Post

HackTheBox BBGun06 Writeup

Posted
By x3ric
2 min read

Explore the basics of cybersecurity in the BBGun06 Challenge on Hack The Box. This easy-level Challenge introduces encryption reversal and file handling concepts in a clear and accessible way, perfect for beginners.

https://app.hackthebox.com/challenges/380

Description

We have received reports from CloudCompany that resources are involved in malicious activity similar to attempting unauthorized access to remote hosts on the Internet. We have since shut down the server and locked the SA. While we were trying to investigate what the entry point was, we discovered a phishing email from CloudCompany's IT department. You've since notified the vendor, and they've provided the source code of the email signing server for a security assessment. We've identified an outdated RSA verification code implementation, which we believe could be the cause of why the threat actors were able to impersonate the vendor. Can you replicate the attack and notify them of any possible misuse?

Exploitation

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31

#!/usr/bin/python3
from Crypto.PublicKey import RSA
from Crypto.Util.number import long_to_bytes
from gmpy2 import iroot
from pwn import log, re, remote, sys

def main():
    if len(sys.argv) != 2:
        log.warning(f'Usage: python {sys.argv[0]} <host:port>')
        exit(1)
    host, port = sys.argv[1].split(':')
    r = remote(host, int(port))
    r.recvuntil(b'certificate: \n')
    cert = RSA.import_key(r.recvuntil(b'-----END PUBLIC KEY-----').decode())
    n, e = cert.n, cert.e
    forged_min = int((b'\x00\x01' + b'\xff' *   1 + b'\x000!0\t\x06\x05+\x0e\x03\x02\x1a\x05\x00\x04\x14\xdb}\xdd?yeA\xdaO\x80]yHo\xd3w\x07\x9c2p').ljust(256, b'\x00').hex(), 16)
    forged_max = int((b'\x00\x01' + b'\xff' * 217 + b'\x000!0\t\x06\x05+\x0e\x03\x02\x1a\x05\x00\x04\x14\xdb}\xdd?yeA\xdaO\x80]yHo\xd3w\x07\x9c2p').ljust(256, b'\xff').hex(), 16)
    perfect_cube_range = range(iroot(forged_min, e)[0], iroot(forged_max, e)[0])
    regex = re.compile(b'\x00\x01\xff+?\x00(.{15})(.{20})', re.DOTALL)
    keylength = len(long_to_bytes(n))
    for t in perfect_cube_range:
        clearsig = (t ** e).to_bytes(keylength, 'big')
        m = regex.match(clearsig)
        if m and m.groups() == (b'0!0\t\x06\x05+\x0e\x03\x02\x1a\x05\x00\x04\x14', b'\xdb}\xdd?yeA\xdaO\x80]yHo\xd3w\x07\x9c2p'):
            break
    r.sendafter(b'Enter the signature as hex: ', hex(t)[2:].encode())
    log.success(f'Flag: {r.recv().decode()}')
    r.close()

if __name__ == '__main__':
    main()

Summary

The BBGun06 Challenge on Hack The Box is an easy-level cryptographic challenge involving RSA signature forgery. Participants exploit an outdated RSA verification implementation to craft a forged signature that matches the server’s expected format. Using mathematical insights into cube roots and padding, the forged signature is submitted to retrieve the flag. This challenge is an excellent exercise for learning about vulnerabilities in RSA signature schemes and practical exploitation techniques.

challenge
htb challenge writeup linux crypto
This post is licensed under CC BY 4.0 by the author.