Added 2023 Crypto challenges, will start 2022 next week!

Author: Crypto-Cat

2023/crypto/Keyless/README.md

@@ -0,0 +1,23 @@
+# Title
+
+Keyless
+
+# Category
+
+🔐 Crypto
+
+# Author
+
+CryptoCat
+
+# Difficulty
+
+Easy
+
+# Description
+
+My friend made a new encryption algorithm. Apparently it's so advanced, you don't even need a key!
+
+# Flag
+
+`INTIGRITI{m4yb3_4_k3y_w0uld_b3_b3773r_4f73r_4ll}`

2023/crypto/Keyless/keyless.zip

@@ -0,0 +1,21 @@
+[FULL VIDEO WRITEUP](https://youtu.be/CsyQFzTJ09w?t=600)
+
+#### solve.py
+
+```py
+def decrypt(encrypted_message):
+    decrypted_message = ""
+    for char in encrypted_message:
+        c_reverse = ord(char) ^ 23
+        b_reverse = (c_reverse + 7) // 3
+        a_reverse = (b_reverse - 5) ^ 42
+        decrypted_char = (a_reverse - 10) // 2
+        decrypted_message += chr(decrypted_char)
+    return decrypted_message
+
+with open("flag.txt.enc", "r") as file:
+    encrypted_flag = file.read()
+
+decrypted_flag = decrypt(encrypted_flag)
+print(decrypted_flag)
+```

2023/crypto/Keyless/solution/README.md

@@ -0,0 +1,23 @@
+# Title
+
+Not So Smooth
+
+# Category
+
+🔐 Crypto
+
+# Author
+
+ConnorM
+
+# Difficulty
+
+Easy
+
+# Description
+
+TODO
+
+# Flag
+
+`INTIGRITI{1e863724be1ea6d3e}`

2023/crypto/NotSoSmooth/README.md

@@ -0,0 +1,27 @@
+from Crypto.Util.number import long_to_bytes
+from Crypto.Util.strxor import strxor
+from random import randint
+from flag import FLAG
+
+def f(x, n):  
+    return (pow(u,n,p)*x + v*(1-pow(u,n,p))*pow(1-u, -1, p)) % p  
+
+p = 97201997431130462639713476119411091922677381239967611061717766639853376871260165905989218335681560177626304205941143288128749532327607316527719299945637260643711897738116821179208534292854942631428531228316344113303402450588666012800739695018334321748049518585617428717505851025279186520225325765864212731597
+u = 14011530787746260724685809284106528245188320623672333581950055679051366424425259006994945665868546765648275822501035229606171697373122374288934559593175958252416643298136731105775907857798815936190074350794406666922357841091849449562922724459876362600203284195621546769313749721476449207319566681142955460891977927184371401451946649848065952527323468939007868874410618846898618148752279316070498097254384228565132693552949206926391461108714034141321700284318834819732949544823937032615318011463993204345644038210938407875147446570896826729265366024224612406740371824999201173579640264979086368843819069035017648357042
+v = 16560637729264127314502582188855146263038095275553321912067588804088156431664370603746929023264744622682435376065011098909463163865218610904571775751705336266271206718700427773757241393847274601309127403955317959981271158685681135990095066557078560050980575698278958401980987514566688310172721963092100285717921465575782434632190913355536291988686994429739581469633462010143996998589435537178075521590880467628369030177392034117774853431604525531066071844562073814187461299329339694285509725214674761990940902460186665127466202741989052293452290042871514149972640901432877318075354158973805495004367245286709191395753
+w = 30714296289538837760400431621661767909419746909959905820574067592409316977551664652203146506867115455464665524418603262821119202980897986798059489126166547078057148348119365709992892615014626003313040730934533283339617856938614948620116906770806796378275546490794161777851252745862081462799572448648587153412425374338967601487603800379070501278705056791472269999767679535887678042527423534392867454254712641029797659150392148648565421400107500607994226410206105774620083214215531253544274444448346065590895353139670885420838370607181375842930315910289979440845957719622069769102831263579510660283634808483329218819353
+a = randint(0, 2**2048)
+b = randint(0, 2**2048)
+A = f(w, a)
+B = f(w, b)
+key = long_to_bytes(f(B, a))[:len(FLAG)]
+enc = strxor(FLAG, key)
+print(f"{A = }")
+print(f"{B = }")
+print(f"{enc = }")
+
+"""
+A = 7393401480034113709683683682039780458211722756040975666277858366986963864147091724359492764726999692812421940595309756560491142512219957986281425163574890752574157617546760386852366936945888357800966704941013951530688031419816817272581287237223765833452303447283089906937413964658335387593899889933721262202
+B = 6919381992041136573008188094979879971060160509085428532054694712745921654244468113796582501225839242977870949915769181804595896718922228206397860738237256125972615830799470450058633231003927061049289907097099916321068776956652172887225970642896455423957706532253349472544176183473470843719479781727784095989
+enc = b'\xcfW\x85\x8d\xedU\xdd\xd9`\x16f\xb8j(\xeb9-\x1b\xb8\x18 0av\xe5\xabK\xc6'
+"""

2023/crypto/NotSoSmooth/notsosmooth.py

@@ -0,0 +1,22 @@
+[COMMUNITY WRITEUP](https://berliangabriel.github.io/post/1337up-ctf-2023/)
+
+#### solve.py
+
+```py
+from Crypto.Util.number import long_to_bytes
+from Crypto.Util.strxor import strxor
+
+p = 97201997431130462639713476119411091922677381239967611061717766639853376871260165905989218335681560177626304205941143288128749532327607316527719299945637260643711897738116821179208534292854942631428531228316344113303402450588666012800739695018334321748049518585617428717505851025279186520225325765864212731597
+u = 14011530787746260724685809284106528245188320623672333581950055679051366424425259006994945665868546765648275822501035229606171697373122374288934559593175958252416643298136731105775907857798815936190074350794406666922357841091849449562922724459876362600203284195621546769313749721476449207319566681142955460891977927184371401451946649848065952527323468939007868874410618846898618148752279316070498097254384228565132693552949206926391461108714034141321700284318834819732949544823937032615318011463993204345644038210938407875147446570896826729265366024224612406740371824999201173579640264979086368843819069035017648357042
+v = 16560637729264127314502582188855146263038095275553321912067588804088156431664370603746929023264744622682435376065011098909463163865218610904571775751705336266271206718700427773757241393847274601309127403955317959981271158685681135990095066557078560050980575698278958401980987514566688310172721963092100285717921465575782434632190913355536291988686994429739581469633462010143996998589435537178075521590880467628369030177392034117774853431604525531066071844562073814187461299329339694285509725214674761990940902460186665127466202741989052293452290042871514149972640901432877318075354158973805495004367245286709191395753
+w = 30714296289538837760400431621661767909419746909959905820574067592409316977551664652203146506867115455464665524418603262821119202980897986798059489126166547078057148348119365709992892615014626003313040730934533283339617856938614948620116906770806796378275546490794161777851252745862081462799572448648587153412425374338967601487603800379070501278705056791472269999767679535887678042527423534392867454254712641029797659150392148648565421400107500607994226410206105774620083214215531253544274444448346065590895353139670885420838370607181375842930315910289979440845957719622069769102831263579510660283634808483329218819353
+A = 7393401480034113709683683682039780458211722756040975666277858366986963864147091724359492764726999692812421940595309756560491142512219957986281425163574890752574157617546760386852366936945888357800966704941013951530688031419816817272581287237223765833452303447283089906937413964658335387593899889933721262202
+B = 6919381992041136573008188094979879971060160509085428532054694712745921654244468113796582501225839242977870949915769181804595896718922228206397860738237256125972615830799470450058633231003927061049289907097099916321068776956652172887225970642896455423957706532253349472544176183473470843719479781727784095989
+enc = b'\xcfW\x85\x8d\xedU\xdd\xd9`\x16f\xb8j(\xeb9-\x1b\xb8\x18 0av\xe5\xabK\xc6'
+
+k = v * pow(1-u, -1, p)
+ua = (k-A) * pow(k-w, -1, p)
+key = (ua*B + v*(1-ua)*pow(1-u, -1, p)) % p
+key = long_to_bytes(key)[:len(enc)]
+print(strxor(enc, key).decode())
+```

2023/crypto/NotSoSmooth/solution/README.md

@@ -0,0 +1,19 @@
+# Title
+
+One equation, ten unknowns?
+
+# Category
+
+🔐 Crypto
+
+# Author
+
+ConnorM
+
+# Difficulty
+
+Medium
+
+# Flag
+
+`INTIGRITI{3a8a32c7f6}`

2023/crypto/OneEquation/README.md

@@ -0,0 +1,19 @@
+[COMMUNITY WRITEUP](https://berliangabriel.github.io/post/1337up-ctf-2023/)
+
+#### solve.sage
+
+```py
+from out import cs, s
+
+vrs = [var(f'x_{i}') for i in range(10)]
+equation = sum(c*v for c, v in zip(cs, vrs)) - s
+coeffs = equation.polynomial(ZZ).coefficients()
+M = Matrix(coeffs).transpose()
+M = M.augment(identity_matrix(M.nrows()))
+M[-1, -1] = 0
+M = M.LLL()
+flag = ""
+for i in M[0][1:-1]:
+    flag += chr(i % 1000)
+print("INTIGRITI{%s}" % flag)
+```

2023/crypto/OneEquation/one_equation.zip

@@ -0,0 +1,26 @@
+# Title
+
+Really Secure Apparently
+
+# Category
+
+🔐 Crypto
+
+# Author
+
+CryptoCat
+
+# Difficulty
+
+Easy
+
+# Description
+
+Apparently this encryption is "really secure" and I don't need to worry about sharing the ciphertext, or even these values..
+
+n = 689061037339483636851744871564868379980061151991904073814057216873412583484720768694905841053416938972235588548525570270575285633894975913717130070544407480547826227398039831409929129742007101671851757453656032161443946817685708282221883187089692065998793742064551244403369599965441075497085384181772038720949
+e = 98161001623245946455371459972270637048947096740867123960987426843075734419854169415217693040603943985614577854750928453684840929755254248201161248375350238628917413291201125030514500977409961838501076015838508082749034318410808298025858181711613372870289482890074072555265382600388541381732534018133370862587
+
+# Flag
+
+`INTIGRITI{0r_n07_50_53cur3_m4yb3}`

2023/crypto/OneEquation/solution/README.md

@@ -0,0 +1 @@
+t
ʁ���Q����gb7]]�����G]~U[7�%̍9�zV��A[�]�g*��e�<�U:�ϗZ�FGU1=S	�U��0��ġ�>���m'R0�8
��H#�E�O�,BwoZy��cîp��&Xb	�J֫ov�

2023/crypto/ReallySecureApparently/README.md

@@ -0,0 +1,27 @@
+import rsa
+
+e = 98161001623245946455371459972270637048947096740867123960987426843075734419854169415217693040603943985614577854750928453684840929755254248201161248375350238628917413291201125030514500977409961838501076015838508082749034318410808298025858181711613372870289482890074072555265382600388541381732534018133370862587
+n = 689061037339483636851744871564868379980061151991904073814057216873412583484720768694905841053416938972235588548525570270575285633894975913717130070544407480547826227398039831409929129742007101671851757453656032161443946817685708282221883187089692065998793742064551244403369599965441075497085384181772038720949
+d = 65399441570747996612246087958644390242089073014389060882369755525057949069503
+
+# Generate an RSA public key with the specified values
+pub_key = rsa.PublicKey(n, e)
+
+# Save the public key (n, e) to a file
+with open('public_key.pem', 'wb') as f:
+    f.write(pub_key.save_pkcs1(format='PEM'))
+
+# Encrypt a message using the public key
+message = b'Well done! Here is your flag: INTIGRITI{0r_n07_50_53cur3_m4yb3}'
+ciphertext = rsa.encrypt(message, pub_key)
+
+# Convert the ciphertext to an integer
+ciphertext_int = int.from_bytes(ciphertext, byteorder='big')
+
+# Save the ciphertext as an integer to a binary file
+with open('ciphertext', 'wb') as f:
+    f.write(ciphertext_int.to_bytes((ciphertext_int.bit_length() + 7) // 8, byteorder='big'))
+
+# Provide participants with the public key (n, e) and ciphertext
+print(f"n = {n}")
+print(f"e = {e}")

2023/crypto/ReallySecureApparently/challenge/ciphertext

@@ -0,0 +1,141 @@
+"""
+The MIT License (MIT)
+Copyright (c) 2019-2023 Nao Yonashiro
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
+DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
+OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE
+OR OTHER DEALINGS IN THE SOFTWARE.
+"""
+from typing import Tuple, Iterator, Iterable, Optional
+
+
+def isqrt(n: int) -> int:
+    """
+    ref: https://en.wikipedia.org/wiki/Integer_square_root
+    
+    >>> isqrt(289)
+    17
+    >>> isqrt(2)
+    1
+    >>> isqrt(1000000 ** 2)
+    1000000
+    """
+    if n == 0:
+        return 0
+
+    # ref: https://en.wikipedia.org/wiki/Methods_of_computing_square_roots#Rough_estimation
+    x = 2 ** ((n.bit_length() + 1) // 2)
+    while True:
+        y = (x + n // x) // 2
+        if y >= x:
+            return x
+        x = y
+
+
+def is_perfect_square(n: int) -> bool:
+    """
+    ref: https://hnw.hatenablog.com/entry/20140503
+
+    >>> is_perfect_square(100)
+    True
+    
+    >>> is_perfect_square(2000000000000000000000000000 ** 2)
+    True
+
+    >>> is_perfect_square(2000000000000000000000000000 ** 2 + 1)
+    False
+    """
+    sq_mod256 = (1,1,0,0,1,0,0,0,0,1,0,0,0,0,0,0,1,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,1,0,0,1,0,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,1,1,0,0,1,0,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,1,0,0,1,0,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,1,0,0,1,0,0,0,0,1,0,0,0,0,0,0,1,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,1,0,0,1,0,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,1,0,0,1,0,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,1,0,0,1,0,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0)
+    if sq_mod256[n & 0xff] == 0:
+        return False
+
+    mt = (
+        (9, (1,1,0,0,1,0,0,1,0)),
+        (5, (1,1,0,0,1)),
+        (7, (1,1,1,0,1,0,0)),
+        (13, (1,1,0,1,1,0,0,0,0,1,1,0,1)),
+        (17, (1,1,1,0,1,0,0,0,1,1,0,0,0,1,0,1,1))
+    )
+    a = n % (9 * 5 * 7 * 13 * 17)
+    if any(t[a % m] == 0 for m, t in mt):
+        return False
+
+    return isqrt(n) ** 2 == n
+
+
+def rational_to_contfrac(x: int, y: int) -> Iterator[int]:
+    """
+    ref: https://en.wikipedia.org/wiki/Euclidean_algorithm#Continued_fractions
+    
+    >>> list(rational_to_contfrac(4, 11))
+    [0, 2, 1, 3]
+    """
+    while y:
+        a = x // y
+        yield a
+        x, y = y, x - a * y
+
+
+def contfrac_to_rational_iter(contfrac: Iterable[int]) -> Iterator[Tuple[int, int]]:
+    """
+    ref: https://www.cits.ruhr-uni-bochum.de/imperia/md/content/may/krypto2ss08/shortsecretexponents.pdf (6)
+    """
+    n0, d0 = 0, 1
+    n1, d1 = 1, 0
+    for q in contfrac:
+        n = q * n1 + n0
+        d = q * d1 + d0
+        yield n, d
+        n0, d0 = n1, d1
+        n1, d1 = n, d
+
+
+def convergents_from_contfrac(contfrac: Iterable[int]) -> Iterator[Tuple[int, int]]:
+    """
+    ref: https://www.cits.ruhr-uni-bochum.de/imperia/md/content/may/krypto2ss08/shortsecretexponents.pdf Section.3
+    """
+    n_, d_ = 1, 0
+    for i, (n, d) in enumerate(contfrac_to_rational_iter(contfrac)):
+        if i % 2 == 0:
+            yield n + n_, d + d_
+        else:
+            yield n, d
+        n_, d_ = n, d
+
+
+def attack(e: int, n: int) -> Optional[int]:
+    """
+    ref: https://www.cits.ruhr-uni-bochum.de/imperia/md/content/may/krypto2ss08/shortsecretexponents.pdf Section.4
+    
+    >>> attack(2621, 8927)
+    5
+    >>> attack(6792605526025, 9449868410449)
+    569
+    >>> attack(30749686305802061816334591167284030734478031427751495527922388099381921172620569310945418007467306454160014597828390709770861577479329793948103408489494025272834473555854835044153374978554414416305012267643957838998648651100705446875979573675767605387333733876537528353237076626094553367977134079292593746416875606876735717905892280664538346000950343671655257046364067221469807138232820446015769882472160551840052921930357988334306659120253114790638496480092361951536576427295789429197483597859657977832368912534761100269065509351345050758943674651053419982561094432258103614830448382949765459939698951824447818497599, 109966163992903243770643456296093759130737510333736483352345488643432614201030629970207047930115652268531222079508230987041869779760776072105738457123387124961036111210544028669181361694095594938869077306417325203381820822917059651429857093388618818437282624857927551285811542685269229705594166370426152128895901914709902037365652575730201897361139518816164746228733410283595236405985958414491372301878718635708605256444921222945267625853091126691358833453283744166617463257821375566155675868452032401961727814314481343467702299949407935602389342183536222842556906657001984320973035314726867840698884052182976760066141)
+    4221909016509078129201801236879446760697885220928506696150646938237440992746683409881141451831939190609743447676525325543963362353923989076199470515758399
+    """
+    f_ = rational_to_contfrac(e, n)
+    for k, dg in convergents_from_contfrac(f_):
+        edg = e * dg
+        phi = edg // k
+
+        x = n - phi + 1
+        if x % 2 == 0 and is_perfect_square((x // 2) ** 2 - n):
+            g = edg - phi * k
+            return dg // g
+    return None
+

2023/crypto/ReallySecureApparently/challenge/encrypt.py

@@ -0,0 +1,14 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICNQIBAAKBgBwDydG/EOPewhzKQpHUR9XVdGL3JZAAymVGGlZvweGuuBEneqYj
+cnigg4a7GccQt4+0qR0CfYnMk0WzqwdrfhY16frMZpeAxSZ8AfbzmdZqsAXQuq02
+PKjToaz18Ss1PvjQ2SRR9RG9oQ6qJ3XqOlpe9N5fnhriNkeixVGDuHQtAoGAGq8E
+x2Csh6cezdqtPy5WiVvUBBTiAGNr1qv8lJZhJAms1HFTlGfFfV9vq+3HJQl8ealT
+Ka559DjhYSulsn6XenPpsbA1Pph+f10tLKBDYIu5JwOilaYQt5dL6X+d2C32kjnx
+phJbWfydw0DvrGSm4+wu7lAJGrrQfOwliVMcfBsCIBVZYC9iSJJ/3Lvse81d4KAb
+p5ooOoDxxW23ogpcHVv/AkBolqQqBt1Fsxzn3ngntfP4969ouCljF1BwLrNbdukJ
+yuMQY/OuIafhS3U6GmPmChrysTJvZIPOyUqUQ6/8LdqfAkBEkk8P1uBqkd69W5Mj
+vh2IBQX1P0JoGpZY+sprur/lLVlR6dfwBE6trhlgGldBaVxceO4hNJtgDRQj98RD
+ZwmzAiAVWWAvYkiSf9y77HvNXeCgG6eaKDqA8cVtt6IKXB1b/wIgFVlgL2JIkn/c
+u+x7zV3goBunmig6gPHFbbeiClwdW/8CQFy081xzAYF20FVTr16Sj8Kxdq/s0Edb
+3rg7LzNb+8ETslCRh20nYHZYE47ANVu68v82SHMljF2mBtwBmA7OHQI=
+-----END RSA PRIVATE KEY-----

2023/crypto/ReallySecureApparently/challenge/owiener.py

@@ -0,0 +1,8 @@
+-----BEGIN RSA PUBLIC KEY-----
+MIIBCAKBgQPVQWe1LALvFgGiY3q0emUfGgZ+c6mNET/QfITxKaJcIGXw3InihAg8
+U2uDnhcqGeKMfqOIAOYgGAwOr9dFYaz88uezNsUTNBQAO7aSltv/X7NagSgfu7ao
+eVYyfPouxnPLlFY0v93UAe+2rrDR2c2bVxVLRed0B8aHGtaYH2BNtQKBgQCLyTEo
+NndMpuOU9pCrO9N52QuLsHDTR0358Sn4oYSrnSUDkP89yUcj9QOIQFWk3m/ovyGx
+HDWSKTJ3yT3913xqNr46OBkTW/o16jLekXN4z1Uf+DOAgMpBq5GMGXRz88dpemP/
+Q98f/ueYMwsU93EEahYiEv9JkD5GBrNXij/7+w==
+-----END RSA PUBLIC KEY-----

2023/crypto/ReallySecureApparently/challenge/private_key.pem

@@ -0,0 +1,22 @@
+[COMMUNITY WRITEUP](https://meashiri.github.io/ctf-writeups/posts/202311-1337up/#really-secure-apparently)
+
+#### solve.py
+
+```py
+import owiener
+import binascii
+
+e = 98161001623245946455371459972270637048947096740867123960987426843075734419854169415217693040603943985614577854750928453684840929755254248201161248375350238628917413291201125030514500977409961838501076015838508082749034318410808298025858181711613372870289482890074072555265382600388541381732534018133370862587
+n = 689061037339483636851744871564868379980061151991904073814057216873412583484720768694905841053416938972235588548525570270575285633894975913717130070544407480547826227398039831409929129742007101671851757453656032161443946817685708282221883187089692065998793742064551244403369599965441075497085384181772038720949
+
+# Load the ciphertext as an integer from a binary file (adjust the file path accordingly)
+with open('ciphertext', 'rb') as f:
+    ciphertext_int = int.from_bytes(f.read(), byteorder='big')
+
+# Use the Wiener's Attack to recover the private exponent (d)
+d = owiener.attack(e, n)
+
+# Decrypt the ciphertext and convert it to plaintext
+flag = pow(ciphertext_int, d, n).to_bytes((ciphertext_int.bit_length() + 7) // 8, byteorder='big')
+print(f"Flag: {flag}")
+```

2023/crypto/ReallySecureApparently/challenge/public_key.pem

@@ -0,0 +1,23 @@
+# Title
+
+Share It (part 1)
+
+# Category
+
+🔐 Crypto
+
+# Author
+
+holmesec
+
+# Difficulty
+
+Easy
+
+# Description
+
+Check out my new cool platform for sharing your thoughts. I used my 1337 crypto skills to craft session tokens 🔐
+
+# Flag
+
+`INTIGRITI{1v_1ike_t0_fl1p_bit5}`

2023/crypto/ReallySecureApparently/solution/README.md

@@ -0,0 +1,19 @@
+[COMMUNITY WRITEUP](https://github.com/Franc-Zar/CTFsWriteups/blob/main/1337-Intigriti-CTF/crypto/share-it-part-1/share_it.md)
+
+#### solve.py
+
+```py
+import base64
+from pwn import xor
+import json
+
+token = json.loads(base64.b64decode(input("Paste token: ")))
+iv = base64.b64decode(token['iv'])
+
+new_iv = xor(xor(b'{"admin": false,', b'{"admin": true, '), iv)
+
+token['iv'] = base64.b64encode(new_iv).decode()
+
+print('New token with modified IV:', base64.b64encode(
+    json.dumps(token).encode()).decode())
+```

2023/crypto/ShareIt1/README.md

@@ -0,0 +1,23 @@
+# Title
+
+Share It (part 2)
+
+# Category
+
+🔐 Crypto
+
+# Author
+
+holmesec
+
+# Difficulty
+
+Medium
+
+# Description
+
+I heard some people were able to tamper with the IV, so I removed it from the cookie. I even did some debug testing and discovered that even if the IV could be modified it is not enough to set the admin attribute of the new tokens!
+
+# Flag
+
+`INTIGRITI{b10ck_by_3lock}`

2023/crypto/ShareIt1/shareit1.zip

@@ -0,0 +1,79 @@
+[COMMUNITY WRITEUP](https://github.com/Franc-Zar/CTFsWriteups/blob/main/1337-Intigriti-CTF/crypto/share-it-part-2/share_it.md)
+
+#### solve.py
+
+```py
+import requests
+import base64
+import json
+from pwn import xor
+import binascii
+
+host = 'http://localhost:1337'
+
+orig_pt = b'{"username": "012", "first_name": "345", "last_name": "6789abc", "admin": false}'
+
+r = requests.post(f'{host}/register', data={"username": "bla",
+                                            "first_name": "lel", "last_name": "hihi123"}, allow_redirects=False)
+
+token = json.loads(base64.b64decode(r.cookies['token']))
+c = base64.b64decode(token['user_dict'])
+
+# extra space since "true" is one char less than "false"
+c_new_bytes = xor(xor(orig_pt[-16:], b' "admin": true }'), c[-16*3:-16*2])
+c_new = c[:-16*3] + c_new_bytes + c[-16*2:]
+token['user_dict'] = base64.b64encode(c_new).decode()
+
+token_cookie = base64.b64encode(json.dumps(
+    token).encode()).decode()
+r = requests.get(f'{host}', cookies={'token': token_cookie})
+
+mod_pt = r.text[16:-1].encode().decode(
+    'unicode_escape').encode('raw_unicode_escape')
+
+c_new_bytes = xor(
+    xor(mod_pt[-16*2:-16*1], orig_pt[-16*2:-16*1]), c_new[-16*4:-16*3])
+c_new = c_new[:-16*4] + c_new_bytes + c_new[-16*3:]
+token['user_dict'] = base64.b64encode(c_new).decode()
+
+token_cookie = base64.b64encode(json.dumps(
+    token).encode()).decode()
+r = requests.get(f'{host}', cookies={'token': token_cookie})
+
+mod_pt = r.text[16:-1].encode().decode(
+    'unicode_escape').encode('raw_unicode_escape')
+
+c_new_bytes = xor(
+    xor(mod_pt[-16*3:-16*2], orig_pt[-16*3:-16*2]), c_new[-16*5:-16*4])
+c_new = c_new[:-16*5] + c_new_bytes + c_new[-16*4:]
+token['user_dict'] = base64.b64encode(c_new).decode()
+
+token_cookie = base64.b64encode(json.dumps(
+    token).encode()).decode()
+r = requests.get(f'{host}', cookies={'token': token_cookie})
+
+mod_pt = r.text[16:-1].encode().decode(
+    'unicode_escape').encode('raw_unicode_escape')
+
+c_new_bytes = xor(
+    xor(mod_pt[-16*4:-16*3], orig_pt[-16*4:-16*3]), c_new[-16*6:-16*5])
+c_new = c_new[:-16*6] + c_new_bytes + c_new[-16*5:]
+token['user_dict'] = base64.b64encode(c_new).decode()
+
+
+print("Calculating IV...")
+
+token_cookie = base64.b64encode(json.dumps(
+    token).encode()).decode()
+r = requests.get(f'{host}?debug_iv={"0"*32}', cookies={'token': token_cookie})
+
+mod_pt = r.text[16:-1].encode().decode(
+    'unicode_escape').encode('raw_unicode_escape')
+
+target = b'{"username":"AAA'
+
+iv = xor(mod_pt[:16], target)
+
+print("token:", token_cookie)
+print("IV:", binascii.hexlify(iv))
+```

2023/crypto/ShareIt1/solution/README.md

@@ -1 +1,43 @@
 [FULL OFFICIAL WRITEUP](https://github.com/D13David/ctf-writeups/tree/main/1337uplive/pwn/retro_as_as_service)
+
+#### solve.py
+
+```py
+from pwn import *
+
+def start(argv=[], *a, **kw):
+    if args.GDB:
+        return gdb.debug([exe] + argv, gdbscript=gdbscript, *a, **kw)
+    elif args.REMOTE:
+        return remote(sys.argv[1], sys.argv[2], *a, **kw)
+    else:
+        return process([exe] + argv, *a, **kw)
+
+gdbscript = '''
+'''.format(**locals())
+
+exe = './runtime'
+exe_args = ['payload.prg']
+elf = context.binary = ELF(exe, checksec=False)
+context.log_level = 'info'
+context(terminal=['tmux', 'split-window', '-h'])
+
+def file_to_hex(filename):
+    try:
+        with open(filename, 'rb') as file:
+            file_data = file.read()
+            hex_data = file_data.hex()
+            return hex_data
+    except FileNotFoundError:
+        print(f"File '{filename}' not found.")
+
+REMOTE = True
+
+if REMOTE == False:
+    io = start(exe_args)
+else:
+    io = start()
+    hex_data = file_to_hex("payload.prg")
+    io.sendline(hex_data.encode())
+    print(io.recvall())
+```