ALL the CTFS of Crypto2025 finally

2025-06-02 19:35:30 +02:00
parent aa0fe54b3b
commit 50c18f35b9
442 changed files with 1743 additions and 8 deletions
--- a/crypto-simmetric/guess-mode-one-shot/ECBvsCBCClient.py
+++ b/crypto-simmetric/guess-mode-one-shot/ECBvsCBCClient.py
@ -0,0 +1,46 @@
+import os
+os.environ['PWNLIB_NOTERM'] = 'True'  # Configuration patch to allow pwntools to be run inside of an IDE
+os.environ['PWNLIB_SILENT'] = 'True'
+
+from pwn import *
+from math import ceil
+from Cryptodome.Cipher import AES
+
+#from myconfig import HOST,PORT
+
+
+
+BLOCK_SIZE = AES.block_size
+BLOCK_SIZE_HEX = 2*BLOCK_SIZE
+
+HOST = "130.192.5.212"
+PORT = "6531" 
+
+server = remote(HOST, PORT)
+
+# stole from the server code...
+# message = "This is what I received: " + msg + " -- END OF MESSAGE"
+start_str = "This is what I received: "
+# print(len(start_str))
+pad_len = ceil(len(start_str)/BLOCK_SIZE)*BLOCK_SIZE-len(start_str)
+
+msg = b"A"*(16*2+pad_len) #2 * AES.block_size + oad_len
+print("Sending: "+str(msg))
+server.send(msg)
+
+
+ciphertext = server.recv(1024)
+ciphertext_hex = ciphertext.hex()
+print(ciphertext_hex)
+
+server.close()
+
+for i in range(0,int(len(ciphertext_hex)//BLOCK_SIZE_HEX)):
+    print(ciphertext_hex[i*BLOCK_SIZE_HEX:(i+1)*BLOCK_SIZE_HEX])
+
+
+print("Selected mode is", end=' ')
+if ciphertext[2*BLOCK_SIZE:3*BLOCK_SIZE] == ciphertext[3*BLOCK_SIZE:4*BLOCK_SIZE] :
+    print("ECB")
+else:
+    print("CBC")
--- a/crypto-simmetric/guess-mode-one-shot/chall.py
+++ b/crypto-simmetric/guess-mode-one-shot/chall.py
@ -0,0 +1,61 @@
+# see note info on smartphone
+
+from Cryptodome.Cipher import AES
+from Cryptodome.Random import get_random_bytes
+#from secret import flag
+import random
+
+modes_mapping = {
+    "ECB": AES.MODE_ECB,
+    "CBC": AES.MODE_CBC
+}
+
+
+class RandomCipherRandomMode():
+    def __init__(self):
+        modes = [AES.MODE_ECB, AES.MODE_CBC]
+        self.mode = random.choice(modes)
+        self.key = get_random_bytes(32)
+        if self.mode == AES.MODE_ECB:
+            self.iv = None
+            self.cipher = AES.new(key=self.key, mode=self.mode)
+        else:
+            self.iv = get_random_bytes(16)
+            self.cipher = AES.new(key=self.key, iv=self.iv, mode=self.mode)
+
+    def encrypt(self, data):
+        return self.cipher.encrypt(data)
+
+    def decrypt(self, data):
+        return self.cipher.decrypt(data)
+
+
+def main():
+
+    for i in range(128):
+        cipher = RandomCipherRandomMode()
+
+        print(f"Challenge #{i}")
+
+        otp = get_random_bytes(32)
+        print(f"The otp I'm using: {otp.hex()}")
+        data = bytes.fromhex(input("Input: ").strip())
+        if len(data) != 32:
+            print("Data must be 32 bytes long")
+            return
+
+        data = bytes([d ^ o for d, o in zip(data, otp)])
+        print(f"Output: {cipher.encrypt(data).hex()}")
+
+        mode_test = input(f"What mode did I use? (ECB, CBC)\n")
+        if mode_test in modes_mapping.keys() and modes_mapping[mode_test] == cipher.mode:
+            print("OK, next")
+        else:
+            print("Wrong, sorry")
+            return
+
+    print(f"The flag is: puppa")
+
+
+if __name__ == "__main__":
+    main()
--- a/crypto-simmetric/guess-mode-one-shot/main.py
+++ b/crypto-simmetric/guess-mode-one-shot/main.py
@ -0,0 +1,66 @@
+import os
+
+os.environ['PWNLIB_NOTERM'] = 'True'
+os.environ['PWNLIB_SILENT'] = 'True'
+
+#The python script consider two bytes sent as one (Ex aa is \xaa so one byte) the same thing on the otp received.
+from pwn import *
+from Cryptodome.Cipher import AES
+
+
+from Cryptodome.Random import get_random_bytes
+import random
+############################
+BLOCK_SIZE = AES.block_size
+BLOCK_SIZE_HEX = 2*BLOCK_SIZE
+############################
+HOST = "130.192.5.212"
+PORT = "6531"
+server = remote(HOST, PORT)
+############################
+for i in range(128):
+    print("-"*10+f"{i}"+"-"*10)
+    print(f"{server.recvuntil(b'\n')}")
+    otp = server.recvuntil(b'\n').split(b':')[1].strip()
+    print(f"Received OTP:{otp}")
+    sleep(0.1)
+    otp_bytes = bytes.fromhex(otp.decode('utf-8'))
+    print(f"OTP bytes len:{len(otp_bytes)}")
+    prepayload = b"A"*32 # Remember to send newline
+    payload = bytes([p ^ o for p, o in zip(prepayload,otp_bytes)])
+    ############################
+    hex_string = ""
+    for byte in payload:
+        hex_string += f'{byte:02x}'
+    print(f"hexstring len:{len(hex_string)}")
+    #############################
+    server.send(hex_string)
+    server.send(b'\n')
+    # "Input:"
+    print(f"{server.recv(6)}")
+    sleep(0.1)
+    ciphertext = server.recvuntil(b'\n').split(b'\n')[0].split(b':')[1].strip()
+    sleep(0.1)
+    ###########################
+    ciphertext_hex = ciphertext.hex()
+
+    print(f"Ciphertext obtained len:{len(ciphertext)} AES_block_size:{AES.block_size}")
+
+    for i in range(0,int(len(ciphertext_hex)//BLOCK_SIZE_HEX)):
+        print(ciphertext_hex[i*BLOCK_SIZE_HEX:(i+1)*BLOCK_SIZE_HEX])
+    #Check if two blocks are equal
+    print("Selected mode is", end=' ')
+    if ciphertext[0:32] == ciphertext[32:64] :
+        server.send("ECB")
+        print("ECB")
+    else:
+        server.send("CBC")
+        print("CBC")
+    server.send(b'\n')
+    print(f"{server.recvuntil(b'\n')}")
+    sleep(0.1)
+    print(f"Should be 'Ok Next':{server.recvuntil(b'\n')}")
+    print("-"*10+"-"*10)
+    #print(f"{server.recv(1024)}")
+    #print(f"{server.recv(1024)}")
+print(f"FLAG:{server.recv(1024)}")