hm0x14-ctf/ecb/crypto1/solution.py

from base64 import b64decode
import socket
from Crypto.Cipher import AES

server = '127.0.0.1'
port = 8000

chars = 'abcdefghijklmnopqrstuvwxyz01234567890ABCDEFGHIJKLMNOPQRSTUVWXYZ{}_'
flag_blocks = 2
block_size = 16
index = {}

flag = ''

for i in range(block_size-1, 1, -1):
	for j in chars:
		
		s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
		s.connect((server, port))
		data = s.recv(4096) 
		s.send(('a'*i).encode('ascii'))
		value = b64decode(s.recv(4096)).hex()[0:32]
		s.close()

		s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
		s.connect((server, port))
		data = s.recv(4096) 
		s.send(('a'*i+flag+j).encode('ascii'))
		test = b64decode(s.recv(4096)).hex()[0:32]
		s.close()

		if value == test:
			flag += j
			break
	print(flag)
Import 2019-05-14 16:29:52 +02:00			`from base64 import b64decode`
			`import socket`
			`from Crypto.Cipher import AES`

			`server = '127.0.0.1'`
			`port = 8000`

			`chars = 'abcdefghijklmnopqrstuvwxyz01234567890ABCDEFGHIJKLMNOPQRSTUVWXYZ{}_'`
			`flag_blocks = 2`
			`block_size = 16`
			`index = {}`

			`flag = ''`

			`for i in range(block_size-1, 1, -1):`
			`for j in chars:`

			`s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)`
			`s.connect((server, port))`
			`data = s.recv(4096)`
			`s.send(('a'*i).encode('ascii'))`
			`value = b64decode(s.recv(4096)).hex()[0:32]`
			`s.close()`

			`s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)`
			`s.connect((server, port))`
			`data = s.recv(4096)`
			`s.send(('a'*i+flag+j).encode('ascii'))`
			`test = b64decode(s.recv(4096)).hex()[0:32]`
			`s.close()`

			`if value == test:`
			`flag += j`
			`break`
			`print(flag)`