Welcome to the penultimate level, Level 7.
WaffleCopter is a new service delivering locally-sourced organic waffles hot off of vintage waffle irons straight to your location using quad-rotor GPS-enabled helicopters. The service is modeled after TacoCopter, an innovative and highly successful early contender in the airborne food delivery industry. WaffleCopter is currently being tested in private beta in select locations.
Your goal is to order one of the decadent Liège Waffles, offered only to WaffleCopter's first premium subscribers.
Log in to your account at https://level07-2.stripe-ctf.com/user-glqtzsieer with username ctf and password password. You will find your API credentials after logging in. You can fetch the code for the level via
git clone https://level07-2.stripe-ctf.com/user-glqtzsieer/level07-code, or you can read it below. You may find the sample API client in client.py particularly helpful.
This one was a pain - not for the attack, but the fact that this was the first one I actually downloaded the code - and somehow, it messed up. Meaning I was banging my head against a wall, even though a re-download of the code cleared it.
Anyway, There was two tricks to solving this one. When you made a few requests, you could see them in your own personal log of API requests.
Trick one: You could also see everyone else's by just changing the User ID in the request - DOH!.
This allowed you to see the VALID API requests and SHA1 signatures of those requests.
Trick Two: SHA1 - there is an attack for that - Called a SHA1 Padding attack:
Here, go read up on that: https://blog.whitehatsec.com/hash-length-extension-attacks/ I'll wait.
So basically, If you know a valid signature and known request, you can pad the known request to give the known signature. Simple. The attack happens by Setting the SHA1 registers to this known signature, and continuing the SHA1 hash from there giving you the correct hash for your attack.
Now we could code this up, or google and find this: http://www.vnsecurity.net/t/length-extension-attack/ this not only desribes the attack again, but gives us a tool too.
- You know the key length because you're given a key in the text.
- You know an original message and signature by using Trick 1
- You just need to add the text to append, the new waffle type.