cryptoPromedium

Export-grade

cryptohack

Task: MITM a DH cipher-suite negotiation (socket.cryptohack.org 13379) where Alice offers groups from DH1536 down to DH64, then passively observe. Solution: rewrite the negotiation so Bob accepts the weakest group DH64 (a 64-bit prime), passively capture p, g, A, B, solve the 64-bit discrete log a=dlog_g(A) with sympy discrete_log / Pohlig-Hellman, compute shared=B^a mod p, derive key=sha1(str(shared))[:16] and AES-CBC decrypt the flag — a Logjam-style downgrade.

aes_cbc discrete_log interactive mitm diffie_hellman pohlig_hellman downgrade_attack logjam small_prime

pohlig_hellmancipher_suite_downgrademitm_negotiation_rewritesmall_dlp

$ ls tags/ techniques/

aes_cbc discrete_log interactive mitm diffie_hellman pohlig_hellman downgrade_attack logjam small_prime

pohlig_hellmancipher_suite_downgrademitm_negotiation_rewritesmall_dlp

Analysis

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.

$ python3 exploit.py --target 192.168.1.1 --port 8080
[*] Connecting to target...
[+] Shell obtained!

Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

Permission denied (requires tier.pro)

Sign in to access full writeups

$sign in

$ cat writeup.md…

Sign in to access full writeups

Sign in to access full writeups

Similar writeups