feat: found the exploit in the code and attaced the server

sheet02/a1/b-aeskey.txt

@@ -0,0 +1,2 @@
+AES Key: cddf0c7f664624fd0b604c622a2c670dffc3fdd7859a7cdd2377d1ba2ab86f89
+IV: 30579741743af76bdd06ec45b12ee6d7

sheet02/a1/b-dec-aes.txt

@@ -0,0 +1,3 @@
+Viktoria
+Leo
+Julian

sheet02/a1/b-enc-aes.txt

@@ -0,0 +1 @@
+o5Ö¦Íß*òþk‚¼¾I¦BîÜr<C39C>Œ´<C592>6@hün5Ø

sheet02/a1/b.txt

@@ -0,0 +1,5 @@
+Generate 256bit aes key and 128 bit iv:
+openssl rand -hex 32
+openssl rand -hex 16
+Encrypt the file plaintext.txt with the key and iv
+openssl enc -aes-256-cbc -in plaintext.txt -out b-enc-aes.txt -K cddf0c7f664624fd0b604c622a2c670dffc3fdd7859a7cdd2377d1ba2ab86f89 -iv 30579741743af76bdd06ec45b12ee6d7

sheet02/a1/c-dec-rsa.txt

@@ -0,0 +1,3 @@
+Viktoria
+Leo
+Julian

sheet02/a1/c-enc-rsa.txt

@@ -0,0 +1,2 @@
+’Ìnç‰á~Á>hì`£aÿ*‘Ú#ÒÒh‹å4ò,>«ôÓ„ì÷9&†…%´c,¤tNØR‰“5sŠq
+˜°+$úd!E½Í·‘3£y£<79>3Ÿ|#Ù2ÒÈ„¬ÜºÕLÍ^é¢L9ÊApØîfDV<44>kX´¨^æeh\É£H
«~y	ƵýdÀK½I\€óf>I5EÿcÛ,‹I+s<>

sheet02/a1/c-rsa-priv.key

@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC1S64EHWciPKk+
+6kTV3QGe97oGsO4pAbeAvqqzFtOulkIy1cEYlQIP+Ie9LL1i1tOjkx8v3j0Foq7T
+DQkwCpTodJRl50hOdjOdhcjENU1GoZ2xHYb+sNwuVo7Rzl8rEP99p1N9slaq/d4L
+jV4c6PWDjd2vGxcnPpihYtZOgq7XNN026Iu+E3v7z8MAcMxy2RAQyw2PeqgxJwyh
+Pg1E6sz4OjnUQOhS0nwqz2XwG+XPfH8ytf3XjQPLnvUtmIscP1W4wjeJDJuvym5p
+qr8Nr71yjYLm9tefQLONHxXUOJuxiJatJj9M5yKs6Z/gB2RRA26as6wyIuQ6WFu4
+HTrUrgdrAgMBAAECggEABef0QFAQ5w2g2drZ6Tms7tfVKJik+ZMDvl73wqPQu5RL
+jcpm4v0ftxN6oJAPj2O+O0r0riOIS2G0Xk3Dadw+Y6BAoV06fsvc/Jm6I6I05UMo
+lveGSU/LrHrHZlBZy1ZfbGGCF8syhZmFnUy6ryhrryB1A1pXk8C3SjKlFqOtPHd/
+V1GW/ww3p7VL/HOmCNTr6nvlw6MJGzlZ08JpcwguGu/DuSCFSQwlhcqPsOQdr20o
+maGYIBEwkwOmk5CAjr3jJnmQlPQ8QtAsYCIjHrmiA0zyserGN7K3hhSDIJ19uK3F
+2BIglSYrSViwq2DIHbQgeHuoM3ziaFKVczwVaL7w8QKBgQDm901Wq2B/vO2lCgb8
+6cofnhJYa6T8w4SXuLDoNmrZuPw2VepR6L/HxgPS9t14LkIVZXIc0tdHkqHHfnHY
+O2m/5sEqYTGifAseLLPdgy7QC6ZvLq6CMzvl8rQ7ITj18+tyMnUYfw2Ts+9GwE4m
+X5Zvx+zROIP8gMoJhGqvpSdl0wKBgQDI8iezI1csN5Miq0aerQkYFqfkFEVVTeys
+LAep+sJ7U6RVpHBwGJrZkngucBgb6JdWZvY1eRnmZ7m4Y9cvq+b8DpdJhrkiUv2k
+YCfFvUDtxQimvb3yFTbluoxIhKP/pmmj1qng/EiKHU/1l++AErsIlSEuxbDnVx0o
+Ivdpod/hCQKBgQCBKKCmK/Yt2NAob+AShQbUAYiOy7ua4hd+5PiBExVTpd/c3tTH
+c1nz9Kbkzcpxz6SC5JUYy0s6KiSwM+SkIC119CvncCzaiXWKLUN0R0zhaPJs0HUk
+OFRxtfTV8DEzUXFEDjVvOnW0OHZBYX8SdHfjELE9GtasWLUi91rV2IycowKBgAM8
+GrWAiSO2FVFGjpF5WZ8gpj0+sksIQRoYb1smJUFU/F1Ak2rKipucBwFAXrL8UItc
+hvQfafJSkyPLv6gNzV8bYQYW/B34VgryXVGKlWP+ewAsJ8Wg38xc72svb3BrHmI7
+z2pGxWgrxqC+fGWEZ6xgsjMNjaZ7uYVu4qq5p1/5AoGBANm05M8tH5aD4+cNVCGp
+EiHiw4JyCbbkHHyuGi44Ul6CsX7Ib6vYyApI9+0wJHDddspFGve+sGdzQ3yc79/S
+QcaOMQC+/dEG3oOY+j76lSDM5Xa4Ie5ekn6dwYU96iiPBK0D+wcjiZv/qott2xsr
+dOPUdEes0Tj6vqVvDQLyXi1R
+-----END PRIVATE KEY-----

sheet02/a1/c-rsa-pub.key

@@ -0,0 +1,9 @@
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUuuBB1nIjypPupE1d0B
+nve6BrDuKQG3gL6qsxbTrpZCMtXBGJUCD/iHvSy9YtbTo5MfL949BaKu0w0JMAqU
+6HSUZedITnYznYXIxDVNRqGdsR2G/rDcLlaO0c5fKxD/fadTfbJWqv3eC41eHOj1
+g43drxsXJz6YoWLWToKu1zTdNuiLvhN7+8/DAHDMctkQEMsNj3qoMScMoT4NROrM
++Do51EDoUtJ8Ks9l8Bvlz3x/MrX9140Dy571LZiLHD9VuMI3iQybr8puaaq/Da+9
+co2C5vbXn0CzjR8V1DibsYiWrSY/TOcirOmf4AdkUQNumrOsMiLkOlhbuB061K4H
+awIDAQAB
+-----END PUBLIC KEY-----

sheet02/a1/c.txt

@@ -0,0 +1,8 @@
+Generate rsa private key:
+openssl genpkey -algorithm RSA -out c-rsa-priv.key -pkeyopt rsa_keygen_bits:2048
+
+Extract the public key from the private key
+openssl pkey -in c-rsa-priv.key -pubout -out c-rsa-pub.key
+
+Encrypt the file using the rsa pubkey
+openssl pkeyutl -encrypt -pubin -inkey c-rsa-pub.key -in plaintext.txt -out c-enc-rsa.txt

sheet02/a1/e.txt

@@ -0,0 +1,9 @@
+Decrypt the aes-encrypted key with the aes-key and iv:
+openssl enc -d -aes-256-cbc -in b-enc-aes.txt -out b-dec-aes.txt -K cddf0c7f664624fd0b604c622a2c670dffc3fdd7859a7cdd2377d1ba2ab86f89 -iv 30579741743af76bdd06ec45b12ee6d7
+
+Decrypt encrypted file using the rsa private key
+openssl pkeyutl -decrypt -inkey a1/c-rsa-priv.key -in a1/c-enc-rsa.txt -out a1/c-dec-rsa.txt
+
+Verify the same files with the tool diff
+diff plaintext.txt b-dec-aes.txt  -> Prints nothing, so its the same
+diff plaintext.txt c-dec-rsa.txt  -> Prints nothing, so its the same

sheet02/a1/plaintext.txt

@@ -0,0 +1,3 @@
+Viktoria
+Leo
+Julian

sheet02/a2/SignECDSA.java

@@ -0,0 +1,23 @@
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.security.KeyPairGenerator;
+import java.security.Signature;
+import java.util.Base64;
+
+public class SignECDSA {
+    public static void main(String[] args) throws Exception {
+        final var gen = KeyPairGenerator.getInstance("EC");
+        final var kp = gen.genKeyPair();
+
+        final var bytes = Files.readAllBytes(Path.of("plaintext.txt"));
+        final var sig = Signature.getInstance("SHA256withECDSA");
+        sig.initVerify(kp.getPublic());
+        sig.initSign(kp.getPrivate());
+        sig.update(bytes);
+        final var signature = sig.sign();
+
+        Files.write(Path.of("b-signature.txt"), Base64.getEncoder().encode(signature));
+        Files.write(Path.of("b-publickey.txt"), Base64.getEncoder().encode(kp.getPublic().getEncoded()));
+        Files.write(Path.of("b-privatekey.txt"), Base64.getEncoder().encode(kp.getPrivate().getEncoded()));
+    }
+}

sheet02/a2/VerifyECDSA.java

@@ -0,0 +1,26 @@
+import java.security.KeyFactory;
+import java.security.Signature;
+import java.security.spec.X509EncodedKeySpec;
+import java.util.Base64;
+
+public class VerifyECDSA {
+    public static void main(String[] args) throws Exception {
+        if (args.length < 3) {
+            System.out.println(
+                    "Please specify in the following order: Public Key (X509), Signature (Base64), Message (plain text)");
+            return;
+        }
+
+        final String PUBLIC_KEY = args[0];
+        final String SIGNATURE = args[1];
+        final String MESSAGE = args[2];
+
+        final var kf = KeyFactory.getInstance("EC");
+        final var pub = kf.generatePublic(new X509EncodedKeySpec(Base64.getDecoder().decode(PUBLIC_KEY)));
+
+        final var sig = Signature.getInstance("SHA256withECDSA");
+        sig.initVerify(pub);
+        sig.update(MESSAGE.getBytes());
+        System.out.println("Correct: " + sig.verify(Base64.getDecoder().decode(SIGNATURE)));
+    }
+}

sheet02/a2/b-privatekey.txt

@@ -0,0 +1 @@
+ME4CAQAwEAYHKoZIzj0CAQYFK4EEACIENzA1AgEBBDA/BgxBUzJUc3MfZVBIdPTbQfIdf4SABYZJlno8rUPkhBRrK3VkpEhyGdviYUPViz4=

sheet02/a2/b-publickey.txt

@@ -0,0 +1 @@
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEVHteuMnscItIHycwEZ80P44WyIWmL7PmeN6HLRAu8IJsLKX6BTDawN0MezskF68oQ9Ft7zy2u4v2aaYB4tgUv+0YG7zEwFr0ofqSqFFPSLr0qrVRvXi/H7Bux8tYVgaN

sheet02/a2/b-signature.txt

@@ -0,0 +1 @@
+MGQCMHq04CPgDiSaWPXb3LiuBrb97aV4JjinA5gIuEIFjFYLD1jYdECBdV/aHLLYsyMYnAIwedsP6qJKK4Y2uLgn3XLxbHgDKxf+eq07Rptmn/LttHTpWjtTfaLERM+Uh2BUGmMt

sheet02/a2/c.txt

@@ -0,0 +1,5 @@
+copy the publickey into a .pem file that starts with -----BEGIN PUBLIC KEY----- and ends with -----END PUBLIC KEY----- and has linebreaks after 64 chars.
+then decode the base64 signature
+base64 -d b-signature.txt > signature.bin
+verify using openssl
+openssl dgst -sha256 -verify c-pubkey.pem -signature signature.bin plaintext.txt 

sheet02/a2/plaintext.txt

@@ -0,0 +1,3 @@
+Julian
+Leonard
+Viktoria

sheet02/a2/verify-example.sh

@@ -0,0 +1 @@
+java VerifyECDSA.java "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnSgO/uuSq9QHH/rrnSgXeQTKPMI8tjLhyJzevl9fLQZW/zXuHk9iThiKY/c2k52quUby3czAwL2l2HaRqcBXEg==" "MEUCIAzRvK3CNFqMTZxIgMd1uQ/XybtRKXFht9S4q8qUy/IbAiEA7EcFYuRbViVC/zzIRW78HekjRHZVn3DjHVUcKyJ5sXw=" "hello world"

sheet03/a2/Auth.java

@@ -0,0 +1,71 @@
+import java.io.Console;
+import java.util.Map;
+import java.util.HexFormat;
+import java.util.stream.Collectors;
+import java.nio.file.Path;
+import java.nio.file.Files;
+import java.security.MessageDigest;
+
+public class Auth {
+    private static final byte[] INVALID_HASH = "----------------------------------------------------------------".getBytes();
+
+    public static void main(String[] args) {
+        try {
+            Map<String, byte[]> passwd = Files.readAllLines(Path.of("passwd"))
+                .stream()
+                .filter(line -> line.indexOf(":") > 1 && line.length() > 3)
+                .collect(Collectors.toMap(
+                    line -> line.substring(0, line.indexOf(':')),
+                    line -> HexFormat.of().parseHex(line.substring(line.indexOf(':') + 1))
+                ));
+
+            System.out.println("Chocolate Factory SCADA Command Line Interface v2.2.144");
+            System.out.println();
+            System.out.println("Please, enter your authentication credentials.");
+            System.out.println();
+
+            Console cons = System.console();
+
+            String username;
+            String password;
+
+            long timeout = 500;
+            while (true) {
+                username = cons.readLine("> Username: ");
+                password = new String(cons.readPassword("> Password: "));
+
+                MessageDigest digest = MessageDigest.getInstance("SHA-256");
+                byte[] encodedHash = digest.digest(password.getBytes());
+
+                // constant time comparison to prevent timing attacks
+                if (MessageDigest.isEqual(
+                    passwd.getOrDefault(username, INVALID_HASH),
+                    encodedHash
+                )) {
+                    System.out.println();
+                    System.out.printf("Welcome %s!%n", username);
+                    Thread.sleep(150);
+                    break;
+                } else {
+                    // exponential timeout to prevent brute force attacks
+                    System.out.println("Incorrect username and/or password.");
+                    Thread.sleep(timeout);
+                    timeout *= 2;
+                }
+            }
+
+            printSystemStatus();
+            printSecretRecipe();
+        } catch (Exception e) {
+            // ignore
+        }
+    }
+
+    private static void printSystemStatus() throws Exception {
+        // TOP SECRET
+    }
+
+    private static void printSecretRecipe() throws Exception {
+        // TOP SECRET
+    }
+}

sheet03/a2/a.txt

@@ -0,0 +1,5 @@
+The Code uses unsalted hashes of the passwords.
+That way there is no random data added to the hashes and it is very easy to find identical hashes using
+pre-computed lookup tables.
+
+Using such a tool we found that the password admin123 has the same hash that is stored for the username admin.

sheet03/a2/b.txt

@@ -0,0 +1,77 @@
+07:46:38 leo@group-20 ~ → cat .ssh/config 
+Host chocolate
+  User chocolate
+  Hostname 10.42.23.1
+
+07:46:13 leo@group-20 ~ → ssh chocolate
+chocolate@10.42.23.1's password: chocolate
+Chocolate Factory SCADA Command Line Interface v2.2.144
+
+Please, enter your authentication credentials.
+
+> Username: admin
+> Password: admin123
+
+Welcome admin!
+
+We are currently clean on OPSEC.
+
+Current System Status:
+ 🏭 Production Line 1:               [🟢 ONLINE] - Idle
+ 🏭 Production Line 2:               [🟢 ONLINE] - Running (Secretly Sweet Chocolate Batch #42)
+ 🏭 Ingredient Hopper (Cocoa):       [🟢 ONLINE] - Level: 85%
+ 🏭 Ingredient Hopper (Sugar):       [🟢 ONLINE] - Level: 92%
+ 🏭 Ingredient Hopper (Milk Powder): [🟢 ONLINE] - Level: 78%
+ 🌡️ Temperature Control System:      [🟢 ONLINE] - Target: 45°C (±0.5°C)
+ ⚙️ Mixing Unit A:                   [🟢 ONLINE] - Standby
+ ⚙️ Mixing Unit B:                   [🟢 ONLINE] - Active
+ 🍫 Molding Machine Alpha:           [🟢 ONLINE] - Ready
+ 🍫 Molding Machine Beta:            [🟢 ONLINE] - Processing
+ 🧊 Cooling Tunnel System:           [🟢 ONLINE] - Target: 10°C (±1°C)
+ 📦 Packaging Unit Delta:            [🟢 ONLINE] - Awaiting Output
+ 🤖 Quality Control Bot v3.2:        [🟢 ONLINE] - Monitoring
+ ⚡ Power Supply:                    [🟢 ONLINE] - Stable
+ 🌐 Network Connectivity:            [🟢 ONLINE] - Good
+ 🔒 Security System:                 [🟢 ONLINE] - Active
+----------------------------------------------------
+✅ ALL SYSTEMS GREEN. Chocolate production is nominal. ✅
+
+
+📝 Recipe for 'Secretly Sweet Chocolate Batch #42
+
+  Ingredients:
+
+  1 'Bargain Bin Chocolate Chunk'
+    (obtained from ... questionable sources)
+  3 'Heaping Spoonfuls of Questionable Granules'
+    (definitely not pure sugar)
+  A splash of 'Mysterious Gloss'
+     (something called vasline, maybe inedible,
+      but it makes things shiny!)
+
+
+  Instructions:
+
+  Acquire the Goods:
+     Locate and 'liberate' the cheapest-looking chocolate
+     you can get from the competition.
+  The Melt Down:
+     Subject the 'Bargain Bin Chocolate Chunk' to intense heat.
+     The goal is a questionable, slightly lumpy liquid.
+  Sweeten the Deal:
+     Introduce the 'Heaping Spoonfuls of Questionable Granules'
+     to the melted chocolate. Stir vigorously (or just shake the
+     container violently). The mixture should become alarmingly
+     sweet.
+  The Glossy Finish:
+     Add a dash of 'Mysterious Gloss.' This will give the product
+     an unsettlingly shiny appearance.
+  Mold it (Sort Of):
+     Pour the concoction into a vaguely bar-shaped container (the
+     packaging of the input chocolate might work?).
+  The Pay Off:
+     Pay tons of influencers to advertise this as the best
+     chocolate they have ever tasted, and price this chocolate
+     at a ridiculous high price!!1! 🤑💰💸
+  
+Connection to 10.42.23.1 closed.

sheet03/a2/passwd

@@ -0,0 +1,3 @@
+admin:240be518fabd2724ddb6f04eeb1da5967448d7e831c08c8fa822809f74c720a9
+alice:57a975ec110f89a7ca6a8c39aec856890b10488006106fb12c3a5fe063b1e7d5
+bob:2a3cc87f95b4363a1e6483d4659671361f86239735d31e8c4a9be893a2427c19