CodeGate2015 CTF - WEB400

CodeGate2015 CTF - WEB400

16 Mar 2015 - seichi

Another web challenge from Codegate quals .. always about Owls for this challenge we were given a youtube video player website also it’s source code.

the website offer some fonctionnalities like registration and login:

def register():
    u = {}
    u["u"] = request.form.get("user")
    u["pw"] = request.form.get("pw")
    u["email"] = request.form.get("email")
    if g.db.users.find_one({"u":u["u"]}):
        flash("Username taken")
        for vid in defaultvids:
            vid["user"] = u["u"]
    return make_response(redirect(url_for('index')))
def login():
    u = {}
    u["u"] = request.form.get("user")
    u["pw"] = request.form.get("pw")
    user = g.db.users.find_one(u)
    resp = make_response(redirect(url_for('index')))
    if user:
        set_cookie(resp, u)
        flash("Login failed")
    return respWe can see that the authentication mechanism is cookie based:

def get_cookie():
    cookie = request.cookies.get("auth")
    if not cookie: return None
    cookie = cookie.decode("base64")
    iv = cookie[:BS]
    cookie = cookie[BS:]
    aes =, AES.MODE_CBC, iv)
    cookie = aes.decrypt(cookie)
    cookie = unpad(cookie)
    cookie = json.loads(cookie)
    return cookie
def set_cookie(resp, cookie):
    cookie = json.dumps(cookie)
    iv =
    aes =, AES.MODE_CBC, iv)
    cookie = pad(cookie)
    cookie = iv + aes.encrypt(cookie)
    cookie = cookie.encode("base64")
    cookie = cookie.replace("\n", "")
    resp.set_cookie("auth", cookie)
def is_logged_in():
    cookie = get_cookie()
    if not cookie: return False
    user = g.db.users.find_one(get_cookie())
    if not user: return False
    g.user = cookie
    return True

AES with Cipher Block Chaining (CBC) is being used here and both encryption and decryption operations are done using a secret key wich we don’t have .. but unlike the previous challenge this one was straight forward , as we immediately knew what we wanna do .. and what we wanna do is ** Byte flipping Attack **.

In brief Byte flipping attack is the process of changing some bytes in the plain text by altering some bytes in the ciphertext , i won’t be diving into details but for more informations you can visit this link (excellent explanation btw)

Now all we have to do is to forge a cookie wich when decrypted the corresponding username will be admin this one worked for me for example:

auth:dwc0RAPIv1KgpseYvk9u/p4wtI2RtOe6n22IcoEuoGdZ2b3n+0CUDoNgWF0OUqFP you login as admin you’ll find The flag in the source code:

Flag : the_owls_are_watching_again :)