emln/crypto2025
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
50c18f35b97af9fbdb1f94c7f24245e6bf13b40d
crypto2025/crypto-simmetric/guess-mode-double-shot/attack.py
emln 50c18f35b9 ALL the CTFS of Crypto2025 finally
2025-06-02 19:35:30 +02:00

48 lines
1.1 KiB
Python
Raw Blame History

#!/usr/bin/env python3
from pwn import *
HOST = "130.192.5.212"
PORT = "6532"
server = remote(HOST, PORT)
sleepT = 0.5
# Different IV when CBC therefore different encryption?
for i in range(128):
print('-'*20)
print(server.recv(1024))
payload = (b'A'*32).hex()
server.send(payload)
server.send('\n')
sleep(sleepT)
enc = server.recv(1024).split(b":")[1].split(b'\n')[0].strip()
print(f"Encryption1:{enc}")
enc = bytes.fromhex(enc.decode('utf-8'))
sleep(sleepT)
#payload2 = bytes([d1 ^ e1 for d1, e1 in zip(b'A'*32, enc)])
payload2 = (b'A'*32).hex()
#print(payload2)
#payload2= (b'B'*32).hex()
server.send(payload2)
server.send('\n')
sleep(sleepT)
enc2 = server.recv(1024).split(b":")[1].split(b'\n')[0].strip()
#print(enc)
print(f"Encryption2:{enc2}")
enc2 = bytes.fromhex(enc2.decode('utf-8'))
sleep(sleepT)
if(enc==enc2):
print("ECB")
server.send(b"ECB")
server.send("\n")
else:
print("CBC")
server.send(b"CBC")
server.send("\n")
sleep(sleepT)
#print(server.recv(1024))
sleep(sleepT)
print(server.recv(1024))
Reference in New Issue View Git Blame Copy Permalink