Skip to content

Latest commit

 

History

History

re06

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
README.md
README.md
 
 
decompilation.png
decompilation.png
 
 

README.md

re5 (re, 100pts)

michal@DESKTOP-U3SJ9VI:/mnt/c/Users/nazyw/Downloads$ file reverse.exe
reverse.exe: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows

A .Net executable, should be fun!

Let's use ILSpy:

decompilation

The decompilation is pretty clear:

Our input is firstly encrypted using the Enc function:

string text = tb_key.Text;
string a = Enc(text, 9157, 41117);

If the output matches the hardcoded string, we win:

if (a == "iB6WcuCG3nq+fZkoGgneegMtA5SRRL9yH0vUeN56FgbikZFE1HhTM9R4tZPghhYGFgbUeHB4tEKRRNR4Ymu0OwljQwmRRNR4jWBweOKRRyCRRAljLGQ=")
{
	MessageBox.Show("Correct!! You found FLAG");
}
else
{
	MessageBox.Show("Try again!");
}
public static string Enc(string s, int e, int n)
{
	int[] array = new int[s.Length];
	for (int i = 0; i < s.Length; i++)
	{
		array[i] = s[i];
	}
	int[] array2 = new int[array.Length];
	for (int i = 0; i < array.Length; i++)
	{
		array2[i] = mod(array[i], e, n);
	}
	string text = "";
	for (int i = 0; i < array.Length; i++)
	{
		text += (char)array2[i];
	}
	return Convert.ToBase64String(Encoding.Unicode.GetBytes(text));
}

public static int mod(int m, int e, int n)
{
	int[] array = new int[100];
	int num = 0;
	do
	{
		array[num] = e % 2;
		num++;
		e /= 2;
	}
	while (e != 0);
	int num2 = 1;
	for (int num3 = num - 1; num3 >= 0; num3--)
	{
		num2 = num2 * num2 % n;
		if (array[num3] == 1)
		{
			num2 = num2 * m % n;
		}
	}
	return num2;
}

The Enc function iterates over every letter and performs the following operation on it: array2[i] = mod(array[i], e, n); Since mod is just modular exponentiation, the encryption boils down to encrypting each letter using rsa with e=9157 and n=41117 we can just decrypt it using the calculated private key:

from base64 import b64decode

def egcd(a, b):
    if a == 0:
        return (b, 0, 1)
    else:
        g, y, x = egcd(b % a, a)
        return (g, x - (b // a) * y, y)

def modinv(a, m):
    g, x, y = egcd(a, m)
    if g != 1:
        raise Exception('modular inverse does not exist')
    else:
        return x % m

data = "iB6WcuCG3nq+fZkoGgneegMtA5SRRL9yH0vUeN56FgbikZFE1HhTM9R4tZPghhYGFgbUeHB4tEKRRNR4Ymu0OwljQwmRRNR4jWBweOKRRyCRRAljLGQ="
data = b64decode(data)
data = map(ord, data)

e = 9157
n = 41117

# since the modulus is just a prime
phi = n - 1
d = modinv(e, phi)

def decrypt(c):
    return pow(c, d, n)

flag = ''
for pos in range(0, len(data), 2):
    
    # strings in .Net are stored as UTF-16
    x = data[pos] + data[pos+1] * 256
    flag += chr(decrypt(x))

print(flag)

WhiteHat{N3xT_t1m3_I_wi11_Us3_l4rg3_nUmb3r}

Cool!