35 lines
1.1 KiB
Python
35 lines
1.1 KiB
Python
#!/usr/bin/env python3
|
|
|
|
from pwn import *
|
|
import random
|
|
from Cryptodome.Cipher import ChaCha20
|
|
from Cryptodome.Util.number import long_to_bytes
|
|
|
|
HOST = "130.192.5.212"
|
|
PORT = "6561"
|
|
#Using the same seed I generate the same random numbers
|
|
#in the same order
|
|
# Repeating a nonce with the same key
|
|
# reveals the XOR of two different messages, which allows decryption.
|
|
seed = 123
|
|
nlen = 12*8
|
|
random.seed(seed)
|
|
nonce = random.getrandbits(nlen)
|
|
print(f"Nonce:{nonce}")
|
|
random.seed(seed)
|
|
nonce1 = random.getrandbits(nlen)
|
|
#Use this nonce
|
|
print(f"Nonce1:{nonce1}")
|
|
print(long_to_bytes(nonce1).hex())
|
|
# Used nonce
|
|
flag="81d36783bb44a32f060a30aa0551f71c12d81a888dfdd8c317dd3afd0905db796357dbb8642a2c9eae2ab1db2eb7"
|
|
flag = bytes.fromhex(flag)
|
|
amsg="83c07f92ae4ad05b3c7e10dd7472856c63b43df8f588b4b660aa4a917170ab5a0f73fb9b120e5ce78b08c0ad5c8b"
|
|
amsg = bytes.fromhex(amsg)
|
|
apayload = b'A'*46
|
|
ks = bytes(m ^ a for m,a in zip(amsg,apayload))
|
|
fflag = bytes(f ^ k for f,k in zip(flag,ks))
|
|
print(fflag)
|
|
#ks= bytes([f ^ a for f,a in zip(bytes.fromhex(b'A'*46),bytes.fromhex(amsg))])
|
|
#print(bytes([f ^ a for f,a in zip(flag,ks)]))
|