WIP Insomni'hack
This commit is contained in:
33
insomnihack24/mobile/passphrase_break.py
Normal file
33
insomnihack24/mobile/passphrase_break.py
Normal file
@@ -0,0 +1,33 @@
|
||||
from Crypto.Cipher import AES
|
||||
from Crypto.Util.Padding import pad
|
||||
import base64
|
||||
|
||||
key = b'A'*32 # Unknown 32-byte key
|
||||
encrypted_flag = base64.decodebytes(b"uS0D11dq3RM9QimRWfXcewwQdoxYwrZRNUGT205pDfQ=")
|
||||
|
||||
def encrypt(plaintext, flag):
|
||||
padded = pad(plaintext + flag, 32)
|
||||
cipher = AES.new(key, AES.MODE_ECB)
|
||||
|
||||
ciphertext = cipher.encrypt(padded)
|
||||
return ciphertext.hex()
|
||||
|
||||
|
||||
def bruteforce():
|
||||
flag = ''
|
||||
total = 64 - 1
|
||||
chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_-~!?#%&@{}'
|
||||
|
||||
while True:
|
||||
payload = '1' * (total - len(flag))
|
||||
ciphertext_1 = encrypt((payload+flag).encode())
|
||||
|
||||
for c in chars:
|
||||
ciphertext_2 = encrypt((payload + flag + c).encode())
|
||||
# Comapare the middle blocks ([32:64]) of each encrypted text
|
||||
if ciphertext_2[64:128] == ciphertext_1[64:128]:
|
||||
flag += c
|
||||
print(flag)
|
||||
break
|
||||
|
||||
bruteforce()
|
||||
Reference in New Issue
Block a user