uint8_t[DATAKEYLEN];
   uint8_t *clientcode;
   uint8_t i;
@@ -40,42 +45,58 @@ int main(int argc, char *argv[]) {
 
   gen_random(key, KEYLEN);
   printf("Use this: \"%s\"\n", key);
+  fflush(stdout);
   printf("How much data are you sending me?\n");
+  fflush(stdout);
   scanf("%d", &clientcodesize);
   printf("Go ahead then!\n");
+  fflush(stdout);
   clientcode = new uint8_t[clientcodesize];
   bytesread = read(0, clientcode, clientcodesize);
   if (bytesread != clientcodesize) {
     printf("ERROR! Couldn't read everything!\n");
+    fflush(stdout);
     exit(1);
   }
   VM vm(key, clientcode, clientcodesize);
   vm.as.insData(encrypted_data, encrypted_data_len);
+  printf("BEFORE:\n");
+  for (i = 0; i < DATAKEYLEN; i++) {
+    fprintf(stdout, "buf[%d] = 0x%02x\n", i, vm.as.data[i]);
+  }
   vm.run();
 
-  datap = fopen("./res/decrypteddatasection.txt", "r");
+  datap = fopen("../res/decrypteddatasection.txt", "r");
   if (datap == NULL) {
       printf("Couldn't open decrypteddatasection.txt!\n");
+      fflush(stdout);
       exit(1);
   }
   fscanf(datap, "%s", decdatasec);
   fclose(datap);
 
+  for (i = 0; i < DATAKEYLEN; i++) {
+    fprintf(stdout, "buf[%d] = 0x%02x\n", i, vm.as.data[i]);
+  }
   for (i = 0; i < DATAKEYLEN; i++) {
     if (vm.as.data[i] != decdatasec[i]) {
-        DBG_INFO(("Checking data[%d]..\n", i));
+        printf("Checking data[%d]..\n", i);
+        fflush(stdout);
       printf("Nope!\n");
+      fflush(stdout);
       exit(1);
     }
   }
 
-  flagp = fopen("./res/flag.txt", "r");
+  flagp = fopen("../res/flag.txt", "r");
   if (flagp == NULL) {
       printf("Couldn't open flag.txt!\n");
+      fflush(stdout);
       exit(1);
   }
   fscanf(flagp, "%s", flag);
   fclose(flagp);
   printf("Congratulations!\nThe flag is: %s\n", flag);
+  fflush(stdout);
   return 0;
 }

polictf/server/test.py

@@ -0,0 +1,16 @@
+from pwn import *
+import subprocess
+
+key_re = re.compile(".*\"(.*)\".*")
+r = remote("127.0.0.1", 8888)
+
+first = r.recv()
+key = key_re.match(first).group(1)
+print("Using key: {}".format(key))
+subprocess.check_call(["python3", "../../assembler/assembler.py", "{}".format(key), "../asms/decrypt.pstc", "./out.pasticciotto"])
+with open("./out.pasticciotto") as f:
+    data = f.read()
+r.send("{}\n".format(len(data)))
+print(r.recv())
+r.send("{}\n".format(data))
+print(r.recv(100000))

polictf/tea_cversion/tea-decrypt.c

@@ -0,0 +1,40 @@
+#include <stdint.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+
+void decrypt(uint16_t *v) {
+  uint16_t v0 = v[0], v1 = v[1], i;
+  uint16_t k0 = 0x7065;                           // "pe"
+  uint16_t k1 = 0x7065;                           // "pe"
+  uint16_t k2 = 0x7275;                           // "ru"
+  uint16_t k3 = 0x6e73;                           // "ns"
+  for (i = 0; i < 128; i++) {
+    v1 -= ((v0 << 4) + k2) ^ (v0) ^ ((v0 >> 5) + k3);
+    v0 -= ((v1 << 4) + k0) ^ (v1) ^ ((v1 >> 5) + k1);
+  }
+  v[0] = v0;
+  v[1] = v1;
+}
+
+int main(int argc, char *argv[]) {
+  uint8_t buf[1000];
+  uint32_t buflen, i;
+
+  fprintf(stdout, "Length of the string?\n");
+  fflush(stdout);
+  fscanf(stdin, "%d", &buflen);
+  printf("Length: %d\n", buflen);
+  read(0, buf, buflen);
+
+  for (i = 0; i < buflen && i + 2 * (sizeof(uint16_t)) <= buflen;
+       i += sizeof(uint32_t)) {
+    decrypt((uint16_t *)&buf[i]);
+  }
+  for (i = 0; i < buflen; i++) {
+    fprintf(stdout, "buf[%d] = 0x%02x\n", i, buf[i]);
+  }
+  printf("STRING: %s\n", buf);
+  fflush(stdout);
+}

polictf/tea_cversion/tea-encrypt.c

@@ -5,21 +5,15 @@
 #include <unistd.h>
 
 void encrypt(uint16_t *v) {
-  uint16_t v0 = v[0], v1 = v[1], sum = 0, i; /* set up */
-  uint16_t delta = 0x626f;
+  uint16_t v0 = v[0], v1 = v[1], i;
   uint16_t k0 = 0x7065; // "pe"
   uint16_t k1 = 0x7065; // "pe"
   uint16_t k2 = 0x7275; // "ru"
   uint16_t k3 = 0x6e73; // "ns"
-  // printf("v0: 0x%x, v1: 0x%x\n", v0, v1);
   for (i = 0; i < 128; i++) {
-    sum += delta;
-    v0 += ((v1 << 4) + k0) ^ (v1 + sum) ^ ((v1 >> 5) + k1);
-    v1 += ((v0 << 4) + k2) ^ (v0 + sum) ^ ((v0 >> 5) + k3);
-    // printf("Intermediate v0: 0x%x | v1: 0x%x\n", v0, v1);
+    v0 += ((v1 << 4) + k0) ^ (v1) ^ ((v1 >> 5) + k1);
+    v1 += ((v0 << 4) + k2) ^ (v0) ^ ((v0 >> 5) + k3);
   }
-  // printf("SUM: 0x%x\n", sum);
-  // printf("v0: 0x%x, v1: 0x%x\n", v0, v1);
   v[0] = v0;
   v[1] = v1;
 }
@@ -27,6 +21,7 @@ void encrypt(uint16_t *v) {
 int main(int argc, char *argv[]) {
   uint8_t *buf;
   uint32_t buflen, i;
+  FILE *f;
   if (argc != 2) {
     printf("Usage: %s text_to_encrypt", argv[0]);
     exit(1);
@@ -34,11 +29,12 @@ int main(int argc, char *argv[]) {
   buflen = strlen(argv[1]);
   buf = (uint8_t *)malloc(buflen);
   memcpy(buf, argv[1], buflen);
-  for (i = 0; i < buflen; i++) {
+
+  for (i = 0; i < buflen && i + 2 * (sizeof(uint16_t)) <= buflen;
+       i += sizeof(uint32_t)) {
     encrypt((uint16_t *)&buf[i]);
   }
-  for (i = 0; i < buflen; i++) {
-    printf("%c", buf[i]);
-  }
+
+  write(1, buf, buflen);
   return 0;
 }

test/tea-decrypt.c

@@ -1,27 +0,0 @@
-#include <stdint.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <unistd.h>
-
-void decrypt(uint32_t *v, uint32_t *k) {
-  uint32_t v0 = v[0], v1 = v[1], sum = 0xC6EF3720, i; /* set up */
-  uint32_t delta = 0x9e3779b9; /* a key schedule constant */
-  uint32_t k0 = k[0], k1 = k[1], k2 = k[2], k3 = k[3]; /* cache key */
-  for (i = 0; i < 32; i++) {                           /* basic cycle start */
-    v1 -= ((v0 << 4) + k2) ^ (v0 + sum) ^ ((v0 >> 5) + k3);
-    v0 -= ((v1 << 4) + k0) ^ (v1 + sum) ^ ((v1 >> 5) + k1);
-    sum -= delta;
-  } /* end cycle */
-  v[0] = v0;
-  v[1] = v1;
-}
-
-int main(int argc, char *argv[]) {
-  if (argc != 3) {
-      printf("Usage: %s text_to_decrypt key", argv[0]);
-      exit(1);
-  }
-  decrypt((uint32_t*)argv[1], (uint32_t*)argv[2]);
-  printf("Result: %s", argv[1]);
-  return 0;
-}

vm/vm.cpp

@@ -91,41 +91,7 @@ void VM::status(void) {
   DBG_SUCC(("VM Status:\n"));
   DBG_SUCC(("~~~~~~~~~~\n"));
   for (i = R0; i <= SP; i++) {
-    switch (i) {
-    case R0:
-      DBG_INFO(("R0:\t0x%x\n", this->regs[i]));
-      break;
-    case R1:
-      DBG_INFO(("R1:\t0x%x\n", this->regs[i]));
-      break;
-    case R2:
-      DBG_INFO(("R2:\t0x%x\n", this->regs[i]));
-      break;
-    case R3:
-      DBG_INFO(("R3:\t0x%x\n", this->regs[i]));
-      break;
-    case S0:
-      DBG_INFO(("S0:\t0x%x\n", this->regs[i]));
-      break;
-    case S1:
-      DBG_INFO(("S1:\t0x%x\n", this->regs[i]));
-      break;
-    case S2:
-      DBG_INFO(("S2:\t0x%x\n", this->regs[i]));
-      break;
-    case S3:
-      DBG_INFO(("S3:\t0x%x\n", this->regs[i]));
-      break;
-    case IP:
-      DBG_INFO(("IP:\t0x%x\n", this->regs[i]));
-      break;
-    case RP:
-      DBG_INFO(("RP:\t0x%x\n", this->regs[i]));
-      break;
-    case SP:
-      DBG_INFO(("SP:\t0x%x\n", this->regs[i]));
-      break;
-    }
+    DBG_INFO(("%s:\t0x%04x\n", getRegName(i), regs[i]));
   }
   DBG_INFO(("Flags: ZF = %d, CF = %d\n", flags.ZF, flags.CF));
   DBG_SUCC(("~~~~~~~~~~\n"));