ALL the CTFS of Crypto2025 finally

2025-06-02 19:35:30 +02:00
parent aa0fe54b3b
commit 50c18f35b9
442 changed files with 1743 additions and 8 deletions
--- a/crypto-simmetric/guess-mode-one-shot/main.py
+++ b/crypto-simmetric/guess-mode-one-shot/main.py
@ -0,0 +1,66 @@
+import os
+
+os.environ['PWNLIB_NOTERM'] = 'True'
+os.environ['PWNLIB_SILENT'] = 'True'
+
+#The python script consider two bytes sent as one (Ex aa is \xaa so one byte) the same thing on the otp received.
+from pwn import *
+from Cryptodome.Cipher import AES
+
+
+from Cryptodome.Random import get_random_bytes
+import random
+############################
+BLOCK_SIZE = AES.block_size
+BLOCK_SIZE_HEX = 2*BLOCK_SIZE
+############################
+HOST = "130.192.5.212"
+PORT = "6531"
+server = remote(HOST, PORT)
+############################
+for i in range(128):
+    print("-"*10+f"{i}"+"-"*10)
+    print(f"{server.recvuntil(b'\n')}")
+    otp = server.recvuntil(b'\n').split(b':')[1].strip()
+    print(f"Received OTP:{otp}")
+    sleep(0.1)
+    otp_bytes = bytes.fromhex(otp.decode('utf-8'))
+    print(f"OTP bytes len:{len(otp_bytes)}")
+    prepayload = b"A"*32 # Remember to send newline
+    payload = bytes([p ^ o for p, o in zip(prepayload,otp_bytes)])
+    ############################
+    hex_string = ""
+    for byte in payload:
+        hex_string += f'{byte:02x}'
+    print(f"hexstring len:{len(hex_string)}")
+    #############################
+    server.send(hex_string)
+    server.send(b'\n')
+    # "Input:"
+    print(f"{server.recv(6)}")
+    sleep(0.1)
+    ciphertext = server.recvuntil(b'\n').split(b'\n')[0].split(b':')[1].strip()
+    sleep(0.1)
+    ###########################
+    ciphertext_hex = ciphertext.hex()
+
+    print(f"Ciphertext obtained len:{len(ciphertext)} AES_block_size:{AES.block_size}")
+
+    for i in range(0,int(len(ciphertext_hex)//BLOCK_SIZE_HEX)):
+        print(ciphertext_hex[i*BLOCK_SIZE_HEX:(i+1)*BLOCK_SIZE_HEX])
+    #Check if two blocks are equal
+    print("Selected mode is", end=' ')
+    if ciphertext[0:32] == ciphertext[32:64] :
+        server.send("ECB")
+        print("ECB")
+    else:
+        server.send("CBC")
+        print("CBC")
+    server.send(b'\n')
+    print(f"{server.recvuntil(b'\n')}")
+    sleep(0.1)
+    print(f"Should be 'Ok Next':{server.recvuntil(b'\n')}")
+    print("-"*10+"-"*10)
+    #print(f"{server.recv(1024)}")
+    #print(f"{server.recv(1024)}")
+print(f"FLAG:{server.recv(1024)}")