WEB Challenges (I know Mag1k)

uzmakin495 · April 10, 2019, 5:40am

in here i got this
“Cookie: PHPSESSID=2q730tudrno1lkc534a5mj4033; iknowmag1k=76Q59%2FmPo9AllYbBtzkeF7H6mMTpCDkUBt18ec0MxJTUgPCIXjmhCw%3D%3D”

Even after doing research i didn’t get how to decrypt it , so i ended up seeing the walk-through in which told its a padding oracle .

Now my question is just by seeing the cookie how does one determine its padding oracle?

skordokailas · April 11, 2019, 1:48pm

I suspected what it was for two reasons.

One, I built a similar challenge for another CTF around the time I went to see the challenge, which helped me to identify it quite fast.
Two, you can narrow down the set of available options and focus on certain tools because:

It doesn’t look like a hash (hash-dentifier can help you there).
It doesn’t decode to plaintext either.
So, it’s some kind of crypto. From there, it can be maybe a textbook RSA, CBC byte flipping, hash length extension, you get the idea. Try, fail, remove it from the list and keep doing until something works.

budyackey · June 11, 2019, 7:58pm

some light google searching will reveal a tool that basically solves this challenge for you. oh well!

OdinRossi · August 1, 2019, 7:25pm

Is some still one this ? i am stuck on the last part of this challenge pm me

Arkango · November 2, 2019, 6:24pm

@uzmakin495 padBuster.pl can help you

Kaligero · November 8, 2019, 12:52pm

Owned challenge ^^
“Easy” with the right tools and Syntax

Ask me (DM) if you need some help …

LUCIFER29 · December 15, 2019, 10:44pm

I am having trouble working with padBuster.pl in the newest version of kali. Noob here want some guidance

2IUo3bsftEQARw · July 3, 2020, 8:17am

i don’t get why using automated tools tbh, ok, you got the flag but did you really learnt something?