46 lines
1001 B
Python
46 lines
1001 B
Python
from pwn import *
|
|
import binascii
|
|
|
|
|
|
p = remote("a96a15c9c5222abacb014e80-1024-intro-crypto-1.challenge.cscg.live", 1337, ssl=True)# Define functions for convenience
|
|
|
|
def recv_until(delim):
|
|
return p.recvuntil(delim)
|
|
|
|
def interact():
|
|
p.interactive()
|
|
|
|
def send_payload(payload):
|
|
p.sendline(payload)
|
|
|
|
def xor(bytes1, bytes2):
|
|
return bytes([b1 ^ b2 for b1, b2 in zip(bytes1, bytes2)])
|
|
|
|
|
|
# Example interaction
|
|
recv_until(b":")
|
|
payload = b"41" * 74
|
|
send_payload(payload)
|
|
|
|
encrypted_plaintext = []
|
|
|
|
for _ in range(255):
|
|
data = binascii.unhexlify(recv_until(b"\n").replace(b"\n",b"").split(b" ")[-1])
|
|
encrypted_plaintext.append(data)
|
|
|
|
payload = b"\x41" * 74
|
|
|
|
print(payload)
|
|
|
|
keystreams = [xor(enc, payload) for enc in encrypted_plaintext]
|
|
|
|
enc_flag = binascii.unhexlify(recv_until(b"\n").replace(b"\n",b"").split(b" ")[-1])
|
|
print(enc_flag)
|
|
|
|
dec_flags = [xor(keystream, enc_flag) for keystream in keystreams]
|
|
|
|
for flag in dec_flags:
|
|
if b'CSCG{' in flag:
|
|
print(flag)
|
|
|