This is an archived web site made available for research purposes. The web site is no longer maintained.

Challenge Information - KPRCA_00064

Commonly known as: Secure_Compression


Rounds Enabled

66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80

Details

Original Versions

Known Vulnerabilities

  • CWE-121 - Stack-based Buffer Overflow
  • CWE-125 - Out-of-bounds Read
  • CWE-129 - Improper Validation of Array Index
  • CWEs are listed as indicated by the challenge author.

Deployed patches

Deployed IDS rules

None

DARPA performer group

Kaprica Security (KPRCA)

Description

Secure Compression uses Burrows-Wheeler Transform (BWT) and Move-to-Front (MTF) algorithms to compress a given data. It uses 95 byte key from a user, which specifies the ordering of the alphabet (data) which changes the output of the BWT and MTF -- and decompresses to a meaningful data only when the correct ordering (key) is given.

After MTF is performed, a simple bit-encoding is done to actually reduce the length of the data. It encodes each byte with the following rule:

  • If the byte is greater than 0x0F, emit bit 1 followed by 8 bit representing the byte value (total of 9 bits)
  • If the byte is less than or equal to 0x0F, emit bit 0 followed by 4 bit representing the byte value (total of 5 bits)

Feature List

- Compress - Decompress - Quit

Vulnerability

Vuln 1

  • There's a stack buffer overflow when doing reverse-MTF for decompression. The sz field that is controllable by the attacker can be greater than the stack buffer size.
  • The stack buffer is allocated less than what the maximum sz can be, thus causing an overflow is possible.
  • Type 1 vulnerability.

Vuln 2

  • When performing reverse-BWT for decompression, the oidx (original index within the rotation table) is parsed from the user data and is used without any validation.
  • This allows an attacker to point the buffer pointer to contain an attacker-controlled buffer (such as the first block of the data), which then can be used to to read arbitrary memory.
  • Type 2 vulnerability.

Generic class of vulnerability

Stack buffer overflow

Insufficient check on index to memory

CWE classification

CWE-121: Stack-based Buffer Overflow

CWE-125: Out-of-bounds Read

CWE-129: Improper Validation of Array Index

Challenges

  • Lots of bit operations to be analyzed.

Difficulty (Vuln1 / Vuln2)

  • Discovery: easy / medium
  • Proving: medium / hard
  • Patching: easy / easy

POV Information

Round Source Destination Result POV Analysis Video
67 CSDS CodeJitsu Failed POV POV Watch
67 CSDS DeepRed Failed POV POV Watch
67 CSDS Disekt Failed POV POV Watch
67 CSDS ForAllSecure Failed POV POV Watch
67 CSDS Shellphish Failed POV POV Watch
67 CSDS TECHx Failed POV POV Watch
67 DeepRed CodeJitsu Failed POV POV Watch
67 DeepRed CSDS Failed POV POV Watch
67 DeepRed Disekt Failed POV POV Watch
67 DeepRed ForAllSecure Failed POV POV Watch
67 DeepRed Shellphish Failed POV POV Watch
67 DeepRed TECHx Failed POV POV Watch
68 CSDS CodeJitsu Failed POV POV Watch
68 CSDS DeepRed Failed POV POV Watch
68 CSDS Disekt Failed POV POV Watch
68 CSDS ForAllSecure Failed POV POV Watch
68 CSDS Shellphish Failed POV POV Watch
68 CSDS TECHx Failed POV POV Watch
68 DeepRed CodeJitsu Failed POV POV Watch
68 DeepRed CSDS Failed POV POV Watch
68 DeepRed Disekt Failed POV POV Watch
68 DeepRed ForAllSecure Failed POV POV Watch
68 DeepRed Shellphish Failed POV POV Watch
68 DeepRed TECHx Failed POV POV Watch
69 CSDS CodeJitsu Failed POV POV Watch
69 CSDS DeepRed Failed POV POV Watch
69 CSDS Disekt Failed POV POV Watch
69 CSDS ForAllSecure Failed POV POV Watch
69 CSDS Shellphish Failed POV POV Watch
69 CSDS TECHx Failed POV POV Watch
69 DeepRed CodeJitsu Failed POV POV Watch
69 DeepRed CSDS Failed POV POV Watch
69 DeepRed Disekt Failed POV POV Watch
69 DeepRed ForAllSecure Failed POV POV Watch
69 DeepRed Shellphish Failed POV POV Watch
69 DeepRed TECHx Failed POV POV Watch
70 CSDS CodeJitsu Failed POV POV Watch
70 CSDS DeepRed Failed POV POV Watch
70 CSDS Disekt Failed POV POV Watch
70 CSDS ForAllSecure Failed POV POV Watch
70 CSDS Shellphish Failed POV POV Watch
70 CSDS TECHx Failed POV POV Watch
70 DeepRed CodeJitsu Failed POV POV Watch
70 DeepRed CSDS Failed POV POV Watch
70 DeepRed Disekt Failed POV POV Watch
70 DeepRed ForAllSecure Failed POV POV Watch
70 DeepRed Shellphish Failed POV POV Watch
70 DeepRed TECHx Failed POV POV Watch
71 CodeJitsu Shellphish Failed POV through defenses POV Watch
71 CSDS CodeJitsu Failed POV POV Watch
71 CSDS DeepRed Failed POV POV Watch
71 CSDS Disekt Failed POV POV Watch
71 CSDS ForAllSecure Failed POV POV Watch
71 CSDS Shellphish Failed POV through defenses POV Watch
71 CSDS TECHx Failed POV POV Watch
71 DeepRed CodeJitsu Failed POV POV Watch
71 DeepRed CSDS Failed POV POV Watch
71 DeepRed Disekt Failed POV POV Watch
71 DeepRed ForAllSecure Failed POV POV Watch
71 DeepRed Shellphish Failed POV through defenses POV Watch
71 DeepRed TECHx Failed POV POV Watch
72 CSDS CodeJitsu Failed POV POV Watch
72 CSDS DeepRed Failed POV POV Watch
72 CSDS Disekt Failed POV POV Watch
72 CSDS ForAllSecure Failed POV POV Watch
72 CSDS Shellphish Failed POV through defenses POV Watch
72 CSDS TECHx Failed POV POV Watch
72 DeepRed CodeJitsu Failed POV POV Watch
72 DeepRed CSDS Failed POV POV Watch
72 DeepRed Disekt Failed POV POV Watch
72 DeepRed ForAllSecure Failed POV POV Watch
72 DeepRed Shellphish Failed POV through defenses POV Watch
72 DeepRed TECHx Failed POV POV Watch
73 CodeJitsu Disekt Failed POV through defenses POV Watch
73 CSDS CodeJitsu Failed POV POV Watch
73 CSDS DeepRed Failed POV POV Watch
73 CSDS Disekt Failed POV through defenses POV Watch
73 CSDS ForAllSecure Failed POV POV Watch
73 CSDS Shellphish Failed POV through defenses POV Watch
73 CSDS TECHx Failed POV POV Watch
73 DeepRed CodeJitsu Failed POV POV Watch
73 DeepRed CSDS Failed POV POV Watch
73 DeepRed Disekt Failed POV through defenses POV Watch
73 DeepRed ForAllSecure Failed POV POV Watch
73 DeepRed Shellphish Failed POV through defenses POV Watch
73 DeepRed TECHx Failed POV POV Watch
74 CSDS CodeJitsu Failed POV POV Watch
74 CSDS DeepRed Failed POV POV Watch
74 CSDS Disekt Failed POV through defenses POV Watch
74 CSDS ForAllSecure Failed POV POV Watch
74 CSDS Shellphish Failed POV through defenses POV Watch
74 CSDS TECHx Failed POV POV Watch
74 DeepRed CodeJitsu Failed POV POV Watch
74 DeepRed CSDS Failed POV POV Watch
74 DeepRed Disekt Failed POV through defenses POV Watch
74 DeepRed ForAllSecure Failed POV POV Watch
74 DeepRed Shellphish Failed POV through defenses POV Watch
74 DeepRed TECHx Failed POV POV Watch
75 CSDS CodeJitsu Failed POV POV Watch
75 CSDS DeepRed Failed POV POV Watch
75 CSDS Disekt Failed POV through defenses POV Watch
75 CSDS ForAllSecure Failed POV POV Watch
75 CSDS Shellphish Failed POV through defenses POV Watch
75 CSDS TECHx Failed POV POV Watch
75 DeepRed CodeJitsu Failed POV POV Watch
75 DeepRed CSDS Failed POV POV Watch
75 DeepRed Disekt Failed POV through defenses POV Watch
75 DeepRed ForAllSecure Failed POV POV Watch
75 DeepRed Shellphish Failed POV through defenses POV Watch
75 DeepRed TECHx Failed POV POV Watch
76 CSDS CodeJitsu Failed POV POV Watch
76 CSDS DeepRed Failed POV POV Watch
76 CSDS Disekt Failed POV through defenses POV Watch
76 CSDS ForAllSecure Failed POV POV Watch
76 CSDS Shellphish Failed POV through defenses POV Watch
76 CSDS TECHx Failed POV POV Watch
76 DeepRed CodeJitsu Failed POV POV Watch
76 DeepRed CSDS Failed POV POV Watch
76 DeepRed Disekt Failed POV through defenses POV Watch
76 DeepRed ForAllSecure Failed POV POV Watch
76 DeepRed Shellphish Failed POV through defenses POV Watch
76 DeepRed TECHx Failed POV POV Watch
77 CSDS CodeJitsu Failed POV POV Watch
77 CSDS DeepRed Failed POV POV Watch
77 CSDS Disekt Failed POV through defenses POV Watch
77 CSDS ForAllSecure Failed POV POV Watch
77 CSDS Shellphish Failed POV through defenses POV Watch
77 CSDS TECHx Failed POV POV Watch
77 DeepRed CodeJitsu Failed POV POV Watch
77 DeepRed CSDS Failed POV POV Watch
77 DeepRed Disekt Failed POV through defenses POV Watch
77 DeepRed ForAllSecure Failed POV POV Watch
77 DeepRed Shellphish Failed POV through defenses POV Watch
77 DeepRed TECHx Failed POV POV Watch
78 CSDS CodeJitsu Failed POV POV Watch
78 CSDS DeepRed Failed POV POV Watch
78 CSDS Disekt Failed POV through defenses POV Watch
78 CSDS ForAllSecure Failed POV POV Watch
78 CSDS Shellphish Failed POV through defenses POV Watch
78 CSDS TECHx Failed POV POV Watch
78 DeepRed CodeJitsu Failed POV POV Watch
78 DeepRed CSDS Failed POV POV Watch
78 DeepRed Disekt Failed POV through defenses POV Watch
78 DeepRed ForAllSecure Failed POV POV Watch
78 DeepRed Shellphish Failed POV through defenses POV Watch
78 DeepRed TECHx Failed POV POV Watch
79 CSDS CodeJitsu Failed POV POV Watch
79 CSDS DeepRed Failed POV POV Watch
79 CSDS Disekt Failed POV through defenses POV Watch
79 CSDS ForAllSecure Failed POV POV Watch
79 CSDS Shellphish Failed POV through defenses POV Watch
79 CSDS TECHx Failed POV POV Watch
79 DeepRed CodeJitsu Failed POV POV Watch
79 DeepRed CSDS Failed POV POV Watch
79 DeepRed Disekt Failed POV through defenses POV Watch
79 DeepRed ForAllSecure Failed POV POV Watch
79 DeepRed Shellphish Failed POV through defenses POV Watch
79 DeepRed TECHx Failed POV POV Watch
80 CSDS CodeJitsu Failed POV POV Watch
80 CSDS DeepRed Failed POV POV Watch
80 CSDS Disekt Failed POV through defenses POV Watch
80 CSDS ForAllSecure Failed POV POV Watch
80 CSDS Shellphish Failed POV through defenses POV Watch
80 CSDS TECHx Failed POV POV Watch
80 DeepRed CodeJitsu Failed POV POV Watch
80 DeepRed CSDS Failed POV POV Watch
80 DeepRed Disekt Failed POV through defenses POV Watch
80 DeepRed ForAllSecure Failed POV POV Watch
80 DeepRed Shellphish Failed POV through defenses POV Watch
80 DeepRed TECHx Failed POV POV Watch

Curated by Lunge Technology, LLC. Questions or comments? Send us email