Multiplication Tables (net)

Intro

This is my write-up of a Networking challenge Multiplication Tables on the CTF site 247CTF.com.

Instructions

Can you recover the private key we used to download the flag over a TLS encrypted connection?

Howto

First we need to extract the certificete like in Not My Modulus.

Convert DER to usable format:

$ openssl x509 -inform DER -in public-cert-key.der -pubkey -noout > key.pub

$ cat key.pub
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDVzrM58EOtSsBE5WgLJiNjPa/h
ZtArVRS0PjS01u6DyAlvAWwmSEbhQNiwC74V9TANRDCdKShcsf58Ij0BGeE0ybsp
2sqbDRUkuJ5siVCNh6OdhMnHLySTcU+3jKWsPNNz8U2BaETEVafB9yggAgjWqEbl
xXq0q3uc464SDnWZawIDAQAB
-----END PUBLIC KEY-----

Use RsaCtfTool to generate private key and save it as private.key:

$ ./RsaCtfTool.py --publickey key.pub --private --attack factordb > private.key

Use tshark to decrypt data:

$ tshark -r multiplication_tables.pcap 
 \ -o "tls.keys_list: 192.168.10.111,8443,http,private.key" 
 \ -z "follow,ssl,ascii,1"

    1   0.000000 192.168.10.111 → 192.168.10.159 TCP 66 17865 → 8443 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 WS=256 SACK_PERM=1
    2   0.000051 192.168.10.159 → 192.168.10.111 TCP 66 8443 → 17865 [SYN, ACK] Seq=0 Ack=1 Win=29200 Len=0 MSS=1460 SACK_PERM=1 WS=128
    3   0.000319 192.168.10.111 → 192.168.10.159 TCP 60 17865 → 8443 [ACK] Seq=1 Ack=1 Win=1051136 Len=0
    4   0.000620 192.168.10.111 → 192.168.10.159 TLSv1 571 Client Hello
    5   0.000640 192.168.10.159 → 192.168.10.111 TCP 54 8443 → 17865 [ACK] Seq=1 Ack=518 Win=30336 Len=0
    6   0.000815 192.168.10.159 → 192.168.10.111 TLSv1.2 756 Server Hello, Certificate, Server Hello Done
    7   0.001210 192.168.10.111 → 192.168.10.159 TLSv1.2 61 Alert (Level: Fatal, Description: Certificate Unknown)
    8   0.001328 192.168.10.111 → 192.168.10.159 TCP 60 17865 → 8443 [FIN, ACK] Seq=525 Ack=703 Win=1050368 Len=0
    9   0.001398 192.168.10.159 → 192.168.10.111 TCP 54 8443 → 17865 [FIN, ACK] Seq=703 Ack=526 Win=30336 Len=0
   10   0.001542 192.168.10.111 → 192.168.10.159 TCP 60 17865 → 8443 [ACK] Seq=526 Ack=704 Win=1050368 Len=0
   11   0.006428 192.168.10.111 → 192.168.10.159 TCP 66 17866 → 8443 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 WS=256 SACK_PERM=1
   12   0.006479 192.168.10.159 → 192.168.10.111 TCP 66 8443 → 17866 [SYN, ACK] Seq=0 Ack=1 Win=29200 Len=0 MSS=1460 SACK_PERM=1 WS=128
   13   0.006706 192.168.10.111 → 192.168.10.159 TCP 60 17866 → 8443 [ACK] Seq=1 Ack=1 Win=1051136 Len=0
   14   0.007056 192.168.10.111 → 192.168.10.159 TLSv1 571 Client Hello
   15   0.007081 192.168.10.159 → 192.168.10.111 TCP 54 8443 → 17866 [ACK] Seq=1 Ack=518 Win=30336 Len=0
   16   0.007274 192.168.10.159 → 192.168.10.111 TLSv1.2 756 Server Hello, Certificate, Server Hello Done
   17   0.007777 192.168.10.111 → 192.168.10.159 TLSv1.2 244 Client Key Exchange, Change Cipher Spec, Finished
   18   0.008344 192.168.10.159 → 192.168.10.111 TLSv1.2 280 New Session Ticket, Change Cipher Spec, Finished
   19   0.008984 192.168.10.111 → 192.168.10.159 HTTP 654 GET /flag.txt HTTP/1.1
   20   0.009527 192.168.10.159 → 192.168.10.111 TLSv1.2 100 [TLS segment of a reassembled PDU]
   21   0.010039 192.168.10.159 → 192.168.10.111 HTTP 446 HTTP/1.0 200 OK  (text/plain)
   22   0.010293 192.168.10.111 → 192.168.10.159 TCP 60 17866 → 8443 [ACK] Seq=1308 Ack=1368 Win=1049600 Len=0
   23   0.012247 192.168.10.111 → 192.168.10.159 TCP 60 17866 → 8443 [FIN, ACK] Seq=1308 Ack=1368 Win=1049600 Len=0
   24   0.012278 192.168.10.159 → 192.168.10.111 TCP 54 8443 → 17866 [ACK] Seq=1368 Ack=1309 Win=32640 Len=0

===================================================================
Follow: tls,ascii
Filter: tcp.stream eq 1
Node 0: 192.168.10.111:17866
Node 1: :0
571
GET /flag.txt HTTP/1.1
Host: 192.168.10.159:8443
Connection: keep-alive
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate, br
Accept-Language: en-AU,en;q=0.9,nl-NL;q=0.8,nl;q=0.7,en-GB;q=0.6,en-US;q=0.5


	17
HTTP/1.0 200 OK

	17
Server: 247CTF

	37
Date: Fri, 04 Oct 2019 23:16:55 GMT

	26
Content-type: text/plain

	20
Content-Length: 41

	46
Last-Modified: Fri, 04 Oct 2019 11:33:30 GMT

	2


	41
247CTF{xxxx}

===================================================================

Good source

Multiplication Tables (net)

PUBLISHED ON 05/04/2020 — EDITED ON 11/12/2023 — 247CTF, INFOSEC

Intro

Instructions

Howto

TAGS: NET, OPENSSL, TLS, WIRESHARK