Write-up – Smart Card – Accessing the Diginotar building

Original write-up author: Daniel Boteanu and Éric Vigeant, team OKIOK

  • By creating the keys in the same way it was mentioned in the instructions with all data I had gotten from the previous flags I was ready to set the new PIN.
  • I chose 00000000 as my new PIN since it was the example given in the instructions
  • Below is the code to set the code in the card
  • After the PIN was set on the card, you went to the front, inserted your card in the terminal and entered your PIN
  • The terminal would display a flag on screen, which I took down on my notepad
  • It didn’t submit…
  • Turns out it was ROT13, then it worked! Continue reading…

Write-up – Smart Card – App Log Data

Write-up credits: Éric Vigeant, team OKIOK

  • The instructions mentioned this flag, so I looked at the last applet which was the most complex and had more commands than the other two.
  • I issued a GetChallenge which gave me a HEX string of the right length. Tried to submit, but failed.
  • I then issued ReadRecord with record 1 and it worked, I received a HEX string of the right length.
  • I issued a loop of ReadRecord from 1 to 255, and received values for the first 3 records. I tried XORing them and submitting but failed.
  • I then tried every combinations of 1, 2, 3 and 4 (with the challenge) XORing them and submitting, but failed.
  • After a very long while (too long), I noticed that some records returned different error codes than others.
  • Records 5, 8 and 13 returned 6985 instead of 6983 returned for all other records.
  • Error 6985 means conditions of use not satisfied.
  • Simple trick, you could not read those records after you read records 1,2 and 3. So I read them first.
  • Record 13 turned out to be the same as the challenge.
  • XOR ing the 6 records worked.
  • Here is the code: Continue reading…

Write-up – Smart Card – The Ben Pyr App Data

Write-up credits: Éric Vigeant, team OKIOK

  • The instructions mentioned this flag and also mentioned that there was a Ben Pyr applet on the card.
  • The Ben Pyr applet had 2 commands: Encrypt and Decrypt
  • Encrypt took no arguments so I sent it and received some ciphertext
  • I then sent the ciphertext to the decrypt command and received a 9000 response code indicating that it worked, but I didn’t have the decrypted data (which was what I was searching for).
  • I then sent all 0’s to the decrypt command and received an error
  • I then changed the first byte of the ciphertext and sent it and received 9000
  • I changed only the last byte of cipher text and received an error.
  • At that point, Daniel told me this looke like a padding oracle attack.
  • I implemented some code to perform the attack based on this page http://www.skullsecurity.org/blog/2013/padding-oracle-attacks-in-depth
  • Here is the resulting code (it is not clean and I ran it teice, first with cipher block 2, then with cipher block 1 guessing the IV to be 0) Continue reading…

Write-up – Smart Card- Old CDC ENC key

Write-up credits: Éric Vigeant, team OKIOK

  • The old encryption key was part of the old applet and a link was given to download the old applet from the web page.
  • I downloaded it and got a .cap file which is the applet format for javacard.
  • The cap format is simply a zip containing various part of a regular java class in different files.
  • The easy way to get this flag was to look for the static fields file and look for the key in the binary there (the track instructions indicated that the key was stored in a static field).
  • However, this is not how I did it. I started by downloading the javacard SDK.
  • Then I ran the normalizer on the cap file. This is a tool which takes a cap file and recreates a java .class file.
  • However, there is a bug in the normalizer which made it impossible to normalize the given .cap file.
  • I decompiled the normalizer, fixed the bug and then ran it on the .cap file.
  • I got an AAA.class file which I decompiled into AAA.java in which you can easily find the key in the field: sfield_token255_descoff17_staticref2
  • Here is the decompiled class: Continue reading…

Write-up – Smart Card – Brute Force CDC (3rd)

Write-up by Éric Vigeant, team OKIOK

  • The instructions stated that the PIN was 4 digits with the first one being 0.
  • I decided to brute force it, using a small program that I wrote in Java using javax.smartcardio
  • I selected the OLDCDC1 applet and issued verify commands in a loop until the card returned 9000 which indicated the PIN was right Continue reading…