diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..c139e44 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,3 @@ +*.png filter=lfs diff=lfs merge=lfs -text +*.jpg filter=lfs diff=lfs merge=lfs -text +*.jpeg filter=lfs diff=lfs merge=lfs -text diff --git a/posts/xfactor2/images/HOLD UP, SOMETHING AINT RIGHT.png b/posts/xfactor2/images/HOLD UP, SOMETHING AINT RIGHT.png new file mode 100644 index 0000000..dd4d628 --- /dev/null +++ b/posts/xfactor2/images/HOLD UP, SOMETHING AINT RIGHT.png @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:a39afdebd550306344ce218464e1a6b0901d8ad0d074d272451a3901561394d6 +size 136517 diff --git a/posts/xfactor2/images/Me when I absolutely HACK my way into the Hypersecret company.png b/posts/xfactor2/images/Me when I absolutely HACK my way into the Hypersecret company.png new file mode 100644 index 0000000..3679e28 --- /dev/null +++ b/posts/xfactor2/images/Me when I absolutely HACK my way into the Hypersecret company.png @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:21a5b2c8c290387d72b545f02794e5f82797dda285fdc69c7cb49927bb85eaf8 +size 131706 diff --git a/posts/xfactor2/images/Rare picture of Cesar the GOAT making this first blood possible.png b/posts/xfactor2/images/Rare picture of Cesar the GOAT making this first blood possible.png new file mode 100644 index 0000000..9d4c030 --- /dev/null +++ b/posts/xfactor2/images/Rare picture of Cesar the GOAT making this first blood possible.png @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:a85869a8d3168fb98dfa84834927faca647988ef38838a7e50de00a6e0db1d8d +size 1082307 diff --git a/posts/xfactor2/images/fail.png b/posts/xfactor2/images/fail.png new file mode 100644 index 0000000..78f8ebe --- /dev/null +++ b/posts/xfactor2/images/fail.png @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:3154026b334d1f5cc8786764fd5e126bfdfb5933a760d1cbff5d0acaac728593 +size 67201 diff --git a/posts/xfactor2/images/hahayes.png b/posts/xfactor2/images/hahayes.png new file mode 100644 index 0000000..1a89379 --- /dev/null +++ b/posts/xfactor2/images/hahayes.png @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:f0e4091410415c1176e57fb0aeecc195e52e90d59b4ffdee45be82543b28f9ff +size 667691 diff --git a/posts/xfactor2/images/itsalive.png b/posts/xfactor2/images/itsalive.png new file mode 100644 index 0000000..9b0c609 --- /dev/null +++ b/posts/xfactor2/images/itsalive.png @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:0dfe15f57e7b07a40f729dd5ea51ff2ccc16e5697c800af95ecc825e82f75846 +size 55616 diff --git a/posts/xfactor2/images/packet-building.png b/posts/xfactor2/images/packet-building.png new file mode 100644 index 0000000..982b357 --- /dev/null +++ b/posts/xfactor2/images/packet-building.png @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:9dd691bfba2a01fb6d43b78c5cfaf5472337b077bcd296a8eebfd5717f79957e +size 267531 diff --git a/posts/xfactor2/images/requests.png b/posts/xfactor2/images/requests.png new file mode 100644 index 0000000..42ed875 --- /dev/null +++ b/posts/xfactor2/images/requests.png @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:b281c101fa6daca499038900c7164107a4b2516948f7386fa4d430e56a5ec94f +size 43267 diff --git a/posts/xfactor2/images/responses.png b/posts/xfactor2/images/responses.png new file mode 100644 index 0000000..1c272c2 --- /dev/null +++ b/posts/xfactor2/images/responses.png @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:4239d1e7b8248059bcbbc10414b0505f718a9c5d8a588e99df64ec8d10579e24 +size 32379 diff --git a/posts/xfactor2/images/thatsallfolks.png b/posts/xfactor2/images/thatsallfolks.png new file mode 100644 index 0000000..ae86eb5 --- /dev/null +++ b/posts/xfactor2/images/thatsallfolks.png @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:17929be292f5117e5532dc30f0175a8d25bf78a014c36116357ae9e3cc3a01bb +size 347514 diff --git a/posts/xfactor2/images/win.png b/posts/xfactor2/images/win.png new file mode 100644 index 0000000..fc66c6f --- /dev/null +++ b/posts/xfactor2/images/win.png @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:4519386d86a9a1fd7a0ded157c92d04dff15324f261a5ad0ed28fcfa1386ba55 +size 96085 diff --git a/posts/xfactor2/images/wireshark-1.png b/posts/xfactor2/images/wireshark-1.png new file mode 100644 index 0000000..bdf3e8a --- /dev/null +++ b/posts/xfactor2/images/wireshark-1.png @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:3e05321b28186d01fc27d0fcc1ad804cf4f062b532edb8933000615a4b2a8645 +size 197597 diff --git a/posts/xfactor2/images/wireshark-2.png b/posts/xfactor2/images/wireshark-2.png new file mode 100644 index 0000000..7d36cfe --- /dev/null +++ b/posts/xfactor2/images/wireshark-2.png @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:93d6f933989dd5962528fddfa69fe4e81485f54c84462a127273c5d9c0d43320 +size 264424 diff --git a/posts/xfactor2/index.md b/posts/xfactor2/index.md index b65867d..2222241 100644 --- a/posts/xfactor2/index.md +++ b/posts/xfactor2/index.md @@ -6,20 +6,20 @@ tags: ["writeup", "FCSC2022", "hardware"] --- ## Quick recap -Great ! We've finally HACKED the first part of the user logon in Xfactor1/2 and we're now facing a 2FA form. +Great! We've finally HACKED the first part of the user logon in Xfactor1/2 and we're now facing a 2FA form.
- +
Me when I absolutely HACK my way into the Hypersecret company
-## Let's get started ! +## Let's get started! The FCSC team gave us a pcap file, let's see what's inside. -![img](https://notes.alxczl.fr/uploads/3d47d9b47a6ee236850150200.png) +![img](./images/wireshark-1.png)
- +
@@ -40,14 +40,14 @@ wget https://gist.github.com/woodrow/cb1496975e131e37d5dd716127a250a4 ``` Then either restart Wireshark or just press **Ctrl+Caps+L** to reload your Lua plugins, then right-click one of the _URB_INTERRUPT_ packets, click on _Decode as_, then, under the _Current_ column, select _CTAPHID_. -There we go ! Much better (right ?!?!?) +There we go! Much better (right?!?!?) -![img](https://notes.alxczl.fr/uploads/3d47d9b47a6ee236850150202.png) +![img](./images/wireshark-2.png) -You might notice a few differences if you actually use the aforementionned dissector and that's normal; I patched it to show a bit more information, I'll post it on [my gitea](https://gitea.alxczl.fr) after the FCSC2022 ends ! -EDIT: [Here](https://gitea.alxczl.fr/alexandre/wireshark-ctaphid-dissector) it is +You might notice a few differences if you actually use the aforementionned dissector and that's normal; I patched it to show a bit more information, I'll post it on [my gitlab](https://gitlab.alxczl.fr) after the FCSC2022 ends! +EDIT: [Here](https://gitlab.alxczl.fr/alexandre/wireshark-ctaphid-dissector) it is -### CTAP...HID ? What does that mean ?!?!?!?! +### CTAP...HID? What does that mean?!?!?!?! _CTAP_ means **C**lient **T**o **A**uthenticator **P**rotocol and _HID_ means **H**uman **I**nterface **D**evice (quick note: your keyboard and your mouse are HIDs, more infos about that [here](https://www.usb.org/hid)). _CTAP_ is a part of the FIDO2 project and there are 2 different version of CTAP right now : - CTAP1/U2F: This is the one that will be used in the challenge @@ -57,9 +57,9 @@ If you want more informations about CTAP and such, please click [here](https://f ## Packet buildin' Thanks to the dissector, I can now at least see the U2F conversations. -![img](https://notes.alxczl.fr/uploads/3d47d9b47a6ee236850150203.png) +![img](packet-building.png) -That sure is a lot of _CTAPHID Initialization_ and _CTAPHID Continuation_ packets ! +That sure is a lot of _CTAPHID Initialization_ and _CTAPHID Continuation_ packets! Judging from what's being said [here](https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-client-to-authenticator-protocol-v2.0-id-20180227.html#usb-message-and-packet-structure), an _CTAPHID Initialization packet_ comes first and one or more _CTAPHID Continuation packets_ follow to complete the payload. ## U2F Requests and Reponses @@ -67,7 +67,7 @@ Judging from what's being said [here](https://fidoalliance.org/specs/fido-v2.0-i ### Requests Thanks to my best friend (the new dissector), Wireshark now shows the content of the U2F messages, so here's an example of an U2F request: -![img](https://notes.alxczl.fr/uploads/3d47d9b47a6ee236850150205.png) +![img](./images/requests.png) As you can see right there, a request contains these elements: - **CLA**: 1 byte, reserved for the transport protocol (if applicable), set to zero by the host. @@ -83,7 +83,7 @@ Using *Short encoding* would make them fit on 1 byte, but that would reduce the ### Responses Here's a response (that contains data, and that is not always the case): -![img](https://notes.alxczl.fr/uploads/3d47d9b47a6ee236850150207.png) +![img](responses.png) As you can see, a responses are a bit simpler: - **Response data**: **LE** bytes if specified, n bytes if not @@ -94,8 +94,8 @@ As you can see, a responses are a bit simpler: We'll just care about **SW_NO_ERROR (0x9000)** and **SW_CONDITIONS_NOT_SATISFIED (0x6985)**, as they are these are the only status code that appear in this challenge.
- -
That's all folks !
+ +
That's all folks!
@@ -121,7 +121,7 @@ To be honest, I only care about the control byte here, and I've only seen two sp As always, you can get more info here: https://fidoalliance.org/specs/fido-u2f-v1.2-ps-20170411/fido-u2f-raw-message-formats-v1.2-ps-20170411.html#u2f-message-framing -## Ok but what do I do with this ??? +## Ok but what do I do with this??? Ok sorry I may have gone a bit too far with this U2F mess, and you're right: reading specs and RFCs is great but it won't make the flag pop out of the capture. Let's login on https://x-factor.france-cybersecurity-challenge.fr/login, right click and inspect the **Check Token** button: it's just a link that launches the **beginAuthen** function with a parameter that never changes! @@ -144,7 +144,7 @@ function beginAuthen(keyHandle) { } ``` -By opening the network inspector of my browser's developper tools, I'll inspect the requests/responses sent to https://x-factor.france-cybersecurity-challenge.fr/beginAuthen. +By opening the network inspector of my browser's developer tools, I'll inspect the requests/responses sent to https://x-factor.france-cybersecurity-challenge.fr/beginAuthen. Here's what I've got: ```json @@ -171,30 +171,30 @@ Here's what I've got: ```
- +
HOLD UP, SOMETHING AINT RIGHT
-Only 3 different challenges ? But I sent at least 12 requests just to make sure... +Only 3 different challenges? But I sent at least 12 requests just to make sure... Alright, let's try replaying the responses from the capture then! ## The fun part I had almost drained of Google's resources, my determination was beginning to falter and I thought that the only way to get this flag was to code an U2F emulator from scratch... -But I found the light; my savior, Cesar aka MattGorko, appeared on my last googling attempt with his Github repo. +But I found the light; my saviour, César aka MattGorko, appeared on my last googling attempt with his Github repo.

I present to you, U2F-Emulated.

- +
Rare picture of Cesar the GOAT making this first blood possible
### Let's patch this thing Having an emulator is great an all, but it won't help much without some modifications. -We first need to go back to the pcap and retrieve the values contained in the **SW_NO_ERROR** reponses. +We first need to go back to the pcap and retrieve the values contained in the **SW_NO_ERROR** responses. Here is the array of responses (with its associated array of response lengths) that made me get the flag: ```c @@ -359,12 +359,12 @@ sudo ./u2f-emu-usb And it now waits indefinitely for requests.
- +
## FLAGGITTY FLAG FLAG Launch the frankenmulator, hop on the website, login, click on **Check Token** and -![img](https://notes.alxczl.fr/uploads/3d47d9b47a6ee23685015020d.png) +![img](./images/fail.png)

Bruh moment

@@ -373,13 +373,13 @@ Woopsie, sorry but this solution needs you to repeat these instructions until yo I know I know, this isn't very fancy, but it works. I think that it might be able to optimise this solution even further by inspecting the requests and responding with the correct answer (that actually was the next step if this didn't work). Anyway, after a few tries, the screen looks a bit different: -![img](https://notes.alxczl.fr/uploads/3d47d9b47a6ee23685015020c.png) +![img](./images/win.png) -YAY ! Now onto the next challenge ! (Oh and don't forget to kill the frankenmulator if you don't want it to eat all your U2F challenges :wink:) +YAY! Now onto the next challenge! (Oh and don't forget to kill the frankenmulator if you don't want it to eat all your U2F challenges :wink:) ## Useful links -- Structures paquets CTAP1/U2F : https://doc.riot-os.org/structctap__hid__pkt__t.html -- Infos sur FIDO : https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-client-to-authenticator-protocol-v2.0-id-20180227.html -- MSG command : https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-client-to-authenticator-protocol-v2.0-id-20180227.html#usb-hid-msg +- CTAP1/U2F packets structure: https://doc.riot-os.org/structctap__hid__pkt__t.html +- FIDO infos: https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-client-to-authenticator-protocol-v2.0-id-20180227.html +- MSG command: https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-client-to-authenticator-protocol-v2.0-id-20180227.html#usb-hid-msg - WINK command (blinks the LED): https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-client-to-authenticator-protocol-v2.0-id-20180227.html -- AUTHENTICATE MSG : https://fidoalliance.org/specs/fido-u2f-v1.2-ps-20170411/fido-u2f-raw-message-formats-v1.2-ps-20170411.html#introduction +- AUTHENTICATE MSG: https://fidoalliance.org/specs/fido-u2f-v1.2-ps-20170411/fido-u2f-raw-message-formats-v1.2-ps-20170411.html#introduction