Skip to main content

Day 4: Upgraded

challenge description
The elves have learned from their mistakes, and are now using military grade encryption
to protect their secrets! But they've made a critical error...

Military Grade Encryption

Well... looking into Ghidra, we see they are not lying...

They are using AES-256-CBC, one of the most trusted and secure block cipher.

However, when attempted to encrypt the same string twice, the output is the same...?

Same hex string

This can only mean the key and IV are hardcoded! Such a critical mistake. Using GDB, we can retrieve the values just before encryption passed into the function as RCX and RDX. The key is 32 bytes and IV is 16 bytes as per AES-256 standards.

Using CyberChef, we can pass in the key and IV to get the output. (Remember to use little endian!)

CyberChef

Flag

HTB{h4rdc0d1ng_k3ys?r00k13_m15t4k3!}