Wonky AES

hackthebox

Task: AES-128-ECB network service (tiny-AES-c) injects a single random-byte fault into the state at round 9 before MixColumns and leaks both correct and faulty ciphertext. Solution: Piret-Quisquater Differential Fault Analysis recovers the round-10 key from ~600 (C, C*) pairs via per-group candidate intersection, then the AES key schedule is inverted to the master key and the flag ciphertext is ECB-decrypted.

side_channel aes ecb dfa fault_injection tiny_aes key_schedule

differential_fault_analysispiret_quisquaterkey_schedule_inversioncandidate_set_intersection

$ ls tags/ techniques/

side_channel aes ecb dfa fault_injection tiny_aes key_schedule

differential_fault_analysispiret_quisquaterkey_schedule_inversioncandidate_set_intersection

Analysis

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.

$ python3 exploit.py --target 192.168.1.1 --port 8080
[*] Connecting to target...
[+] Shell obtained!

Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

Permission denied (requires tier.pro)

Sign in to access full writeups

$sign in

$ grep --similar

Similar writeups

[crypto][free]AliEnS Challenge Scenario— HackTheBox
[crypto][free]Twisted Entanglement— HackTheBox
[crypto][Pro]Beatboxer— cryptohack
[crypto][free]MadMath— hackthebox
[crypto][Pro]Forbidden Fruit— cryptohack