Writeup author: SondreUM
Challenge file(s):
The command provided in the challenge description is an encryption command using the openssl
tool. The command encrypts the contents of the file master.txt
using the AES-256-CBC encryption algorithm with PBKDF2 key derivation and a specified number of iterations. The encryption key is derived from the password provided by the user. The encrypted output is then base64 encoded.
❯ openssl enc -aes-256-cbc -pbkdf2 -iter $ITER -in master.txt -k $PWD -a
The encryption command explained without any help from chatgpt:
openssl enc
: This invokes the openssl encryption tool to encrypt or decrypt data.-aes-256-cbc
: Specifies the encryption algorithm. Here, it is AES (Advanced Encryption Standard) with a 256-bit key length, in CBC (Cipher Block Chaining) mode.-pbkdf2
: Enables the use of PBKDF2 (Password-Based Key Derivation Function 2) to derive the encryption key from the password, adding an additional layer of security by making brute-force attacks harder.-iter $ITER
: Sets the number of iterations for PBKDF2. The variable $ITER is used to specify how many times the key derivation function will run to generate the encryption key. Higher iterations make the process slower but increase security.-in master.txt
: Specifies the input file (master.txt) to be encrypted.-k $PWD
: Sets the password for encryption, using the current working directory ($PWD) as the password. This is generally unconventional and potentially insecure unless $PWD is unique and known only to the user.-a
: Enables Base64 encoding of the output. This makes the encrypted text easier to share or store in text files, as it transforms the binary data into a text format.
Since aes-256-cbc is a symmetric encryption algorithm, we can decrypt the encrypted file using the same password and iterations used for encryption.
First we find the $PWD
variable, which is set to the current hostname and can be found on the first line in the login prompt.
.-/+oossssoo+/-. USER108@ubuntu-s-1vcpu-512mb-10gb-ams3-01
Next is the $ITER
used for deriving the key.
Iter is constructed from current data and time in unix epoch format.
From the command history we can see that the datetime used for the encryption is week 38 of 2024. To get some idea of the values we are dealing with we perform a quick test with current datetime.
echo $(($(date +%s)/1000000))
1730
Which, because of the high divisor is a fairly low number. And if we are lucky means that the possible iter values will be within a small range.
We test the first and last day of week 38 in 2024 to get the possible values for the iter variable. With some quick terminal math we get the following values.
$ echo $(($(date -d "2024-09-16" +%s)/1000000))
1726
$ echo $(($(date -d "2024-09-22" +%s)/1000000))
1726
We now know the values of both $PWD
and $ITER
that are needed for decryption.
We check the openssl tool to check for any decryption options.
$ openssl enc --help
General options:
-help Display this summary
-list List ciphers
-ciphers Alias for -list
-e Encrypt
-d Decrypt
Save the ciphertext from the openssl output given in the
terminal.log.txt
file to a file named cipher.txt
.
echo "U2FsdGVkX1+/39qrCQ9rlxMW2E30ylTUXYS+GTAVDMUK0oXJvkUDBCRbhClK2GKYc50OQZ7zgLPBhkMW8CM5VVnZBrxfyH5CAG8nj5BPDCg=" > cipher.txt
Then construct the following command to decrypt the file.
$ openssl enc -aes-256-cbc -pbkdf2 -iter 1726 -in cipher.txt -k ubuntu-s-1vcpu-512mb-10gb-ams3-01 -a -d
Master class secret: EPT{Ach13v3m3nt_Unl0ck3d_293857}