emln/crypto2025
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
aa0fe54b3bf8331c174c7be107fcfa2b67f2322a
crypto2025/forge-a-cookie/chall.py
emln aa0fe54b3b CTFs and solutions
2025-04-27 19:24:27 +02:00

81 lines
2.1 KiB
Python
Raw Blame History

from Cryptodome.Cipher import ChaCha20
from Cryptodome.Random import get_random_bytes
#from secret import flag
import json
import base64
key = get_random_bytes(32)
def make_cipher():
nonce = get_random_bytes(12)
cipher = ChaCha20.new(key=key, nonce=nonce)
return nonce, cipher
def get_user_token(name):
nonce, cipher = make_cipher()
token = json.dumps({
"username": name
})
#token = json.dumps({
# "admin": True
#})
print(f"{token.encode()}")
enc_token = cipher.encrypt(token.encode())
print(f"ENC_TOKEN:{enc_token}, NONCE:{nonce}")
return f"{base64.b64encode(nonce).decode()}.{base64.b64encode(enc_token).decode()}"
def check_user_token(token):
nonce, token = token.split(".")
#It uses the nonce from the token
nonce = base64.b64decode(nonce)
print(f"CHECK NONCE {nonce} TOKEN {base64.b64decode(token)}")
#Uses the same KEY used at the beginning
#cipher = ChaCha20.new(key=key, nonce=nonce)
cipher = ChaCha20.new(key=key, nonce=nonce)
#Obtain from the token and the nonce the key used
#at the beginning forge new cookie enjoy
dec_token = cipher.decrypt(base64.b64decode(token))
user = json.loads(dec_token)
print(user.get("admin",False))
if user.get("admin", False) == True:
return True
else:
return False
def get_flag(token):
#token = input("What is your token?\n> ").strip()
if check_user_token(token):
print("You are admin!")
print(f"This is your flag!\nPUPPA")
else:
print("HEY! WHAT ARE YOU DOING!?")
exit(1)
if __name__ == "__main__":
name = input("Hi, please tell me your name!\n> ").strip()
token = get_user_token(name)
print("This is your token: " + token)
menu = \
"What do you want to do?\n" + \
"quit - quit the program\n" + \
"help - show this menu again\n" + \
"flag - get the flag\n" + \
"> "
while True:
cmd = input(menu).strip()
if cmd == "quit":
break
elif cmd == "help":
continue
elif cmd == "flag":
#check_user_token(token)
get_flag(token)
Reference in New Issue View Git Blame Copy Permalink