Challenge: Holiday Hack Objective 11b
Category: pwn?? blockchain??
We are given part of a blockchain and told there is an altered block somewhere. The goal was to find the four altered bytes in the new block and change it back to their original values, or essentially, reproduce the original block. In the objective description, there was a SHA256 of the changed block which is the only indication of what block we should be looking at.
I ran a Python script to iterate through all the blocks until I found the one with the matching SHA256. I found that the altered block was at a chain index of 129459. Next, I needed to figure out the pattern used by the UniColl MD5 hash collision, so that I knew which bytes could be altered without changing the following MD5 hash of the block:
There is an obvious byte to start with (the naughty/nice byte) which was changed from 0 to 1. I decremented this byte by 1, then identified the byte in the same position in the next block to see if it is the next byte in the pattern. There is some trial and error here since the next byte could come before or after the byte we previously found according to the pattern the collision uses.
Decrementing this byte changed the MD5 hash, so I incremented it instead and it worked. The MD5 hash stayed the same and I knew I identified the first pair of bytes:
Block 2, row 1, byte 10 -=1 = 30
Block 3, row 1, byte 10 +=1 = D7
All I had to do to find the next two bytes was to follow the pattern. I skipped a block, then focused on blocks 5 and 6. I incremented and decremented the 10th byte of each until I found a solution that did not alter the MD5 hash. In this way, I found the resulting bytes:
Block 5, row 1, byte 10 +=1 = 33
Block 6, row 1, byte 10 -=1 = 1B
By calculating the new SHA256 hash of this block after changing the four bytes, I got the answer to the objective.