CTFs and solutions

2025-04-27 19:24:27 +02:00
commit aa0fe54b3b
426 changed files with 2756 additions and 0 deletions
--- a/fool-the-oracle-v3/attack.py
+++ b/fool-the-oracle-v3/attack.py
@ -0,0 +1,81 @@
+#!/usr/bin/env python3
+from pwn import *
+
+HOST = "130.192.5.212"
+PORT = "6543"
+
+server = remote(HOST,PORT)
+sleepT = 0.1
+
+firstBlock=b"CRYPTO25{e3ab216"
+#If the pad generated is correct the second and third block are equal
+#Then I guessed the random pad
+for i in range(16):
+  pad=b'A'*i
+  secondBlock=b'B'*16
+  thirdBlock=b'B'*16
+  server.send(b'enc\n')
+  server.recv(1024)
+  sleep(sleepT)
+  #The second pad can be whatever
+  toSend = pad + secondBlock + thirdBlock
+  print(f"Sending {toSend} with len {len(toSend)}")
+  server.send( toSend.hex())
+  server.send(b'\n')
+  sleep(sleepT)
+  ciphertext = server.recv(1024)
+  ciphertext = bytes.fromhex(ciphertext.strip(b" >").split(b"\n")[0].decode('utf-8'))
+  if ciphertext[16:32] == ciphertext[32:48]:
+      PAD_NUM=i
+      print(f"Found the right padding num:{PAD_NUM}")
+      break
+firstBlock=b"CRYPTO25{e3ab216"
+secondBlock="9-39d5-43aa-bde7"
+thirdBlock="-02286c2e2e56}"
+flag="CRYPTO25{e3ab2169-39d5-43aa-bde7-02286c2e2e56}"
+#lastBlock=b'A'*16
+lastBlock=firstBlock
+flagGuessed=b''
+#beginning=32
+#end=48
+beginning=48
+end=64
+flag=b''
+
+for j in range(1,3):
+    print(f"{'-'*5} Finding block n:{j+1} {'-'*5}")
+    for i in range(16):
+        beforePad = b'A'*PAD_NUM
+        pad = lastBlock[(i+1):]
+        #pad =  b'A'*(16 - (len(flagGuessed)+1) )
+        fPayload =  pad + flagGuessed
+        for guess in string.printable:
+            guess = bytes(guess,'utf-8')
+            server.send(b'enc\n')
+            server.recv(1024)
+            sleep(sleepT)
+            #The second pad can be whatever
+            toSend = beforePad + fPayload+guess+pad
+            print(f"Payload len: {len(fPayload+guess)} Pad len: {len(pad)}")
+            print(f"Sending {toSend} with len {len(toSend)}")
+            server.send( toSend.hex())
+            server.send(b'\n')
+            sleep(sleepT)
+            ciphertext = server.recv(1024)
+            ciphertext = bytes.fromhex(ciphertext.strip(b" >").split(b"\n")[0].decode('utf-8'))
+            if ciphertext[16:32] == ciphertext[beginning:end]:
+                #print(f"Block1:{ciphertext[0:16]} Block2:{ciphertext[16:32]}")
+                print(f"Matched guess: {guess}")
+                flagGuessed += guess
+                print(f"Already Guessed: {flagGuessed}")
+                break
+            sleep(sleepT)
+    lastBlock=flagGuessed
+    flag+=lastBlock
+    print(f"Entire block guessed:{lastBlock}")
+    flagGuessed=b''
+    beginning+=16
+    end+=16
+    if(b'}' in flagGuessed):
+        break
+print(flag)
--- a/fool-the-oracle-v3/chall.py
+++ b/fool-the-oracle-v3/chall.py
@ -0,0 +1,42 @@
+from Crypto.Cipher import AES
+from Crypto.Util.Padding import pad, unpad
+from Crypto.Random import get_random_bytes
+from random import randint
+from secret import flag
+
+assert (len(flag) == len("CRYPTO25{}") + 36)
+
+key = get_random_bytes(24)
+padding = get_random_bytes(randint(1, 15))
+flag = flag.encode()
+
+
+def encrypt() -> bytes:
+    data = bytes.fromhex(input("> ").strip())
+    payload = padding + data + flag
+
+    cipher = AES.new(key=key, mode=AES.MODE_ECB)
+    print(cipher.encrypt(pad(payload, AES.block_size)).hex())
+
+
+def main():
+    menu = \
+        "What do you want to do?\n" + \
+        "quit - quit the program\n" + \
+        "enc - encrypt something\n" + \
+        "help - show this menu again\n" + \
+        "> "
+
+    while True:
+        cmd = input(menu).strip()
+
+        if cmd == "quit":
+            break
+        elif cmd == "help":
+            continue
+        elif cmd == "enc":
+            encrypt()
+
+
+if __name__ == '__main__':
+    main()