Google CTF 2023
URL: https://capturetheflag.withgoogle.com/
Team: Kalmarunionen
Place: 4 (of 676)
Crypto: myTLS
I implemented my own mTLS. It supports forward secrecy and it should be faster than yours!
Idea:
- We connect using guest credentials
- Then we do dir traversal to
../../app/server-ecdhkey.pem
- We fill the hmac buffer with known bytes (besides 1 byte) and bruteforce the hash recurrently
- Using this we steal the server private key
- The mTLS logic checks that the CA has signed client-cert (true)
- Ephemeral keys are exchanged
- A shared secret is generated using ECDH between
server_key
(which we stole) andclient_cert
(which we are impersonating) - A shared key is derived using above shared secret and ephemeral values which we know
Challenge files:
Solve script:
Thanks to Polly and the rest of the Kalmarunionen team for working together and solving this and a ton of challenges in Google CTF!
Misc: Totally Not Brute Force
….