Explore the basics of cybersecurity in the Digital-Safety-Annex Challenge on Hack The Box. This very-easy-level Challenge introduces encryption reversal and file handling concepts in a clear and accessible way, perfect for beginners.

https://app.hackthebox.com/challenges/773

Description#

Here at D.S.A we store all your super secret information in a secure vault until you provide us with proof you are who you say you are. We even use SHA256 instead of the weak SHA1! We are so confident, we invite all who wish to show us otherwise!

Exploitation#

#!/usr/bin/env python3
from multiprocessing import Pool, cpu_count
import sys, time, gmpy2
from pwn import *

def check_k_range(args):
    start, end, g, p, q, r = args
    for k in range(start, end):
        if k % 2000 == 0:
            print(f"Trying k = {k}")
        if pow(g, k, p) % q == r:
            return k
    return None

def find_k(g, p, q, r):
    cores = cpu_count()
    start = 65500
    end = 10**6
    chunk_size = (end - start) // cores
    ranges = []
    for i in range(cores):
        chunk_start = start + (i * chunk_size)
        chunk_end = chunk_start + chunk_size if i < cores - 1 else end
        ranges.append((chunk_start, chunk_end, g, p, q, r))
    with Pool(cores) as pool:
        results = pool.map(check_k_range, ranges)
    for result in results:
        if result is not None:
            return result
    return None

def exploit(target):
    ip, port = target.split(':')
    port = int(port)
    context.log_level = 'debug'
    io = remote(ip, port)
    io.recvuntil(b'>')
    io.sendline(b'4')
    buf = io.recvuntil(b'[+] Test user log (y/n) : ')
    p = int(buf.decode().split('\n')[6].split(' = ')[1])
    q = int(buf.decode().split('\n')[7].split(' = ')[1])
    g = int(buf.decode().split('\n')[8].split(' = ')[1])
    io.sendline(b'y')
    io.recvuntil(b'Enter your password : ')
    io.sendline(b'5up3r_53cur3_P45sw0r6')
    buf = io.recvuntil(b'>')
    r = int(buf.decode().split('\n')[1].split('((')[6].split(',')[0])
    s = int(buf.decode().split('\n')[1].split('((')[6].split(',')[1][1:-1])
    h = int(buf.decode().split('\n')[1].split('((')[6].split(',')[2].split(')]')[0].split("'")[1], 16)
    print(f"Starting k search using {cpu_count()} cores...")
    kx = find_k(g, p, q, r)
    if not kx:
        print("Failed to find k value")
        return
    print(f"Found k = {kx}")
    io.sendline(b'3')
    io.recvuntil(b'Please enter the username who stored the message : ')
    io.sendline(b'ElGamalSux')
    io.recvuntil(b'Please enter the message\'s request id: ')
    io.sendline(b'3')
    io.recvuntil(b'Please enter the message\'s nonce value : ')
    io.sendline(str(kx).encode())
    io.recvuntil(b'[+] Please enter the private key: ')
    pri = ((kx * s - h) * gmpy2.invert(r, q)) % q
    io.sendline(str(pri).encode())
    response = io.recvall().decode()
    print(response)

if __name__ == "__main__":
    if len(sys.argv) != 2:
        print(f"Usage: {sys.argv[0]} <ip:port>")
        sys.exit(1)
    target = sys.argv[1]
    exploit(target)

Summary#

The Digital-Safety-Annex challenge on Hack The Box is a Very Easy cryptographic challenge. It involves exploiting a weakness in an ElGamal encryption system using SHA256. The task is to find the value k by brute-forcing it across multiple CPU cores, which is then used to bypass authentication and retrieve the flag. It’s a great exercise for beginners to practice cryptography and parallel processing techniques.