Samsung CTF : Chicken or Egg Reversing Challenge

 The CTF is over but i really enjoyed solving the challenge (https://sctf.codeground.org/ctf/prob).The challenge is to decrypt flag.enc.


This is another APK + JNI (Java Native Interface) kind of challenge similar to the one in Google CTF 2017 (http://shasaurabh.blogspot.com/2017/07/google-ctf-2017-android-re-challenge.html).

Challenge can be divided into three parts.
1.Android application (application) loading Native Library
2.Native Library decrypts DEX file in memory.
3.Using Reflection to call methods of decrypted DEX file in step 2.

1. Android application loading Native Library
OnClick() method of MainActivity class calls constructor of Crypt class.


Calling constructor of Crypt class results in loading of Native library (libegg.so) which is ELF for ARM.

Constructor of Crypt class calls crackEgg method implemented in native library.

2.Native Library decrypts DEX file in memory.
The native library reads the encrypted DEX file stored in asset folder.


Before decrypting the DEX file stored in asset folder native library decrypts AES key and init vector. Encrypted AES key and Init vector is stored at below mentioned file offset in native library.
1.AES key - 0xB8A
2.Init vector - 0x930

Below is the python implementation of decryption loop logic in native library to decrypt AES key and Init vector.

enc_data = [{'asset_name':[0x64,0x65,0x64,0x7D,0x6A,0x6A,0x6C]},\
            {'aes_key':[0x60,0x75,0x66,0x77,0x6A,0x6B,0x62,0x6B,\
                        0x60,0x7A,0x63,0x69,0x7F,0x65,0x6A,0x69]},\
            {'aes_init_vect':[0x69,0x63,0x6D,0x60,0x76,0x69,0x6A,0x6D,\
                              0x60,0x64,0x62,0x78,0x7B,0x6B,0x6C,0x64]}]

for i in range(0,len(enc_data)):
    keys = enc_data[i].keys()
    for key in keys:
        value = enc_data[i][key]
    dec_data = ''
    for i in range(0,len(value)):
        v = (value[i] ^ (i+1)) & 0xFF
        dec_data = dec_data + chr(v)
    print(key + ' ===> ' + dec_data)

asset_name ===> eggyolk
aes_key ===> awesomecipherkey
aes_init_vect ===> handsomeinitvect

After decrypting AES key and Init vector, native library decrypts DEX bytes.

Decrypted DEX bytes as show below.

How to determine AES is used to decrypt DEX bytes? Answer is hard coded AES S-Box (substitution box) at file offset 0x24A7 in native library.

Decompilation of decrypted DEX bytes gives Egg Class which has enc method that encrypts data using AES.

3.Using Reflection to call methods of decrypted DEX file in step 2.
Method a() in Crypt class calls enc method of Egg class using reflection to encrypt files.

To decrypt flag.enc file we can call the same enc function of Egg class but with little modification. While initializing the Cipher instance we have to set mode to Decrypt as shown below.


After decryption of  flag.enc we get a PDF file which has flag inside it.


Comments

Popular posts from this blog

VIrtual Machine Detection Techniques

Debugging MBR : IDA Pro and Bochs Emulator

DoublePulsar Backdoor

Analyzing ATM Malwares

Google CTF 2017 : Android RE Challenge

FireEye FLARE CTF 2017 : APK Challenge 8

NotPetya\Petya : Overwriting System MBR

WannaCry Encryption Flow

Word Document : Anti Analysis Tricks