def encrypt():
enc_flag = []
for char in FLAG.encode():
enc_char = 0
for binary in '{:08b}'.format(char):
enc_char <<= 1
enc_char += (int(binary) ^ lfsr.next())
enc_flag.append(enc_char)
return bytes(enc_flag)
def encrypt(conn):
while True:
conn.sendall(MENU)
choice = conn.recv(1024).strip()
if choice == b'1':
conn.sendall(b'Enter your message:\n> ')
inp = conn.recv(1024).strip()
enc = aes.encrypt(pad(inp + FLAG.encode()))
conn.sendall(b"\nEncrypted input\n" + enc.hex().encode() + b"\n")
elif choice == b'2':
conn.sendall(b'Enter your message:\n> ')
inp = conn.recv(1024).strip()
enc = aes.encrypt(pad(inp))
conn.sendall(b"\nEncrypted input\n" + enc.hex().encode() + b"\n")
else:
conn.sendall(b"\nOhhh eeesyyy no Hacking here !!!\n")
#!/usr/bin/env python3
import random
from secret import FLAG,current_password
m=int.from_bytes(FLAG.encode(),'big')
primes=open("primes.txt").read().strip().split('\n')
primes=[int(i) for i in primes]
def keygen():
p=random.choice(primes)
q=p
while q==p:
q=random.choice(primes)
n=p*q
e=65537
c=pow(m,e,n)
return n,e,c
password=input("Sanity Check! input this level's password: "******"\033[32mpassed\033[0m")
print("-"*24)
except AssertionError:
print("\033[93mI see that you are dirty!\033[0m")
exit()
def nonce():
randtext = list(os.urandom(len(FLAG.encode())))
randtext = list(map(lambda x: (x + 0x7F) % 0xFF, randtext))
randtext = bytes(randtext)
return encrypt(randtext).hex()
sum, delta = 0, 0x9E3779B9
for _ in range(self.rounds):
v0 = (v0 + (((v1 << 4 ^ v1 >> 5) + v1) ^
(sum + self.key[sum & 3]))) & 0xFFFFFFFF
sum = (sum + delta) & 0xFFFFFFFF
v1 = (v1 + (((v0 << 4 ^ v0 >> 5) + v0) ^
(sum + self.key[sum >> 11 & 3]))) & 0xFFFFFFFF
ct += struct.pack('<2L', v0, v1)
return ct
if __name__ == '__main__':
key = os.urandom(16)
xtea = Xtea(key, 32)
while True:
print('> key')
print('> flag')
print('> server.py')
print('> exit')
cmd = input('> Command: ')
if cmd == 'exit':
sys.exit(1)
elif cmd == 'key':
print(key.hex())
elif cmd == 'flag':
print(xtea.encrypt(FLAG.encode()).hex())
elif cmd == 'server.py':
print(open('./server.py', 'r').read())
else:
print('Bad hacker')
from Crypto.Util.number import *
from Crypto.Random.random import randrange
from gmpy2 import iroot
from secret import FLAG
def gen():
p, q = 0, 1
while abs(p - q) >= min(p, q):
p, q = getPrime(1024), getPrime(1024)
n = p * q
phi = (p-1) * (q-1)
e, d = 0, 0
while GCD(e, phi) > 1 or d >= int(iroot(n, 4)[0]) // 3:
d = getPrime(201)
e = inverse(d, phi)
return e, n
if __name__ == '__main__':
m, (e, n) = bytes_to_long(FLAG.encode()), gen()
print(f'(e, n) = {(e, n)}')
print(f'flag = {pow(m, e, n)}')
# e = 165528674684553774754161107952508373110624366523537426971950721796143115780129435315899759675151336726943047090419484833345443949104434072639959175019000332954933802344468968633829926100061874628202284567388558408274913523076548466524630414081156553457145524778651651092522168245814433643807177041677885126141
# n = 380654536359671023755976891498668045392440824270475526144618987828344270045182740160077144588766610702530210398859909208327353118643014342338185873507801667054475298636689473117890228196755174002229463306397132008619636921625801645435089242900101841738546712222819150058222758938346094596787521134065656721069
# c = 84740524770381403153622925447792920959815469600692319965596776738431504244164788253920072346154965475345520986566261139605189850053220984036986688956922312943484012082747435674795128749623149324459566588589685250817942108728364336944750553593289462772627326115549452684668188298340307743571301091011089977112
import random
from secret import FLAG
assert FLAG.startswith('n1ctf{')
assert FLAG.endswith('}')
SECRET = bytes.fromhex(FLAG[6:-1])
assert len(SECRET) == 16
p = 251
e = [1, 20, 113, 149, 219]
y = b''
for x in range(1, p):
coeff = [random.choice(e)] + list(SECRET)
y += bytes([sum(c * pow(x, i, p) for i, c in enumerate(coeff)) % p])
print(f'Token: {y.hex()}')
#!/usr/bin/env python2
from itertools import cycle as scooter
from secret import FLAG, KEY
from hashlib import sha384
assert FLAG.islower()
assert len(KEY) == 10
def drive(Helmet, Petrol):
return ''.join(chr(ord(David)^ord(Toni)) for David,Toni in zip(Helmet,scooter(Petrol)))
f = lambda x: sha384(x).digest()[(ord(x)+7)%48]
encrypted = drive(map(f,FLAG),KEY.decode('hex')).encode('hex')
open('ci.pher.text','wb').write(encrypted)
#!/usr/bin/env python
import os
import pyDes
from secret import FLAG, KEY
d1 = pyDes.des(KEY)
ciphertext1 = d1.encrypt(os.urandom(8)).encode('base64')
d2 = pyDes.triple_des(KEY * 3)
ciphertext2 = d2.encrypt(FLAG.encode()).encode('base64')
with open('ciphertext', 'wb') as f:
f.write('ciphertext1 = ' + ciphertext1)
f.write('ciphertext2 = ' + ciphertext2)
print d1.Kn[6]
# [1, 0, 1, 0, 1, 1, 0, 1, 1, 1, 0, 1, 0, 0, 1, 1, 0, 1, 0, 1, 0, 0, 1, 1, 0, 1, 0, 1, 1, 1, 0, 0, 1, 1, 0, 0, 0, 0, 0, 1, 0, 1, 1, 0, 0, 0, 1, 0]
def decrypt(c):
m = crypto.decrypt(c)
if m != FLAG.encode():
raise crypto.BadDecryptedException
return m
from Crypto.Random.random import randrange
from Crypto.Util.number import *
from gmpy2 import next_prime
def genkey():
while True:
p = 2
while size(p) < 512:
p *= getPrime(randrange(2, 12))
if isPrime(p + 1):
return p + 1
def genkey2():
r = randrange(1 << 256, 1 << 512)
r1 = int(next_prime(r))
r2 = int(next_prime(3 * next_prime(r)))
return r1, r2
if __name__ == '__main__':
p, (q1, q2) = genkey(), genkey2()
flag_enc = pow(bytes_to_long(FLAG.encode()), 0x08, p * q1 * q2)
print(f'n = {p * q1 * q2}')
print(f'flag = {flag_enc}')
# n = 6312081956800453242005635638775696371964331197711691305988524250934422670842847567082346294645531370392639640378977436738050267523930928141102947907752882864626516425205269860114372618107450666027047226378144718448153445336075442922378352142961490699548714369526861636120457642764187087553926315130595677178383932745637982421135800386302683921967207504042339093722486435093268055558828813962385642778695527840215136317793200395448508173372291064570886206707599207
# flag = 40703716922238297540974699152906010511890612406354554321348345564275909770839370181255432537072729838781177907418967403582860866069798802973013764506845205221657698180529839362192238438018905283361530343132208538330159562551776147601468923502275584050060893448700748017026813914966498333560220409016323632451159567209031828544075438228998490904439427553454962348431909003611866394844731435113150450902434285544059140901085386616766280166693387555517220827551804
#!/usr/bin/python
import random
from secret import FLAG, KEY
def xor_str(x, y):
print x
print y
if len(x) > len(y):
return ''.join([chr(ord(z) ^ ord(p)) for (z, p) in zip(x[:len(y)], y)])
else:
return ''.join([chr(ord(z) ^ ord(p)) for (z, p) in zip(x, y[:len(x)])])
flag, key = FLAG.encode('hex'), KEY.encode('hex')
c = xor_str(key * (len(flag) // len(key) + 1), flag).encode('hex')
print c
enc = ''
for i in xrange(0, len(c), 2):
r = random.randint(0, 15)
enc += chr(int(hex(r)[-1] + hex(r ^ int(c[i + 1], 16))[-1], 16))
print enc.encode("hex")
# ef = open('flag.enc', 'w')
# ef.write(enc)
# ef.close()
#!/usr/bin/python
import random
from secret import FLAG, KEY
def xor_str(x, y):
print x
print y
if len(x) > len(y):
return ''.join([chr(ord(z) ^ ord(p)) for (z, p) in zip(x[:len(y)], y)])
else:
return ''.join([chr(ord(z) ^ ord(p)) for (z, p) in zip(x, y[:len(x)])])
flag, key = FLAG.encode('hex'), KEY.encode('hex')
c = xor_str(key * (len(flag) // len(key) + 1), flag).encode('hex')
print c
enc = ''
for i in xrange(0, len(c), 2):
r = random.randint(0, 15)
enc += chr(int(hex(r)[-1] + hex(r ^ int(c[i+1], 16))[-1], 16))
print enc.encode("hex")
# ef = open('flag.enc', 'w')
# ef.write(enc)
# ef.close()
#!/usr/bin/env python3
from Crypto.PublicKey import RSA
from secret import FLAG
for i in range(1, 6):
with open('{}.pub.pem'.format(i), 'rb') as f:
key = RSA.importKey(f.read())
with open('{}.enc'.format(i), 'wb') as f:
f.write(key.encrypt(FLAG.encode(), None)[0])
from Crypto.Util.number import *
from secret import FLAG
if __name__ == '__main__':
e = 0x03
m = bytes_to_long(FLAG.encode())
n1, n2, n3 = (getPrime(512) * getPrime(512) for _ in range(3))
print('n1 =', hex(n1))
print('n2 =', hex(n2))
print('n3 =', hex(n3))
print('c1 =', hex(pow(m, e, n1)))
print('c2 =', hex(pow(m, e, n2)))
print('c3 =', hex(pow(m, e, n3)))
# n1 = 0xc1b0a733a50636daa8f359942e259a8ae48be42dbacb1009dd765c8416ef119c450572b0f327d4cfdd044bc0875475dd5e7f29751ad2855d403af967c93e8556d1072de6cab11ce7a388391bbc399ce83af0bcb7cca97ea3686d3a346656a1458f3f84f815be1531d7e5a1baa46a968cb12e88a45b098180b95dbb0ec4d8f6b9
# n2 = 0x9044524c4153edb0c1be902b4887d227e5ba39f04a058eb07e38c55afaf5f0b8078c1adcc15ec2a7ca77543338e14e7981e07c59e96691b5f7ce349ffd68a804f442b7264c97c547f99af967d63977d6ee9b62d5b8e1af89337602ddea70baef2ccea6cd6a69c2d921ca5fe823cd8f9694d9f86d9b35dac88438a03e5d9eb7fd
# n3 = 0x5898a5fdabdfec8e833575b05a2dbe60599fdcb7c103f3723a14fd8f300b2ba08085ebf8a4f8f823e87a4cc6e0564346104b0d62d5d7015c62389d6271e6084c83db31dd6b553555fbaec65f36a9e560f87e52b9e0c102e46c2fb7f54510d5da0264a5dc49d064a967a8a11380a989985d8723a1281dc2d0fed4a2d92965839b
# c1 = 0xac6e4f45e0efde392ccfdc0a469ac73cd95a3f6187c562135af409c50e2d183eeed68c6b14a90254e5e25d91de7e27f236564738a9911225cdce15d57be26a25ea66d6391659339e776af990ab28c184602d82f09d9a683bcf6c00f661ccc0f6f5a3d1ebd996aa207db372e1d636ae70d0deadcafe9a4e74ff06921af3181257
# c2 = 0x1a325ef53762f6abce2dfc56275d86dd973362e6fa7a29c53df0674c71246a2fdb819dd383cda279c0831f36beacde53ca8fa13a9e1be345df444ef644b4ffef83c50d38defcd05db4f694963418264e8dd340e83b41defa0473e381fd0be2da231f85bcf1310513631a323961d2500a947a8222528aba09c02a724c429020f8
# c3 = 0x622e2bb6ffadd4adc1b9977bebda7d21f4b154f2d362603c86507f04a18f9ecd6040d61b8bd483e8fd0cf43b3655e0e094fb5fe699371aa231d3908e092b460371b8cc13cc4df4c2d668365b4a5aa3af94c7d0f97f7b193a7b9dbdba12461d42a8f85152dc3e2cad3c05fff2ac8c64c82200b87ee33cbe114ce75ba403568d6
from secret import FLAG
def genkey():
while True:
p = 2
while size(p) < 512:
p *= getPrime(randrange(2, 12))
if isPrime(p + 1):
return p + 1
def sprkey(p):
p1 = p
for _ in range(100):
p1 = int(next_prime(p1))
p2 = int(next_prime(2 * p - p1))
return p1, p2
if __name__ == '__main__':
e = 0x10001
p, (q1, q2) = genkey(), sprkey(genkey())
flag_enc = bytes_to_long(FLAG.encode())
flag_enc = pow(flag_enc, e, p * q1 * q2)
print(f'n = {p * q1 * q2}')
print(f'flag = {flag_enc}')
# n = 89440560733164708153845415331446945959245098008966030018929526224499627757561588031620648168516773823431871418356339994635745869093527493722219078655396271734959826773338477957209319942403927521493751796095337134761865520104013849636230344195374484615442639465418351367038754528133862123415585916462336887316272609032894837016897778296130831547243876103719134564487881368375292269727492130954469891687595162077285957074426084146076230091131943856427238665819605762639
# flag = 70677748948501844132153830929251677244113768980787500369152141990965232213831862207217721522056164204162823419806165910568220932219900368675591552968178184614121712327013011109514719999717122365733828157304155345657621328222420087192300965297138284125891425367991980443832811085424797902616979150681335481651723930150196824667059658752617939365799090553917136979687242700603979742173293315404232654368071971864852868586639814633504013277004899488199641716300195627399
import sys
from secret import FLAG, REGISTER, TAPS
assert FLAG.startswith('flag')
assert len(REGISTER) == 16
assert len(TAPS) == 5
class LFSR:
def __init__(self, register, taps):
self.register = register
self.taps = taps
def next(self):
new = 0
ret = self.register[0]
for i in self.taps:
new ^= self.register[i]
self.register = self.register[1:] + [new]
return ret
def encrypt():
enc_flag = []
for char in FLAG.encode():
enc_char = 0
for binary in '{:08b}'.format(char):
enc_char <<= 1
enc_char += (int(binary) ^ lfsr.next())
enc_flag.append(enc_char)
return bytes(enc_flag)