#!/usr/bin/env python3
from Cryptodome.Cipher import ChaCha20
from Cryptodome.Random import get_random_bytes
from Cryptodome.Util.number import long_to_bytes, bytes_to_long
import time
from random import randint
from pwn import *
import base64
import requests
import time
from requests.utils import cookiejar_from_dict
LOGIN ="http://130.192.5.212:6522/login"
FLAG = "http://130.192.5.212:6522/flag"

#LOGIN="http://127.0.0.1:5000/login"
#FLAG="http://127.0.0.1:5000/flag"
# expire = 1.748.345.396
PARAMS = {"username":'aa','admin':1}
givenTime = int(time.time())

minAdminDate = givenTime - 10 * 24 * 60 * 60
maxAdminDate = givenTime - 259 * 24 * 60 * 60
avgAdminDate = int((minAdminDate + maxAdminDate)/2)
expire_date = givenTime + 30 * 24 * 60 * 60
eMin = expire_date - minAdminDate
eMax = expire_date - maxAdminDate
eAvg = (eMin+eMax) / 2
plaintext = f"username={PARAMS['username']}&expires={expire_date}&admin={PARAMS['admin']}"
plaintext = plaintext.encode()
s = requests.Session()
r = s.get(url=LOGIN,params=PARAMS)
cookie= r.json()['cookie']
cookie = long_to_bytes(cookie)
print(f"Cookie encrypted len:{len(cookie)}, Plaintext len:{len(plaintext)}")
nonce = r.json()['nonce']

ks = bytes([c ^ p for c,p in zip(cookie, plaintext)])

print(f"Keystream len:{len(ks)}")
for i in range(1):

    payload = f"username={PARAMS['username']}&expires={maxAdminDate + 295 * 24 * 60 * 60}&admin={1}".encode()

    cookie = bytes([p ^ k for p,k in zip(payload,ks)])
    print(f"Malicious cookie len:{len(cookie)}")
    COOKIES = {'cookie':bytes_to_long(cookie),'nonce':nonce}
    f = s.get(url=FLAG,params=COOKIES)
    print(f.text)

##########