#!/usr/bin/env python3 from pwn import * HOST = "130.192.5.212" PORT = "6542" server = remote(HOST,PORT) sleepT = 0.1 payload = b'A'*32 flag = "CRYPTO25{ad3c6c1e-5cac-4c87-b5c3-a5dab511fee3}" firstBlock = b"CRYPTO25{ad3c6c1" secondBlock = b"e-5cac-4c87-b5c3" thirdBlock=b"-a5dab511fee3}" flagGuessed = b'' """for i in range(16): # Create one pad block with the 5 random bytes beforePad = b'A'*11 pad = b'A'*(16-(i+1)) fPayload = pad + flagGuessed for guess in string.printable: guess = bytes(guess,'utf-8') server.send(b'enc\n') sleep(sleepT) server.recv(1024) sleep(sleepT) print(f"Payload len: {len(fPayload+guess)} Pad len: {len(pad)}") toSend = beforePad+fPayload+guess+pad print(f"Sending {toSend} with len {len(toSend)}") server.send( toSend.hex()) server.send(b'\n') sleep(sleepT) #print(server.recv(1024)) ciphertext = server.recv(1024) #print(f"Ciphertext:{ciphertext}") ciphertext = bytes.fromhex(ciphertext.strip(b" >").split(b"\n")[0].decode('utf-8')) if ciphertext[16:32] == ciphertext[32:48]: print(f"Block1:{ciphertext[16:32]} Block2:{ciphertext[32:48]}") print(f"Matched guess: {guess}") flagGuessed += guess print(f"Already Guessed: {flagGuessed}") break sleep(sleepT) #ciphertext//AES.blocksize """ """for i in range(16): beforePad = b'A'*11 pad = firstBlock[(i+1):] #pad = b'A'*(16 - (len(flagGuessed)+1) ) fPayload = pad + flagGuessed #fPayload = b"A"*(16 - (len(fBlock+flagGuessed)+1) )+fBlock+flagGuessed #fPayload = fBlock[(i+1):]+flagGuessed for guess in string.printable: guess = bytes(guess,'utf-8') server.send(b'enc\n') server.recv(1024) sleep(sleepT) #The second pad can be whatever toSend = beforePad + fPayload+guess+pad print(f"Payload len: {len(fPayload+guess)} Pad len: {len(pad)}") print(f"Sending {toSend} with len {len(toSend)}") server.send( toSend.hex()) server.send(b'\n') sleep(sleepT) #print(server.recv(1024)) ciphertext = server.recv(1024) #print(f"Ciphertext:{ciphertext}") ciphertext = bytes.fromhex(ciphertext.strip(b" >").split(b"\n")[0].decode('utf-8')) if ciphertext[16:32] == ciphertext[48:64]: print(f"Block1:{ciphertext[0:16]} Block2:{ciphertext[16:32]}") print(f"Matched guess: {guess}") flagGuessed += guess print(f"Already Guessed: {flagGuessed}") break sleep(sleepT) #ciphertext//AES.blocksize """ for i in range(16): beforePad = b'A'*11 pad = secondBlock[(i+1):] #pad = b'A'*(16 - (len(flagGuessed)+1) ) fPayload = pad + flagGuessed #fPayload = b"A"*(16 - (len(fBlock+flagGuessed)+1) )+fBlock+flagGuessed #fPayload = fBlock[(i+1):]+flagGuessed for guess in string.printable: guess = bytes(guess,'utf-8') server.send(b'enc\n') server.recv(1024) sleep(sleepT) #The second pad can be whatever toSend = beforePad + fPayload+guess+pad print(f"Payload len: {len(fPayload+guess)} Pad len: {len(pad)}") print(f"Sending {toSend} with len {len(toSend)}") server.send( toSend.hex()) server.send(b'\n') sleep(sleepT) #print(server.recv(1024)) ciphertext = server.recv(1024) #print(f"Ciphertext:{ciphertext}") ciphertext = bytes.fromhex(ciphertext.strip(b" >").split(b"\n")[0].decode('utf-8')) if ciphertext[16:32] == ciphertext[64:80]: print(f"Block1:{ciphertext[0:16]} Block2:{ciphertext[16:32]}") print(f"Matched guess: {guess}") flagGuessed += guess print(f"Already Guessed: {flagGuessed}") break sleep(sleepT)