From 6d98aa2237fd71e9fc9d95c598467eb27362641c Mon Sep 17 00:00:00 2001
From: Philipp Nowak <git@lit.plus>
Date: Sun, 19 Jan 2020 04:08:27 +0100
Subject: [PATCH] Add crypto note

---
 writeups/litplus/otw19.md         | 11 +++++------
 writeups/litplus/otw19/A0Intro.md |  2 +-
 writeups/litplus/otw19/Adv-02.md  |  9 ++++-----
 3 files changed, 10 insertions(+), 12 deletions(-)

diff --git a/writeups/litplus/otw19.md b/writeups/litplus/otw19.md
index 93b0b24..61c5148 100644
--- a/writeups/litplus/otw19.md
+++ b/writeups/litplus/otw19.md
@@ -14,7 +14,7 @@ Challenges participated in:
 Total time spent: 39.75 hours (+ 4 hours for writeups) -- More effort TBD
 
 ### Personal Reflection
-Since the guidelines require that the whole writeup be in a single file, this has been merged by a very sophisticated shell script. The source files for the individual challenges are located in the [`writeups/litplus/otw19`](..) directory and match the RegEx `Adv-\d{2}.md`.
+Since the guidelines require that the whole writeup be in a single file, this has been merged by a very sophisticated shell script. The source files for the individual challenges are located in the [`writeups/litplus/otw19`](/writeups/litplus/otw19) directory and match the RegEx `Adv-\d{2}.md`.
 
 In general, this CTF was very fun and interesting to play! I originally planned to do more work before Christmas, but other courses sadly did not like this idea *at all*. However, Summer ADVENTure was very interesting, so I continued figuring our more and more things. In the end, it ended up eating most of my Christmas break nights, but I think that I learned a lot of new things. I was surprised that I was able to play such a major part in solving three of the challenges. Another great thing was that I got to play around writing non-trivial Python applications, which is something I had wanted to do for some time anyways.
 
@@ -229,11 +229,10 @@ As `@Hetti` revealed in Mattermost, the intended solution was to use an item dup
 
 The way this bug worked was that the server accepted a list of inventories as move target. So, the player was able to move a single item to two inventories at the same time, duplicating it. This can be repeated to obtain expensive items, which have a very large value margin, yielding funds for the flag quickly. I created a [Proof of Concept server](https://gitlab.w0y.at/ctfs/overthewire-advent-bonanza-2019/blob/master/day-02/dupe_server.py#L117), which duplicates items reliably. Those can be sold in the real client, but I wasn't able to get it to work automatically (probably some dumb mistake). However, we already had the flag at this time, so I did not put in further effort.
 
-### Lessons Learned
- * Just because the encryption *seems* like a (reused) One-Time-Pad, doesn't mean it is
- * Discovering a very weird format might just mean you're not thinking outside of the box enough, consider how likely challenges could be solved (e.g. here, if I want a standardised protocol, I'll probably use a library that can use the same model on server and client)
- * It's always an item duplication
- * Python is cool
+Possibly related, in the [suggested solution](https://github.com/OverTheWireOrg/advent2019/tree/master/advent-challenges/2019-12-02_rev3/solution), the bug is described as moving from an inventory to itself.
+
+Also, the constant auxilliary stream we assumed is not quite correct. The [actual implementation](https://github.com/OverTheWireOrg/advent2019/blob/master/advent-challenges/2019-12-02_rev3/common/EncryptedStream.cs) uses AES in ECB mode. However, this amounts to the same behaviour as we assumed and is also the suggested solution.
+
  ---
  
 day-23 Gr8 Escape
diff --git a/writeups/litplus/otw19/A0Intro.md b/writeups/litplus/otw19/A0Intro.md
index 94ec8b3..4ccfc3a 100644
--- a/writeups/litplus/otw19/A0Intro.md
+++ b/writeups/litplus/otw19/A0Intro.md
@@ -14,7 +14,7 @@ Challenges participated in:
 Total time spent: 39.75 hours (+ 4 hours for writeups) -- More effort TBD
 
 ### Personal Reflection
-Since the guidelines require that the whole writeup be in a single file, this has been merged by a very sophisticated shell script. The source files for the individual challenges are located in the [`writeups/litplus/otw19`](..) directory and match the RegEx `Adv-\d{2}.md`.
+Since the guidelines require that the whole writeup be in a single file, this has been merged by a very sophisticated shell script. The source files for the individual challenges are located in the [`writeups/litplus/otw19`](/writeups/litplus/otw19) directory and match the RegEx `Adv-\d{2}.md`.
 
 In general, this CTF was very fun and interesting to play! I originally planned to do more work before Christmas, but other courses sadly did not like this idea *at all*. However, Summer ADVENTure was very interesting, so I continued figuring our more and more things. In the end, it ended up eating most of my Christmas break nights, but I think that I learned a lot of new things. I was surprised that I was able to play such a major part in solving three of the challenges. Another great thing was that I got to play around writing non-trivial Python applications, which is something I had wanted to do for some time anyways.
 
diff --git a/writeups/litplus/otw19/Adv-02.md b/writeups/litplus/otw19/Adv-02.md
index 56815c9..d81b97e 100644
--- a/writeups/litplus/otw19/Adv-02.md
+++ b/writeups/litplus/otw19/Adv-02.md
@@ -202,10 +202,9 @@ As `@Hetti` revealed in Mattermost, the intended solution was to use an item dup
 
 The way this bug worked was that the server accepted a list of inventories as move target. So, the player was able to move a single item to two inventories at the same time, duplicating it. This can be repeated to obtain expensive items, which have a very large value margin, yielding funds for the flag quickly. I created a [Proof of Concept server](https://gitlab.w0y.at/ctfs/overthewire-advent-bonanza-2019/blob/master/day-02/dupe_server.py#L117), which duplicates items reliably. Those can be sold in the real client, but I wasn't able to get it to work automatically (probably some dumb mistake). However, we already had the flag at this time, so I did not put in further effort.
 
-### Lessons Learned
- * Just because the encryption *seems* like a (reused) One-Time-Pad, doesn't mean it is
- * Discovering a very weird format might just mean you're not thinking outside of the box enough, consider how likely challenges could be solved (e.g. here, if I want a standardised protocol, I'll probably use a library that can use the same model on server and client)
- * It's always an item duplication
- * Python is cool
+Possibly related, in the [suggested solution](https://github.com/OverTheWireOrg/advent2019/tree/master/advent-challenges/2019-12-02_rev3/solution), the bug is described as moving from an inventory to itself.
+
+Also, the constant auxilliary stream we assumed is not quite correct. The [actual implementation](https://github.com/OverTheWireOrg/advent2019/blob/master/advent-challenges/2019-12-02_rev3/common/EncryptedStream.cs) uses AES in ECB mode. However, this amounts to the same behaviour as we assumed and is also the suggested solution.
+
  ---
  
-- 
2.43.0