Hackit2017-Cypherpunk’s nightmare-writeup

Hackit2017-Cypherpunk’s nightmare-writeup
LUKS aeskeyfind

Task

Description: Our officers just have made cold boot attack on the suspect's computer. Your role is to recover the content of this encrypted hard drive.
Attachment: (none)
Webpage: https://mega.nz/#!VdRAkaKT!xP7s74jwnlGmR2spg9RNaKFf5GmCGAv-pxW8aPZNkOw
Hint: (none)

Solution

题目提供了一个压缩包，解压缩后得到三个文件：

encrypted.dd
memdump.elf.gz  
__MACOSX

先看看第一个文件：

可以看到这是一个LUKS加密文件，要解密需要提供密码。结合题目的另外一个文件memdump.elf.gz，我们可以利用工具aeskeyfind来提取藏在内存中的aeskey。

可以通过下面的命令安装：

apt-get install aeskeyfind

将memdump.elf.gz压缩包解压后得到data文件，运行aeskeyfind：

aeskeyfind -v data

结果如下：

FOUND POSSIBLE 128-BIT KEY AT BYTE bf16da0

KEY: 9e90126c33c85d9a6913e649301b5dcf

EXTENDED KEY:
9e90126c33c85d9a6913e649301b5dcf
30dc98680314c5f26a0723bb5a1c7e74
ae2f0ad6ad3bcf24c73cec9f9d2092eb
1d60e388b05b2cac7767c033ea4752d8
b560820f053baea3725c6e90981b3c48
0a8bd0490fb07eea7dec107ae5f72c32
42faf3904d4a8d7a30a69d00d551b132
d332d0939e785de9aedec0e97b8f71db
209169b2bee9345b1037f4b26bb88569
570690cde9efa496f9d850249260d54d
b105738258ead714a13287303352527d

CONSTRAINTS ON ROWS:
00000004000000000000000000000000
000000be000000000000000000000000
0000005e000000000000000000000000
00000087000000000000000000000000
00000046000000000000000000000000
000000d9000000000000000000000000
00000003000000000000000000000000
00000021000000000000000000000000
0000007f000000000000000000000000
0000004f000000000000000000000000

FOUND POSSIBLE 128-BIT KEY AT BYTE bf16fa0

KEY: 683c5a4bf8f1cedf5b649c482e48e639

EXTENDED KEY:
683c5a4bf8f1cedf5b649c482e48e639
3bb2487ac34386a598271aedb66ffcd4
9102003452418691ca669c7c7c0960a8
94d2c224c69344b50cf5d8c970fcb861
2cbe2d75ea2d69c0e6d8b10996240968
0abf68e5e0920125064ab02c906eb944
b5e97385557b72a05331c28cc35f7bc8
3ac89bab6fb3e90b3c822b87ffdd504f
7b9b1fbd1428f6b628aadd31d7778d7e
95c6ecb381ee1a05a944c7347e334a4a
60103a40e1fe204548bae7713689ad3b

CONSTRAINTS ON ROWS:
00000031000000000000000000000000
0000004e000000000000000000000000
00000010000000000000000000000000
00000051000000000000000000000000
00000090000000000000000000000000
00000060000000000000000000000000
0000002e000000000000000000000000
00000016000000000000000000000000
0000000e000000000000000000000000
000000f3000000000000000000000000

Keyfind progress: 100%

重点是得到了两个KEY:

KEY: 9e90126c33c85d9a6913e649301b5dcf
KEY: 683c5a4bf8f1cedf5b649c482e48e639

先拿一个key试试：

echo "9e90126c33c85d9a6913e649301b5dcf" | xxd -r -p > Safe.key

尝试解密：

cryptsetup luksOpen --master-key-file Safe.key encrypted.dd safe-home

但是提示出错：

无法从密钥文件 Safe.key 读取 32 字节。

我们看看Safe.key是怎样的；

发现只有十六个字节。

结合有两个key，我们把两个合起来试试：

root@chybeta:~/Desktop/nightmare# echo "9e90126c33c85d9a6913e649301b5dcf683c5a4bf8f1cedf5b649c482e48e639" | xxd -r -p > Safe.key
root@chybeta:~/Desktop/nightmare# cryptsetup luksOpen --master-key-file Safe.key encrypted.dd safe-home
卷密钥与卷不匹配。
root@chybeta:~/Desktop/nightmare# echo "683c5a4bf8f1cedf5b649c482e48e6399e90126c33c85d9a6913e649301b5dcf" | xxd -r -p > Safe.key
root@chybeta:~/Desktop/nightmare# cryptsetup luksOpen --master-key-file Safe.key encrypted.dd safe-home

然后在kali系统中可以发现已经可以直接打开卷宗。

得到flag：

h4ck1t{Not_paranoid_enough}

也可以通过挂载来实现

root@chybeta:~/Desktop/nightmare# ls -l /dev/mapper/
总用量 0
crw------- 1 root root 10, 236 8月  25 05:25 control
lrwxrwxrwx 1 root root       7 8月  25 05:26 safe-home -> ../dm-0
root@chybeta:~/Desktop/nightmare# mkdir /mnt/safe-home
root@chybeta:~/Desktop/nightmare# mount /dev/mapper/safe-home /mnt/safe-home/
root@chybeta:~/Desktop/nightmare# cd /mnt/safe-home/
root@chybeta:/mnt/safe-home# ls
flag.txt  Melkor_ELF_fuzzer
root@chybeta:/mnt/safe-home# cat flag.txt
h4ck1t{Not_paranoid_enough}