Saturday, November 9, 2013

RWTH CTF : Smartgrid writeup

RWTH CTF 2013 had an interesting python service by the name of Smartgrid that had an admin interface challenge-response based authentication set up as follows :

Looking at the details of the key we see that it has a very low public exponent of 3. The message length is also small(1024 bits, 128 bytes) -- and there is no padding. Hence, we could try adding in different multiples of N, take a cuberoot and check if its the message(by taking a cube again and checking against the ciphertext).

Something like this :

After this we could issue "readstatus" requests that would get us flags.