This is my write-up of a Networking challenge Multiplication Tables on the CTF site 247CTF.com.
Can you recover the private key we used to download the flag over a TLS encrypted connection?
First we need to extract the certificete like in Not My Modulus.
Convert DER to usable format:
$ openssl x509 -inform DER -in public-cert-key.der -pubkey -noout > key.pub
$ cat key.pub
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDVzrM58EOtSsBE5WgLJiNjPa/h
ZtArVRS0PjS01u6DyAlvAWwmSEbhQNiwC74V9TANRDCdKShcsf58Ij0BGeE0ybsp
2sqbDRUkuJ5siVCNh6OdhMnHLySTcU+3jKWsPNNz8U2BaETEVafB9yggAgjWqEbl
xXq0q3uc464SDnWZawIDAQAB
-----END PUBLIC KEY-----
Use RsaCtfTool to generate private key and save it as private.key:
$ ./RsaCtfTool.py --publickey key.pub --private --attack factordb > private.key
Use tshark to decrypt data:
$ tshark -r multiplication_tables.pcap
\ -o "tls.keys_list: 192.168.10.111,8443,http,private.key"
\ -z "follow,ssl,ascii,1"
1 0.000000 192.168.10.111 → 192.168.10.159 TCP 66 17865 → 8443 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 WS=256 SACK_PERM=1
2 0.000051 192.168.10.159 → 192.168.10.111 TCP 66 8443 → 17865 [SYN, ACK] Seq=0 Ack=1 Win=29200 Len=0 MSS=1460 SACK_PERM=1 WS=128
3 0.000319 192.168.10.111 → 192.168.10.159 TCP 60 17865 → 8443 [ACK] Seq=1 Ack=1 Win=1051136 Len=0
4 0.000620 192.168.10.111 → 192.168.10.159 TLSv1 571 Client Hello
5 0.000640 192.168.10.159 → 192.168.10.111 TCP 54 8443 → 17865 [ACK] Seq=1 Ack=518 Win=30336 Len=0
6 0.000815 192.168.10.159 → 192.168.10.111 TLSv1.2 756 Server Hello, Certificate, Server Hello Done
7 0.001210 192.168.10.111 → 192.168.10.159 TLSv1.2 61 Alert (Level: Fatal, Description: Certificate Unknown)
8 0.001328 192.168.10.111 → 192.168.10.159 TCP 60 17865 → 8443 [FIN, ACK] Seq=525 Ack=703 Win=1050368 Len=0
9 0.001398 192.168.10.159 → 192.168.10.111 TCP 54 8443 → 17865 [FIN, ACK] Seq=703 Ack=526 Win=30336 Len=0
10 0.001542 192.168.10.111 → 192.168.10.159 TCP 60 17865 → 8443 [ACK] Seq=526 Ack=704 Win=1050368 Len=0
11 0.006428 192.168.10.111 → 192.168.10.159 TCP 66 17866 → 8443 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 WS=256 SACK_PERM=1
12 0.006479 192.168.10.159 → 192.168.10.111 TCP 66 8443 → 17866 [SYN, ACK] Seq=0 Ack=1 Win=29200 Len=0 MSS=1460 SACK_PERM=1 WS=128
13 0.006706 192.168.10.111 → 192.168.10.159 TCP 60 17866 → 8443 [ACK] Seq=1 Ack=1 Win=1051136 Len=0
14 0.007056 192.168.10.111 → 192.168.10.159 TLSv1 571 Client Hello
15 0.007081 192.168.10.159 → 192.168.10.111 TCP 54 8443 → 17866 [ACK] Seq=1 Ack=518 Win=30336 Len=0
16 0.007274 192.168.10.159 → 192.168.10.111 TLSv1.2 756 Server Hello, Certificate, Server Hello Done
17 0.007777 192.168.10.111 → 192.168.10.159 TLSv1.2 244 Client Key Exchange, Change Cipher Spec, Finished
18 0.008344 192.168.10.159 → 192.168.10.111 TLSv1.2 280 New Session Ticket, Change Cipher Spec, Finished
19 0.008984 192.168.10.111 → 192.168.10.159 HTTP 654 GET /flag.txt HTTP/1.1
20 0.009527 192.168.10.159 → 192.168.10.111 TLSv1.2 100 [TLS segment of a reassembled PDU]
21 0.010039 192.168.10.159 → 192.168.10.111 HTTP 446 HTTP/1.0 200 OK (text/plain)
22 0.010293 192.168.10.111 → 192.168.10.159 TCP 60 17866 → 8443 [ACK] Seq=1308 Ack=1368 Win=1049600 Len=0
23 0.012247 192.168.10.111 → 192.168.10.159 TCP 60 17866 → 8443 [FIN, ACK] Seq=1308 Ack=1368 Win=1049600 Len=0
24 0.012278 192.168.10.159 → 192.168.10.111 TCP 54 8443 → 17866 [ACK] Seq=1368 Ack=1309 Win=32640 Len=0
===================================================================
Follow: tls,ascii
Filter: tcp.stream eq 1
Node 0: 192.168.10.111:17866
Node 1: :0
571
GET /flag.txt HTTP/1.1
Host: 192.168.10.159:8443
Connection: keep-alive
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate, br
Accept-Language: en-AU,en;q=0.9,nl-NL;q=0.8,nl;q=0.7,en-GB;q=0.6,en-US;q=0.5
17
HTTP/1.0 200 OK
17
Server: 247CTF
37
Date: Fri, 04 Oct 2019 23:16:55 GMT
26
Content-type: text/plain
20
Content-Length: 41
46
Last-Modified: Fri, 04 Oct 2019 11:33:30 GMT
2
41
247CTF{xxxx}
===================================================================