CTFs and solutions

fool-the-oracle-v2/attack.py

@@ -0,0 +1,108 @@
+#!/usr/bin/env python3
+from pwn import *
+
+HOST = "130.192.5.212"
+PORT = "6542"
+
+server = remote(HOST,PORT)
+sleepT = 0.1
+
+payload = b'A'*32
+flag = "CRYPTO25{ad3c6c1e-5cac-4c87-b5c3-a5dab511fee3}"
+firstBlock = b"CRYPTO25{ad3c6c1"
+secondBlock = b"e-5cac-4c87-b5c3"
+thirdBlock=b"-a5dab511fee3}"
+flagGuessed = b''
+"""for i in range(16):
+    # Create one pad block with the 5 random bytes
+    beforePad = b'A'*11
+    pad = b'A'*(16-(i+1))
+    fPayload = pad + flagGuessed
+    for guess in string.printable:
+        guess = bytes(guess,'utf-8')
+        server.send(b'enc\n')
+        sleep(sleepT)
+        server.recv(1024)
+        sleep(sleepT)
+        print(f"Payload len: {len(fPayload+guess)} Pad len: {len(pad)}")
+        toSend = beforePad+fPayload+guess+pad
+        print(f"Sending {toSend} with len {len(toSend)}")
+        server.send( toSend.hex())
+        server.send(b'\n')
+        sleep(sleepT)
+        #print(server.recv(1024))
+        ciphertext = server.recv(1024)
+        #print(f"Ciphertext:{ciphertext}")
+        ciphertext = bytes.fromhex(ciphertext.strip(b" >").split(b"\n")[0].decode('utf-8'))
+        if ciphertext[16:32] == ciphertext[32:48]:
+            print(f"Block1:{ciphertext[16:32]} Block2:{ciphertext[32:48]}")
+            print(f"Matched guess: {guess}")
+            flagGuessed += guess
+            print(f"Already Guessed: {flagGuessed}")
+            break
+        sleep(sleepT)
+            #ciphertext//AES.blocksize
+"""
+
+"""for i in range(16):
+    beforePad = b'A'*11
+    pad = firstBlock[(i+1):]
+    #pad =  b'A'*(16 - (len(flagGuessed)+1) )
+    fPayload =  pad + flagGuessed
+    #fPayload = b"A"*(16 - (len(fBlock+flagGuessed)+1) )+fBlock+flagGuessed
+    #fPayload = fBlock[(i+1):]+flagGuessed
+    for guess in string.printable:
+        guess = bytes(guess,'utf-8')
+        server.send(b'enc\n')
+        server.recv(1024)
+        sleep(sleepT)
+        #The second pad can be whatever
+        toSend = beforePad + fPayload+guess+pad
+        print(f"Payload len: {len(fPayload+guess)} Pad len: {len(pad)}")
+        print(f"Sending {toSend} with len {len(toSend)}")
+        server.send( toSend.hex())
+        server.send(b'\n')
+        sleep(sleepT)
+        #print(server.recv(1024))
+        ciphertext = server.recv(1024)
+        #print(f"Ciphertext:{ciphertext}")
+        ciphertext = bytes.fromhex(ciphertext.strip(b" >").split(b"\n")[0].decode('utf-8'))
+        if ciphertext[16:32] == ciphertext[48:64]:
+            print(f"Block1:{ciphertext[0:16]} Block2:{ciphertext[16:32]}")
+            print(f"Matched guess: {guess}")
+            flagGuessed += guess
+            print(f"Already Guessed: {flagGuessed}")
+            break
+        sleep(sleepT)
+            #ciphertext//AES.blocksize
+"""
+for i in range(16):
+    beforePad = b'A'*11
+    pad = secondBlock[(i+1):]
+    #pad =  b'A'*(16 - (len(flagGuessed)+1) )
+    fPayload =  pad + flagGuessed
+    #fPayload = b"A"*(16 - (len(fBlock+flagGuessed)+1) )+fBlock+flagGuessed
+    #fPayload = fBlock[(i+1):]+flagGuessed
+    for guess in string.printable:
+        guess = bytes(guess,'utf-8')
+        server.send(b'enc\n')
+        server.recv(1024)
+        sleep(sleepT)
+        #The second pad can be whatever
+        toSend = beforePad + fPayload+guess+pad
+        print(f"Payload len: {len(fPayload+guess)} Pad len: {len(pad)}")
+        print(f"Sending {toSend} with len {len(toSend)}")
+        server.send( toSend.hex())
+        server.send(b'\n')
+        sleep(sleepT)
+        #print(server.recv(1024))
+        ciphertext = server.recv(1024)
+        #print(f"Ciphertext:{ciphertext}")
+        ciphertext = bytes.fromhex(ciphertext.strip(b" >").split(b"\n")[0].decode('utf-8'))
+        if ciphertext[16:32] == ciphertext[64:80]:
+            print(f"Block1:{ciphertext[0:16]} Block2:{ciphertext[16:32]}")
+            print(f"Matched guess: {guess}")
+            flagGuessed += guess
+            print(f"Already Guessed: {flagGuessed}")
+            break
+        sleep(sleepT)

fool-the-oracle-v2/chall.py

@@ -0,0 +1,41 @@
+from Cryptodome.Cipher import AES
+from Cryptodome.Util.Padding import pad, unpad
+from Cryptodome.Random import get_random_bytes
+#from secret import flag
+flag = "puppa"
+assert (len(flag) == len("CRYPTO25{}") + 36)
+
+key = get_random_bytes(24)
+padding = get_random_bytes(5)
+flag = flag.encode()
+
+
+def encrypt() -> bytes:
+    data = bytes.fromhex(input("> ").strip())
+    payload = padding + data + flag
+
+    cipher = AES.new(key=key, mode=AES.MODE_ECB)
+    print(cipher.encrypt(pad(payload, AES.block_size)).hex())
+
+
+def main():
+    menu = \
+        "What do you want to do?\n" + \
+        "quit - quit the program\n" + \
+        "enc - encrypt something\n" + \
+        "help - show this menu again\n" + \
+        "> "
+
+    while True:
+        cmd = input(menu).strip()
+
+        if cmd == "quit":
+            break
+        elif cmd == "help":
+            continue
+        elif cmd == "enc":
+            encrypt()
+
+
+if __name__ == '__main__':
+    main()