Merge in nonce work I did at home

Conflicts: mcp/src/claim.cgi.c mcp/src/common.c mcp/src/in.tokend.c mcp/src/puzzler.cgi.c mcp/src/puzzles.cgi.c mcp/src/xxtea.c mcp/src/xxtea.h
2010-09-23 18:30:40 -06:00 · 2010-09-23 18:30:40 -06:00 · 8e25c9f074
parent 48c6ca0aa2 8d8ea21250
commit 8e25c9f074
15 changed files with 255 additions and 105 deletions
--- a/doc/ideas.txt
+++ b/doc/ideas.txt
@ -1,11 +1,15 @@
 Ideas for puzzles
 =================
 * Hide something in a .docx zip file
-
-
-Network treasure hunt
---------------------
-* DHCP option
-* Single TCP RST with token in payload
-* Multiple TCP RST with different payloads
-* 
+* Bootable image with FreeDOS, Linux, Inferno? HURD?
+  * Bury puzzles in various weird locations within each OS
+  * Maybe put some in the boot loader, too
+  * Perhaps have some sort of network puzzle as well
+* Network treasure hunt
+  * DHCP option
+  * Single TCP RST with token in payload
+  * Multiple TCP RST with different payloads
+* PXE boot some sort of points-gathering client
+  * Init asks for a team hash, and starts awarding points
+  * Broken startup scripts, when fixed award more points
+  * Lots of remote exploits
--- a/mcp/Makefile
+++ b/mcp/Makefile
@ -12,7 +12,7 @@ $(PACKAGE): build
 	cp setup $(PKGDIR)

 	find bin -not -name '*~' | cpio -p $(PKGDIR)
-	cp src/in.tokend src/pointscli $(PKGDIR)/bin
+	cp src/in.tokend src/tokencli src/pointscli $(PKGDIR)/bin

 	find service -not -name '*~' -not -name '#*' | cpio -p $(PKGDIR)

--- a/mcp/src/Makefile
+++ b/mcp/src/Makefile
@ -1,11 +1,14 @@
 CFLAGS = -Wall -Werror
-TARGETS = in.tokend pointscli claim.cgi puzzler.cgi puzzles.cgi
+TARGETS = in.tokend tokencli claim.cgi
+TARGETS += puzzler.cgi puzzles.cgi
+TARGETS += pointscli 

 all: build

 build: $(TARGETS)

-in.tokend: in.tokend.o xxtea.o common.o
+in.tokend: in.tokend.o arc4.o common.o
+tokencli: tokencli.o arc4.o
 pointscli: pointscli.o common.o

 puzzles.cgi: puzzles.cgi.o common.o
--- a/mcp/src/arc4.c
+++ b/mcp/src/arc4.c
@ -0,0 +1,59 @@
+#include <stdint.h>
+#include <stdlib.h>
+#include "arc4.h"
+
+#define swap(a, b) do {int _swap=a; a=b, b=_swap;} while (0)
+
+struct arc4_ctx {
+  uint8_t S[256];
+  uint8_t i;
+  uint8_t j;
+};
+
+void
+arc4_init(struct arc4_ctx *ctx, uint8_t const *key, size_t keylen)
+{
+  int i;
+  int j = 0;
+
+  for (i = 0; i < 256; i += 1) {
+    ctx->S[i] = i;
+  }
+
+  for (i = 0; i < 256; i += 1) {
+    j = (j + ctx->S[i] + key[i % keylen]) % 256;
+    swap(ctx->S[i], ctx->S[j]);
+  }
+  ctx->i = 0;
+  ctx->j = 0;
+}
+
+uint8_t
+arc4_pad(struct arc4_ctx *ctx)
+{
+  ctx->i = (ctx->i + 1) % 256;
+  ctx->j = (ctx->j + ctx->S[ctx->i]) % 256;
+  swap(ctx->S[ctx->i], ctx->S[ctx->j]);
+  return ctx->S[(ctx->S[ctx->i] + ctx->S[ctx->j]) % 256];
+}
+
+void
+arc4_crypt(struct arc4_ctx *ctx,
+           uint8_t *obuf, uint8_t const *ibuf, size_t buflen)
+{
+  size_t k;
+
+  for (k = 0; k < buflen; k += 1) {
+    obuf[k] = ibuf[k] ^ arc4_pad(ctx);
+  }
+}
+
+void
+arc4_crypt_buffer(uint8_t const *key, size_t keylen,
+                  uint8_t *buf, size_t buflen)
+{
+  struct arc4_ctx ctx;
+
+  arc4_init(&ctx, key, keylen);
+  arc4_crypt(&ctx, buf, buf, buflen);
+}
--- a/mcp/src/arc4.h
+++ b/mcp/src/arc4.h
@ -0,0 +1,16 @@
+#ifndef __ARC4_H__
+#define __ARC4_H__
+
+#include <stdint.h>
+#include <stdlib.h>
+
+struct arc4_ctx;
+
+void arc4_init(struct arc4_ctx *ctx, uint8_t const *key, size_t keylen);
+uint8_t arc4_pad(struct arc4_ctx *ctx);
+void arc4_crypt(struct arc4_ctx *ctx,
+                uint8_t *obuf, uint8_t const *ibuf, size_t buflen);
+void arc4_crypt_buffer(uint8_t const *key, size_t keylen,
+                       uint8_t *buf, size_t buflen);
+
+#endif
--- a/mcp/src/claim.cgi.c
+++ b/mcp/src/claim.cgi.c
@ -64,7 +64,7 @@ main(int argc, char *argv[])
    category[i] = '\0';

    {
-      char line[TEAM_MAX + TOKEN_MAX + 1];
+      char line[200];

      my_snprintf(line, sizeof(line),
                  "%s %s", team, token);
--- a/mcp/src/common.c
+++ b/mcp/src/common.c
@ -282,6 +282,29 @@ fgrepx(char const *needle, char const *filename)
  return found;
 }

+int32_t
+my_random()
+{
+  static int urandom = -2;
+  int        len;
+  int32_t    ret;
+
+  if (-2 == urandom) {
+    urandom = open("/dev/urandom", O_RDONLY);
+    srandom(time(NULL) * getpid());
+  }
+  if (-1 == urandom) {
+    return (int32_t)random();
+  }
+
+  len = read(urandom, &ret, sizeof(ret));
+  if (len != sizeof(ret)) {
+    return (int32_t)random();
+  }
+
+  return ret;
+}
+
 int
 my_snprintf(char *buf, size_t buflen, char *fmt, ...)
 {
--- a/mcp/src/common.h
+++ b/mcp/src/common.h
@ -2,6 +2,7 @@
 #define __COMMON_H__

 #include <stddef.h>
+#include <stdint.h>

 #define TEAM_MAX 40
 #define CAT_MAX 40
@ -17,6 +18,7 @@ void cgi_error(char *fmt, ...);


 int fgrepx(char const *needle, char const *filename);
+int32_t my_random();
 int my_snprintf(char *buf, size_t buflen, char *fmt, ...);
 char *state_path(char const *fmt, ...);
 char *package_path(char const *fmt, ...);
--- a/mcp/src/in.tokend.c
+++ b/mcp/src/in.tokend.c
@ -9,8 +9,9 @@
 #include <stddef.h>
 #include <string.h>
 #include <ctype.h>
+#include <sysexits.h>
 #include "common.h"
-#include "xxtea.h"
+#include "arc4.h"

 #define itokenlen 3

@ -69,21 +70,19 @@ bubblebabble(char *out, char const *in, const size_t inlen)
 int
 main(int argc, char *argv[])
 {
-  char     service[50];
-  size_t   servicelen;
-  char     token[80];
-  size_t   tokenlen;
-  uint32_t key[4];
-
-  /* Seed the random number generator.  This ought to be unpredictable
-     enough for a contest. */
-  srand((int)time(NULL) * (int)getpid());
+  char    service[50];
+  size_t  servicelen;
+  char    token[80];
+  size_t  tokenlen;
+  uint8_t key[256];
+  size_t  keylen;

  /* Read service name. */
  {
    ssize_t len;

-    len = read(0, service, sizeof(service) - 1);
+    len = read(0, service, sizeof(service));
+    if (0 >= len) return 0;
    for (servicelen = 0;
         (servicelen < len) && isalnum(service[servicelen]);
         servicelen += 1);
@ -91,35 +90,46 @@ main(int argc, char *argv[])

  /* Read in that service's key. */
  {
-    int     fd;
-    size_t  len;
+    int fd;
+    int ret;

    fd = open(state_path("token.keys/%.*s", (int)servicelen, service), O_RDONLY);
    if (-1 == fd) {
-      write(1, "!nosvc", 6);
+      perror("Open key");
      return 0;
    }

-    len = read(fd, &key, 16);
-    close(fd);
+    ret = read(fd, &key, sizeof(key));
+    if (-1 == ret) {
+      perror("Read key");
+      return 0;
+    }
+    keylen = (size_t)ret;

-    if (16 != len) {
-      write(1, "!shortkey", 9);
+    close(fd);
+  }
+
+  /* Send a nonce, expect it back encrypted */
+  {
+    int32_t nonce = my_random();
+    int32_t enonce = 0;
+
+    write(1, &nonce, sizeof(nonce));
+    arc4_crypt_buffer(key, keylen, (uint8_t *)&nonce, sizeof(nonce));
+    read(0, &enonce, sizeof(enonce));
+    if (nonce != enonce) {
+      write(1, ":<", 2);
      return 0;
    }
  }

  /* Create the token. */
  {
-    uint8_t crap[itokenlen];
+    int32_t crap = my_random();
    char    digest[bubblebabble_len(itokenlen)];
-    int     i;

    /* Digest some random junk. */
-    for (i = 0; i < itokenlen; i += 1) {
-      crap[i] = (uint8_t)random();
-    }
-    bubblebabble(digest, (char *)crap, itokenlen);
+    bubblebabble(digest, (char *)&crap, itokenlen);

    /* Append digest to service name. */
    tokenlen = (size_t)snprintf(token, sizeof(token),
@ -158,19 +168,14 @@ main(int argc, char *argv[])
    }
  }

-  /* Encrypt the token.  Note that now tokenlen is in uint32_ts, not
-     chars!  Also remember that token must be big enough to hold a
-     multiple of 4 chars, since tea will go ahead and jumble them up for
-     you.  If the compiler aligns words this shouldn't be a problem. */
+  /* Encrypt the token. */
  {
-    tokenlen = (tokenlen + (tokenlen % sizeof(uint32_t))) / sizeof(uint32_t);
-
-    tea_encode(key, (uint32_t *)token, tokenlen);
+    arc4_crypt_buffer(key, keylen, (uint8_t *)token, tokenlen);
  }

  /* Send it back.  If there's an error here, it's okay.  Better to have
     unclaimed tokens than unclaimable ones. */
-  write(1, token, tokenlen * sizeof(uint32_t));
+  write(1, token, tokenlen);

  return 0;
 }
--- a/mcp/src/puzzler.cgi.c
+++ b/mcp/src/puzzler.cgi.c
@ -67,7 +67,7 @@ main(int argc, char *argv[])
  }

  {
-    char line[TEAM_MAX + CAT_MAX + sizeof(points_str) + 2];
+    char line[200];

    my_snprintf(line, sizeof(line),
               "%s %s %ld", team, category, points);
--- a/mcp/src/puzzles.cgi.c
+++ b/mcp/src/puzzles.cgi.c
@ -19,11 +19,12 @@ longcmp(long *a, long *b)
 #define PUZZLES_MAX 100

 /** Keeps track of the most points yet awarded in each category */
+int    ncats = 0;
 struct {
  char cat[CAT_MAX];
  long points;
 } points_by_cat[PUZZLES_MAX];
-int ncats = 0;
+

 size_t
 read_until_char(FILE *f, char *buf, size_t buflen, char delim)
@ -70,8 +71,6 @@ main(int argc, char *argv[])
      read_until_char(f, points_str, sizeof(points_str), '\n');
      points = atol(points_str);

-      printf("%s %ld\n", cat, points);
-
      for (i = 0; i < ncats; i += 1) {
        if (0 == strcmp(cat, points_by_cat[i].cat)) break;
      }
--- a/mcp/src/tokencli.c
+++ b/mcp/src/tokencli.c
@ -0,0 +1,92 @@
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <string.h>
+#include <unistd.h>
+#include <sysexits.h>
+#include <stdio.h>
+#include "arc4.h"
+
+/* I don't feel compelled to put all the TCP client code in here
+ * when it's so simple to run this with netcat or ucspi.  Plus, using
+ * stdin and stdout makes it simpler to test.
+ */
+
+int
+read_key(char *filename, uint8_t *key, size_t *keylen)
+{
+  int fd = open(filename, O_RDONLY);
+  int len;
+
+  if (-1 == fd) {
+    perror("open");
+    return EX_NOINPUT;
+  }
+
+  len = read(fd, key, *keylen);
+  if (-1 == len) {
+    perror("read");
+    return EX_NOINPUT;
+  }
+  *keylen = (size_t)len;
+
+  return 0;
+}
+
+int
+main(int argc, char *argv[]) {
+  uint8_t skey[200];
+  size_t  skeylen = sizeof(skey);
+  char    token[200];
+  size_t  tokenlen;
+  int     ret;
+
+  if (argc != 3) {
+    fprintf(stderr, "Usage: %s SERVICE SERVICEKEY 3>TOKENFILE\n", argv[0]);
+    fprintf(stderr, "\n");
+    fprintf(stderr, "SERVICEKEY is a filenames.\n");
+    fprintf(stderr, "Tokens are written to file descriptor 3.\n");
+    return EX_USAGE;
+  }
+
+  /* read in keys */
+  ret = read_key(argv[2], skey, &skeylen);
+  if (0 != ret) return ret;
+
+  /* write service name */
+  write(1, argv[1], strlen(argv[1]));
+
+  /* read nonce, send back encrypted version */
+  {
+    uint8_t nonce[80];
+    int     noncelen;
+
+    noncelen = read(0, nonce, sizeof(nonce));
+    if (0 >= noncelen) {
+      perror("read");
+      return EX_IOERR;
+    }
+    arc4_crypt_buffer(skey, skeylen, nonce, (size_t)noncelen);
+    write(1, nonce, (size_t)noncelen);
+  }
+
+  /* read token */
+  {
+    int len;
+
+    len = read(0, token, sizeof(token));
+    if (0 >= len) {
+      perror("read");
+      return EX_IOERR;
+    }
+    tokenlen = (size_t)len;
+  }
+
+  /* decrypt it */
+  arc4_crypt_buffer(skey, skeylen, (uint8_t *)token, tokenlen);
+
+  /* write it to fd 3 */
+  write(3, token, tokenlen);
+
+  return 0;
+}
--- a/mcp/src/xxtea.c
+++ b/mcp/src/xxtea.c
@ -1,51 +0,0 @@
-#include <stdint.h>
-#include <stddef.h>
-
-#define DELTA 0x9e3779b9
-#define MX ((z>>5^y<<2) + (y>>3^z<<4)) ^ ((sum^y) + (k[(p&3)^e] ^ z));
-
-void
-btea(uint32_t *v, int n, uint32_t const k[4])
-{
-  uint32_t y, z, sum;
-  unsigned p, rounds, e;
-
-  if (n > 1) {          /* Coding Part */
-    rounds = 6 + 52/n;
-    sum = 0;
-    z = v[n-1];
-    do {
-      sum += DELTA;
-      e = (sum >> 2) & 3;
-      for (p=0; p<n-1; p++)
-        y = v[p+1], z = v[p] += MX;
-      y = v[0];
-      z = v[n-1] += MX;
-    } while (--rounds);
-  } else if (n < -1) {  /* Decoding Part */
-    n = -n;
-    rounds = 6 + 52/n;
-    sum = rounds*DELTA;
-    y = v[0];
-    do {
-      e = (sum >> 2) & 3;
-      for (p=n-1; p>0; p--)
-        z = v[p-1], y = v[p] -= MX;
-      z = v[n-1];
-      y = v[0] -= MX;
-    } while ((sum -= DELTA) != 0);
-  }
-}
-
-void
-tea_encode(uint32_t const key[4], uint32_t *buf, size_t buflen)
-{
-  btea(buf, buflen, key);
-}
-
-void
-tea_decode(uint32_t const key[4], uint32_t *buf, size_t buflen)
-{
-  btea(buf, -buflen, key);
-}
-
--- a/mcp/src/xxtea.h
+++ b/mcp/src/xxtea.h
@ -1,2 +0,0 @@
-void tea_encode(uint32_t const key[4], uint32_t *buf, size_t buflen);
-void tea_decode(uint32_t const key[4], uint32_t *buf, size_t buflen);
--- a/mcp/test.sh
+++ b/mcp/test.sh
@ -88,8 +88,8 @@ fi
 mkdir -p $CTF_BASE/token.keys
 echo -n '0123456789abcdef' > $CTF_BASE/token.keys/tokencat

-# in.tokend uses a random number generator
-echo -n 'tokencat' | src/in.tokend > /dev/null
+mkfifo $CTF_BASE/nancy
+src/tokencli tokencat $CTF_BASE/token.keys/tokencat < $CTF_BASE/nancy 3>$CTF_BASE/t | src/in.tokend > $CTF_BASE/nancy

 if ! grep -q 'tokencat:x....-....x' $CTF_BASE/tokens.db; then
    die "in.tokend didn't write to database"
@ -103,11 +103,11 @@ if src/claim.cgi t=$hash k=tokencat:xanax-xanax | grep -q success; then
    die "claim.cgi gave points for a bogus token"
 fi

-if ! src/claim.cgi t=$hash k=$(cat $CTF_BASE/tokens.db) | grep -q success; then
+if ! src/claim.cgi t=$hash k=$(cat $CTF_BASE/t) | grep -q success; then
    die "claim.cgi didn't give me any points"
 fi

-if src/claim.cgi t=$hash k=$(cat $CTF_BASE/tokens.db) | grep -q success; then
+if src/claim.cgi t=$hash k=$(cat $CTF_BASE/t) | grep -q success; then
    die "claim.cgi gave me points twice for the same token"
 fi