Skip to content

Latest commit

 

History

History
260 lines (249 loc) · 6.5 KB

README.md

File metadata and controls

260 lines (249 loc) · 6.5 KB
from pwn import *
from math import log

host, port = "crypto.zh3r0.cf", 1111

r = remote(host, port)
r.send("")
# Level 0
def level0(passed):
	print("Level 0")
	if not passed:
		r.recvuntil("Level: 1, encrypted flag: ")
		ef1 = r.recvline().decode()[:-1]
		r.recvuntil(">>> ")
		f1 = ""
		for i in range(0, len(ef1), 2):
			byte = int(ef1[i:i + 2], 16)
			byte -= 1
			f1 += hex(byte)[2:]
		print(f1)
		assert len(f1) == len(ef1)
		r.sendline("2")
		r.recvuntil("flag in hex:")
		r.sendline(f1)
	else:
		r.recvuntil(">>> ")
		r.sendline("2")
		r.recvuntil("flag in hex:")
		r.sendline("68656c6c6f20776f726c6421204c6574732067657420676f696e67")


# Level 1
def level1(passed):
	print("Level 1")
	if not passed:
		r.recvuntil("Level: 1, encrypted flag: ")
		ef1 = r.recvline().decode()[:-1]
		r.recvuntil(">>> ")
		f1 = hex(int(ef1))[2:]
		print(f1)
		r.sendline("2")
		r.recvuntil("flag in hex:")
		r.sendline(f1)
	else:
		r.recvuntil(">>> ")
		r.sendline("2")
		r.recvuntil("flag in hex:")
		r.sendline("4e6f7468696e672066616e63792c206a757374207374616e646172642062797465735f746f5f696e74")

# Level 2
def level2(passed):
	print("Level 2")
	if not passed:
		r.recvuntil("Level: 2, encrypted flag: ")
		ef2 = r.recvline().decode()[:-1]
		table = [""]*256
		for i in range(256):
			r.recvuntil(">>> ")
			r.sendline("1")
			r.recvuntil("message in hex:")
			r.sendline(hex(i)[2:].zfill(2))
			key = int(r.recvline().decode()[:-1], 16)
			table[key] = hex(i)[2:].zfill(2)
			print(i)
		f2 = ""
		for i in range(0, len(ef2), 2):
			f2 += table[int(ef2[i:i + 2], 16)]
		assert len(f2) == len(ef2)
		print(f2)
		r.sendline("2")
		r.recvuntil("flag in hex:")
		r.sendline(f2)
	else:
		r.recvuntil(">>> ")
		r.sendline("2")
		r.recvuntil("flag in hex:")
		r.sendline("6d6f6e6f20737562737469747574696f6e73206172656e742074686174206372656174697665")

# Level 3
def level3(passed):
	print("Level 3")
	if not passed:
		r.recvuntil("Level: 3, encrypted flag: ")
		ef3 = r.recvline().decode()[:-1]
		f3 = ""
		for i in range(0, len(ef3), 2):
			byte = ef3[i:i + 2]
			buff = "00" * (i // 2)
			for j in range(256):
				r.recvuntil(">>> ")
				r.sendline("1")
				r.recvuntil("message in hex:")
				r.sendline(buff + hex(j)[2:].zfill(2))
				target = r.recvline().decode()[:-1][-2:]
				if target == byte:
					f3 += hex(j)[2:].zfill(2)
					break
			print(i)
			print("flag so far: ", f3)
		assert len(f3) == len(ef3)
		print(f3)
		r.sendline("2")
		r.recvuntil("flag in hex:")
		r.sendline(f3)
	else:
		r.recvuntil(">>> ")
		r.sendline("2")
		r.recvuntil("flag in hex:")
		r.sendline("6372656174696e6720646966666572656e7420737562737469747574696f6e7320666f7220656163682063686172")

# Level 4
def level4(passed):
	print("Level 4")
	if not passed:
		r.recvuntil("Level: 4, encrypted flag: ")
		ef4 = r.recvline().decode()[:-1]
		f4 = ""
		table = {}
		for n in range(256):
			for i in range(3):
				r.recvuntil(">>> ")
				r.sendline("1")
				r.recvuntil("message in hex:")
				r.sendline(hex(n)[2:].zfill(2) * 512)
				res = r.recvline().decode()[:-1]
				for j in range(0, len(res), 4):
					block = res[j:j + 4]
					if block not in table:
						table[block] = hex(n)[2:].zfill(2)
		for i in range(0, len(ef4), 4):
			block = ef4[i:i + 4]
			f4 += table[block]
		print(f4)
		assert len(f4) == len(ef4) // 2
		r.sendline("2")
		r.recvuntil("flag in hex:")
		r.sendline(f4)
	else:
		r.recvuntil(">>> ")
		r.sendline("2")
		r.recvuntil("flag in hex:")
		r.sendline("476c6164207468617420796f752066696775726564206f75742074686520696e76617269616e74")

# Level 5
def level5(passed):
	print("Level 5")
	if not passed:
		r.recvuntil("Level: 5, encrypted flag: ")
		ef5 = r.recvline().decode()[:-1]
		f5 = ""
		base = ef5[-10:]
		for i in range(0, len(ef5) - 10, 10):
			block = ef5[i:i + 10]
			for j in range(0, len(block), 2):
				diff = int(base[j:j + 2], 16) ^ int(block[j:j + 2], 16)
				if diff in range(32, 128):
					f5 += hex(diff)[2:].zfill(2)
				else:
					break
		r.recvuntil(">>> ")
		r.sendline("2")
		r.recvuntil("flag in hex:")
		r.sendline(f5)
	else:
		r.recvuntil(">>> ")
		r.sendline("2")
		r.recvuntil("flag in hex:")
		r.sendline("4865726520776520617070656e6420746865206b6579207769746820796f757220736869742c20706c6561736520646f6e742074656c6c20616e796f6e65")

# Level 6
def level6(passed):
	print("Level 6")
	if not passed:
		r.recvuntil("Level: 6, encrypted flag: ")
		ef6= int(r.recvline().decode()[:-1])
		print(ef6)
		pay = "10"
		payint = int(pay, 16)
		r.recvuntil(">>> ")
		r.sendline("1")
		r.recvuntil("message in hex:")
		r.sendline(pay)
		res = r.recvline()[:-1].decode()
		while payint**3 == int(res):
			pay += "00"
			r.recvuntil(">>> ")
			r.sendline("1")
			r.recvuntil("message in hex:")
			r.sendline(pay)
			res = r.recvline()[:-1].decode()
			payint = int(pay, 16)
		mod = payint**3 - int(res)
		print(mod)
		# factor mod to get the prime(assume it was a prime modulo), then use sage nth_root to calculate root
		f6 = input("gimme the flag in hex> ")
		r.recvuntil(">>> ")
		r.sendline("2")
		r.recvuntil("flag in hex:")
		r.sendline(f6)
	else:
		r.recvuntil(">>> ")
		r.sendline("2")
		r.recvuntil("flag in hex:")
		r.sendline("43756265206d6f64756c6f207072696d652c20616e7920677565737365732077686174206d6967687420626520636f6d696e67206e6578743f")

# Level 7
def level7(passed):
	print("Level 7")
	if not passed:
		r.recvuntil("Level: 7, encrypted flag: ")
		ef7 = int(r.recvline().decode()[:-1])
		print(ef7)
		r.recvuntil(">>> ")
		r.sendline("1")
		r.recvuntil("message in hex:")
		r.sendline("02")
		power = int(log(int(r.recvline()[:-1].decode()), 2))
		print(power)
		pay = 256
		r.recvuntil(">>> ")
		r.sendline("1")
		r.recvuntil("message in hex:")
		r.sendline("0" + hex(pay)[2:])
		res = r.recvline()[:-1].decode()
		while pay**power == int(res):
			pay = int(1.1 * pay)
			r.recvuntil(">>> ")
			r.sendline("1")
			r.recvuntil("message in hex:")
			payload = hex(pay)[2:]
			if len(payload) % 2:
				r.sendline("0" + payload)
			else:
				r.sendline(payload)
			res = r.recvline()[:-1].decode()
		mod = pay**power - int(res)
		print(mod)
		# factor mod to get the prime(assume it was a prime modulo), then use sage nth_root to calculate root
		f7 = input("gimme the flag in hex> ")
		r.recvuntil(">>> ")
		r.sendline("2")
		r.recvuntil("flag in hex:")
		r.sendline(f7) # got the flag
	else:
		r.recvuntil(">>> ")
		r.sendline("2")
		r.recvuntil("flag in hex:")
		r.sendline("7a683372307b31375f61316e375f6d7563685f6275375f315f346d5f73306d333768316e675f30665f345f6372797037346e346c7935375f6d7935336c667d")

level0(True)
level1(True)
level2(True)
level3(True)
level4(True)
level5(True)
level6(True)
level7(True)
r.interactive()