Oracle Attack
from Crypto.Util.number import *
from pwn import *
def proof_of_work():
rev = r.recvuntil(b"sha256(XXXX+")
suffix = r.recv(16).decode()
rev = r.recvuntil(b" == ")
tar = r.recv(64).decode()
def f(x):
hashresult = hashlib.sha256(x.encode() + suffix.encode()).hexdigest()
return hashresult == tar
prefix = util.iters.mbruteforce(f, string.digits + string.ascii_letters, 4, 'upto')
r.recvuntil(b'Give me XXXX:')
r.sendline(prefix.encode())
while True:
r = remote('node4.anna.nssctf.cn', 28101)
proof_of_work()
r.recvuntil(b'Welcome to the guess system!')
r.recvuntil(b'N = ')
n = int(r.recvline().decode().strip())
e = 65537
r.recvuntil(b'Your enc flag:')
c = int(r.recvline().decode().strip())
flag=''
cipher=c
e1=pow(2,e,n)
from tqdm import tqdm
for i in tqdm(range(500)):
cipher= c*pow(2,i*e,n)%n
cx=hex(cipher)[2:]
r.sendlineafter(b'Your guess:','0')
r.sendlineafter(b'Your cipher (hex):',cx)
a=r.recvline().decode()
if 'Lost' in a:
flag+='1'
elif 'Win' in a:
flag+='0'
print(flag)
r.close()
a=''
for j in range(8):
m=[]
for i in range(j,len(a),8):
m.append(int(a[i:i+8],2))
print(bytes(m))
from pwn import *
import hashlib
#-892f-7d399e38dccd
#9a3-892f-7d399e38dccd}
#c-ba17-49a3-892f-7d39
s1='flag{'
suffix='c-ba17-49a3-892f-7d399e38dccd}'
tar=b'036b0c98ee6b1bdcaa86d36586ffdd660504f536db04fe0631f68f1bea2eec7a'
import hashlib
import itertools
import hmac
from tqdm import tqdm
key = '036b0c98ee6b1bdcaa86d36586ffdd660504f536db04fe0631f68f1bea2eec7a'
dir = '1234567890abcdef'
dir_list = itertools.product(dir, repeat=7)
for j in tqdm(dir_list):
m=s1+''.join(j) + suffix
hash = hashlib.sha256()
hash.update(bytes(m, encoding='utf-8'))
res = hash.hexdigest()
if res[0:32] == key[0:32]:
print(j)
print(res)
exit(0)
加载中...