Quartz sync: Oct 1, 2024, 9:57 PM

Author: Tan-JunWei

content/Assets/PicoCTF like1000 2.png

@@ -1,5 +1,5 @@
 ---
-modified: 2024-09-25T22:27:30+08:00
+modified: 2024-10-01T20:51:41+08:00
 ---
 ### Introduction 
 **Base64 encoding** is a format designed to prevent communication “mishaps” during the transfer of binary information. It achieves this through the conversion of binary data and a “lookup table” — data is eventually made in a stream of _ASCII_ characters, which can then be transmitted and decoded. On base 64 encoded data, the resultant string is always larger than the original (i.e. this is _not_ a compression algorithm). Another important distinction is that base 64 _does not_ encrypt any information — it uses a “standard” table of characters to encode and decode information. In other words, any base-64 string can be decoded, as long as the string was encoded using a standard set of characters (which the decoder can also understand). (_What Is Base64 Encoding & Decoding?_, n.d.)

content/Assets/PicoCTF like1000 3.png

@@ -8,7 +8,7 @@ Creation Date:
 Last Date: 
 References: 
 draft: 
-modified: 2024-09-25T22:28:02+08:00
+modified: 2024-10-01T20:51:41+08:00
 ---
 ## Challenge Description
 

content/Assets/PicoCTF like1000 4.png

@@ -0,0 +1,79 @@
+---
+tags:
+  - Forensics
+  - medium
+  - tar
+  - Python
+Creation Date: 
+Last Date: 
+References: 
+draft: 
+modified: 2024-10-01T21:57:27+08:00
+---
+## Challenge Description
+
+![[PicoCTF like1000.png]]
+
+The challenge description implies that we will probably have to extract the contents of the provided `tar` file repeatedly until we finally find a flag. Let's explore.
+
+### Understanding the challenge
+![[PicoCTF like1000 2.png]]
+
+We first download the provided `tar` file by running `wget <link>`. The downloaded file is named `1000.tar`. To extract tar files, I usually run the following command:
+
+```bash
+tar -xvf < file-name >
+```
+
+-  `-x` : Extracts files from a tar archive
+-  `-v` : Verbosely list files processed
+-  `-f` : Specifies archive file
+
+After running `tar -xvf 1000.tar`, we can see that 2 files have been created (`999.tar` and `filler.txt`).
+
+I thought that `filler.txt` may contain something useful or suspicious, but this was the contents in this file:
+
+```
+alkfdslkjf;lkjfdsa;lkjfdsa
+```
+
+It seems like there is nothing of interest currently. I proceeded to run the same command on `999.tar`, and received a similar output, in this case `998.tar`. I tried to `cat` the contents of `filler.txt` again, and the same gibberish was displayed.
+
+However, since another `tar` file was created this time as well, it seemed like the solution to this challenge is to continue extracting the files again and again, one after the other.
+
+>[!faq] PicoCTF Hint: Try and script this, it'll save you a lot of time
+
+### Attempting to solve
+To do this, I made the following Python script:
+
+>[!abstract] Python script 
+>
+>```python
+>import tarfile
+>
+>def is_safe_tar(member, path):
+>    return member 
+>
+>for i in range(998, 0, -1):
+>    # Extract file
+>    with tarfile.open(f'{i}.tar', 'r') as tar:
+>        tar.extractall(path='.', filter=is_safe_tar)
+>```
+>
+>>[!faq] Note
+>>
+>>The reason why is_safe_tar function was required is because there will be an error message displayed if a filter is not specified. This is aimed at preventing unsafe files from being extracted.
+
+
+
+![[PicoCTF like1000 3.png]]
+
+Running the script recursively extracts the existing `tar` files in the directory we are in. Running `ls` after successful execution of the script reveals that a file named `flag.png` created in this directory.
+
+![[PicoCTF like1000 4.png]]
+
+Opening this image file awards us with the flag for this challenge.
+
+
+> [!NOTE] Flag
+>picoCTF{l0t5_0f_TAR5}

content/Assets/PicoCTF like1000.png

@@ -1,6 +1,6 @@
 ---
 title: CTF Writeups
-modified: 2024-09-21T22:11:13+08:00
+modified: 2024-10-01T20:51:41+08:00
 ---
 
 ![[banner.jpg]]

content/Knowledge/Base64.md

@@ -1,85 +1,9 @@
-from random import randint
-import sys
-
-
-def generator(g, x, p):
-    return pow(g, x) % p
-
-
-def encrypt(plaintext, key):
-    cipher = []
-    for char in plaintext:
-        cipher.append(((ord(char) * key*311)))
-    return cipher
-
-
-def is_prime(p):
-    v = 0
-    for i in range(2, p + 1):
-        if p % i == 0:
-            v = v + 1
-    if v > 1:
-        return False
-    else:
-        return True
-
-
-def dynamic_xor_encrypt(plaintext, text_key):
-    cipher_text = ""
-    key_length = len(text_key)
-    for i, char in enumerate(plaintext[::-1]):
-        key_char = text_key[i % key_length]
-        encrypted_char = chr(ord(char) ^ ord(key_char))
-        cipher_text += encrypted_char
-    return cipher_text
-
-
-def test(plain_text, text_key):
-    p = 97
-    g = 31
-    if not is_prime(p) and not is_prime(g):
-        print("Enter prime numbers")
-        return
-    a = randint(p-10, p)
-    b = randint(g-10, g)
-    print(f"a = {a}")
-    print(f"b = {b}")
-    u = generator(g, a, p)
-    v = generator(g, b, p)
-    key = generator(v, a, p)
-    b_key = generator(u, b, p)
-    shared_key = None
-    if key == b_key:
-        shared_key = key
-    else:
-        print("Invalid key")
-        return
-    semi_cipher = dynamic_xor_encrypt(plain_text, text_key)
-    cipher = encrypt(semi_cipher, shared_key)
-    print(f'cipher is: {cipher}')
-
-
-def decrypt(cipher, key):
-    plain_text = ""
-    for char in cipher:
-        plain_text += chr(char // key // 311)
-    return plain_text
-
-
-def dynamic_xor_decrypt(cipher_text, text_key):
-    return dynamic_xor_encrypt(cipher_text, text_key)
-
-
-def test_decrypt(cipher, key, text_key):
-    semi_cipher = decrypt(cipher, key)
-    plain_text = dynamic_xor_decrypt(semi_cipher, text_key)
-    print(f"plain text is: {plain_text}")
-
-
-if __name__ == "__main__":
-    message = sys.argv[1]
-    test(message, "trudeau")
-
-# number of ciphers is dependent on the length of the message.
+import tarfile
 
+def is_safe_tar(member, path):
+    return member 
 
+for i in range(998, 0, -1):
+    # Decompress the file
+    with tarfile.open(f'{i}.tar', 'r') as tar:
+        tar.extractall(path='.', filter=is_safe_tar)