주어진 소스는 다음과 같다.
source.py
import hashlib
import sys
def repeat(str1,length):
return (str1*(length//len(str1)+1))[:length]
def operation(str1,str2):
s=""
for ch1,ch2 in zip(str1,str2):
AopB = ~(ord(ch1)&ord(ch2))
s+=chr(~((~(ord(ch1)&AopB))&(~(ord(ch2)&AopB))))
return s
key = ""
plainText = "HAN_Was_sad_because_SKT1_LoST_THe_LOL_World_Cup"
plainText += key
plainText += hashlib.md5(plainText).hexdigest()
cipherText = operation(plainText,repeat(key,len(plainText)))
print(cipherText.encode('hex'))
# result is 03021a192c323b6f243e096c3d110b042a3e56316012754c140f3b152f0c1c783200217c132b3f0a2d215731702c51360817123d281b786708325e6c2b1c0d3a127e5d5d6a785c1c7b2064764c6b2b0167675d053912590766280508506b101e727b6c7f483278
주어진 평문과 암호 값을 통해 키 값을 알아내면 된다. operation 함수에서 평문과 키를 통해 비트 연산들을 수행하는데, 암호화 값을 생성할 때 평문과 키 값을 1바이트씩 1:1 매칭해서 암호화 값을 만들어내기 때문에 1자리씩 브포 돌려서 키 값을 구해주면 된다.
solve.py
import hashlib
import sys
def repeat(str1,length):
return (str1*(length//len(str1)+1))[:length]
def operation(str1,str2):
s=""
for ch1,ch2 in zip(str1,str2):
AopB = ~(ord(ch1)&ord(ch2))
s+=chr(~((~(ord(ch1)&AopB))&(~(ord(ch2)&AopB))))
return s
enc_data = "03021a192c323b6f243e096c3d110b042a3e56316012754c140f3b152f0c1c783200217c132b3f0a2d215731702c51360817123d281b786708325e6c2b1c0d3a127e5d5d6a785c1c7b2064764c6b2b0167675d053912590766280508506b101e727b6c7f483278"
plainText = "HAN_Was_sad_because_SKT1_LoST_THe_LOL_World_Cup"
flag = ""
for j in range(0,len(plainText)*2,2):
for i in range(0,127):
key = chr(i)
tmp = plainText[j/2]
tmp += key
tmp += hashlib.md5(tmp).hexdigest()
cipherText = operation(tmp,repeat(key,len(plainText)))
if cipherText.encode('hex')[0:2]==enc_data[j:j+2]:
flag += key
print flag
'Crypto & Network & Etc > Crypto Practice' 카테고리의 다른 글
Plaid CTF 2015 Strength (0) | 2019.11.11 |
---|---|
TokyoWesterns CTF 2019 baby_rsa (0) | 2019.11.11 |
HackZone VII 2019 CTF Legacy (0) | 2019.11.08 |
TG:Hack 2019 CTF Josefssons Final Exam (0) | 2019.11.07 |
RITSEC CTF 2018 Nobody uses the eggplant emoji (0) | 2019.11.07 |