Files
ctf/2025/cscg/crypto/intro1/exploit.py
2025-06-06 03:13:31 +02:00

46 lines
1001 B
Python

from pwn import *
import binascii
p = remote("a96a15c9c5222abacb014e80-1024-intro-crypto-1.challenge.cscg.live", 1337, ssl=True)# Define functions for convenience
def recv_until(delim):
return p.recvuntil(delim)
def interact():
p.interactive()
def send_payload(payload):
p.sendline(payload)
def xor(bytes1, bytes2):
return bytes([b1 ^ b2 for b1, b2 in zip(bytes1, bytes2)])
# Example interaction
recv_until(b":")
payload = b"41" * 74
send_payload(payload)
encrypted_plaintext = []
for _ in range(255):
data = binascii.unhexlify(recv_until(b"\n").replace(b"\n",b"").split(b" ")[-1])
encrypted_plaintext.append(data)
payload = b"\x41" * 74
print(payload)
keystreams = [xor(enc, payload) for enc in encrypted_plaintext]
enc_flag = binascii.unhexlify(recv_until(b"\n").replace(b"\n",b"").split(b" ")[-1])
print(enc_flag)
dec_flags = [xor(keystream, enc_flag) for keystream in keystreams]
for flag in dec_flags:
if b'CSCG{' in flag:
print(flag)