38 lines
760 B
Python
38 lines
760 B
Python
from base64 import b64decode
|
|
import socket
|
|
from Crypto.Cipher import AES
|
|
|
|
server = '127.0.0.1'
|
|
port = 8000
|
|
|
|
chars = 'abcdefghijklmnopqrstuvwxyz01234567890ABCDEFGHIJKLMNOPQRSTUVWXYZ{}_'
|
|
flag_blocks = 2
|
|
block_size = 16
|
|
index = {}
|
|
|
|
flag = ''
|
|
|
|
for i in range(block_size-1, 1, -1):
|
|
for j in chars:
|
|
|
|
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
|
|
s.connect((server, port))
|
|
data = s.recv(4096)
|
|
s.send(('a'*i).encode('ascii'))
|
|
value = b64decode(s.recv(4096)).hex()[0:32]
|
|
s.close()
|
|
|
|
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
|
|
s.connect((server, port))
|
|
data = s.recv(4096)
|
|
s.send(('a'*i+flag+j).encode('ascii'))
|
|
test = b64decode(s.recv(4096)).hex()[0:32]
|
|
s.close()
|
|
|
|
if value == test:
|
|
flag += j
|
|
break
|
|
print(flag)
|
|
|
|
|