def encrypt(): enc_flag = [] for char in FLAG.encode(): enc_char = 0 for binary in '{:08b}'.format(char): enc_char <<= 1 enc_char += (int(binary) ^ lfsr.next()) enc_flag.append(enc_char) return bytes(enc_flag)
def encrypt(conn): while True: conn.sendall(MENU) choice = conn.recv(1024).strip() if choice == b'1': conn.sendall(b'Enter your message:\n> ') inp = conn.recv(1024).strip() enc = aes.encrypt(pad(inp + FLAG.encode())) conn.sendall(b"\nEncrypted input\n" + enc.hex().encode() + b"\n") elif choice == b'2': conn.sendall(b'Enter your message:\n> ') inp = conn.recv(1024).strip() enc = aes.encrypt(pad(inp)) conn.sendall(b"\nEncrypted input\n" + enc.hex().encode() + b"\n") else: conn.sendall(b"\nOhhh eeesyyy no Hacking here !!!\n")
#!/usr/bin/env python3 import random from secret import FLAG,current_password m=int.from_bytes(FLAG.encode(),'big') primes=open("primes.txt").read().strip().split('\n') primes=[int(i) for i in primes] def keygen(): p=random.choice(primes) q=p while q==p: q=random.choice(primes) n=p*q e=65537 c=pow(m,e,n) return n,e,c password=input("Sanity Check! input this level's password: "******"\033[32mpassed\033[0m") print("-"*24) except AssertionError: print("\033[93mI see that you are dirty!\033[0m") exit()
def nonce(): randtext = list(os.urandom(len(FLAG.encode()))) randtext = list(map(lambda x: (x + 0x7F) % 0xFF, randtext)) randtext = bytes(randtext) return encrypt(randtext).hex()
sum, delta = 0, 0x9E3779B9 for _ in range(self.rounds): v0 = (v0 + (((v1 << 4 ^ v1 >> 5) + v1) ^ (sum + self.key[sum & 3]))) & 0xFFFFFFFF sum = (sum + delta) & 0xFFFFFFFF v1 = (v1 + (((v0 << 4 ^ v0 >> 5) + v0) ^ (sum + self.key[sum >> 11 & 3]))) & 0xFFFFFFFF ct += struct.pack('<2L', v0, v1) return ct if __name__ == '__main__': key = os.urandom(16) xtea = Xtea(key, 32) while True: print('> key') print('> flag') print('> server.py') print('> exit') cmd = input('> Command: ') if cmd == 'exit': sys.exit(1) elif cmd == 'key': print(key.hex()) elif cmd == 'flag': print(xtea.encrypt(FLAG.encode()).hex()) elif cmd == 'server.py': print(open('./server.py', 'r').read()) else: print('Bad hacker')
from Crypto.Util.number import * from Crypto.Random.random import randrange from gmpy2 import iroot from secret import FLAG def gen(): p, q = 0, 1 while abs(p - q) >= min(p, q): p, q = getPrime(1024), getPrime(1024) n = p * q phi = (p-1) * (q-1) e, d = 0, 0 while GCD(e, phi) > 1 or d >= int(iroot(n, 4)[0]) // 3: d = getPrime(201) e = inverse(d, phi) return e, n if __name__ == '__main__': m, (e, n) = bytes_to_long(FLAG.encode()), gen() print(f'(e, n) = {(e, n)}') print(f'flag = {pow(m, e, n)}') # e = 165528674684553774754161107952508373110624366523537426971950721796143115780129435315899759675151336726943047090419484833345443949104434072639959175019000332954933802344468968633829926100061874628202284567388558408274913523076548466524630414081156553457145524778651651092522168245814433643807177041677885126141 # n = 380654536359671023755976891498668045392440824270475526144618987828344270045182740160077144588766610702530210398859909208327353118643014342338185873507801667054475298636689473117890228196755174002229463306397132008619636921625801645435089242900101841738546712222819150058222758938346094596787521134065656721069 # c = 84740524770381403153622925447792920959815469600692319965596776738431504244164788253920072346154965475345520986566261139605189850053220984036986688956922312943484012082747435674795128749623149324459566588589685250817942108728364336944750553593289462772627326115549452684668188298340307743571301091011089977112
import random from secret import FLAG assert FLAG.startswith('n1ctf{') assert FLAG.endswith('}') SECRET = bytes.fromhex(FLAG[6:-1]) assert len(SECRET) == 16 p = 251 e = [1, 20, 113, 149, 219] y = b'' for x in range(1, p): coeff = [random.choice(e)] + list(SECRET) y += bytes([sum(c * pow(x, i, p) for i, c in enumerate(coeff)) % p]) print(f'Token: {y.hex()}')
#!/usr/bin/env python2 from itertools import cycle as scooter from secret import FLAG, KEY from hashlib import sha384 assert FLAG.islower() assert len(KEY) == 10 def drive(Helmet, Petrol): return ''.join(chr(ord(David)^ord(Toni)) for David,Toni in zip(Helmet,scooter(Petrol))) f = lambda x: sha384(x).digest()[(ord(x)+7)%48] encrypted = drive(map(f,FLAG),KEY.decode('hex')).encode('hex') open('ci.pher.text','wb').write(encrypted)
#!/usr/bin/env python import os import pyDes from secret import FLAG, KEY d1 = pyDes.des(KEY) ciphertext1 = d1.encrypt(os.urandom(8)).encode('base64') d2 = pyDes.triple_des(KEY * 3) ciphertext2 = d2.encrypt(FLAG.encode()).encode('base64') with open('ciphertext', 'wb') as f: f.write('ciphertext1 = ' + ciphertext1) f.write('ciphertext2 = ' + ciphertext2) print d1.Kn[6] # [1, 0, 1, 0, 1, 1, 0, 1, 1, 1, 0, 1, 0, 0, 1, 1, 0, 1, 0, 1, 0, 0, 1, 1, 0, 1, 0, 1, 1, 1, 0, 0, 1, 1, 0, 0, 0, 0, 0, 1, 0, 1, 1, 0, 0, 0, 1, 0]
def decrypt(c): m = crypto.decrypt(c) if m != FLAG.encode(): raise crypto.BadDecryptedException return m
from Crypto.Random.random import randrange from Crypto.Util.number import * from gmpy2 import next_prime def genkey(): while True: p = 2 while size(p) < 512: p *= getPrime(randrange(2, 12)) if isPrime(p + 1): return p + 1 def genkey2(): r = randrange(1 << 256, 1 << 512) r1 = int(next_prime(r)) r2 = int(next_prime(3 * next_prime(r))) return r1, r2 if __name__ == '__main__': p, (q1, q2) = genkey(), genkey2() flag_enc = pow(bytes_to_long(FLAG.encode()), 0x08, p * q1 * q2) print(f'n = {p * q1 * q2}') print(f'flag = {flag_enc}') # n = 6312081956800453242005635638775696371964331197711691305988524250934422670842847567082346294645531370392639640378977436738050267523930928141102947907752882864626516425205269860114372618107450666027047226378144718448153445336075442922378352142961490699548714369526861636120457642764187087553926315130595677178383932745637982421135800386302683921967207504042339093722486435093268055558828813962385642778695527840215136317793200395448508173372291064570886206707599207 # flag = 40703716922238297540974699152906010511890612406354554321348345564275909770839370181255432537072729838781177907418967403582860866069798802973013764506845205221657698180529839362192238438018905283361530343132208538330159562551776147601468923502275584050060893448700748017026813914966498333560220409016323632451159567209031828544075438228998490904439427553454962348431909003611866394844731435113150450902434285544059140901085386616766280166693387555517220827551804
#!/usr/bin/python import random from secret import FLAG, KEY def xor_str(x, y): print x print y if len(x) > len(y): return ''.join([chr(ord(z) ^ ord(p)) for (z, p) in zip(x[:len(y)], y)]) else: return ''.join([chr(ord(z) ^ ord(p)) for (z, p) in zip(x, y[:len(x)])]) flag, key = FLAG.encode('hex'), KEY.encode('hex') c = xor_str(key * (len(flag) // len(key) + 1), flag).encode('hex') print c enc = '' for i in xrange(0, len(c), 2): r = random.randint(0, 15) enc += chr(int(hex(r)[-1] + hex(r ^ int(c[i + 1], 16))[-1], 16)) print enc.encode("hex") # ef = open('flag.enc', 'w') # ef.write(enc) # ef.close()
#!/usr/bin/python import random from secret import FLAG, KEY def xor_str(x, y): print x print y if len(x) > len(y): return ''.join([chr(ord(z) ^ ord(p)) for (z, p) in zip(x[:len(y)], y)]) else: return ''.join([chr(ord(z) ^ ord(p)) for (z, p) in zip(x, y[:len(x)])]) flag, key = FLAG.encode('hex'), KEY.encode('hex') c = xor_str(key * (len(flag) // len(key) + 1), flag).encode('hex') print c enc = '' for i in xrange(0, len(c), 2): r = random.randint(0, 15) enc += chr(int(hex(r)[-1] + hex(r ^ int(c[i+1], 16))[-1], 16)) print enc.encode("hex") # ef = open('flag.enc', 'w') # ef.write(enc) # ef.close()
#!/usr/bin/env python3 from Crypto.PublicKey import RSA from secret import FLAG for i in range(1, 6): with open('{}.pub.pem'.format(i), 'rb') as f: key = RSA.importKey(f.read()) with open('{}.enc'.format(i), 'wb') as f: f.write(key.encrypt(FLAG.encode(), None)[0])
from Crypto.Util.number import * from secret import FLAG if __name__ == '__main__': e = 0x03 m = bytes_to_long(FLAG.encode()) n1, n2, n3 = (getPrime(512) * getPrime(512) for _ in range(3)) print('n1 =', hex(n1)) print('n2 =', hex(n2)) print('n3 =', hex(n3)) print('c1 =', hex(pow(m, e, n1))) print('c2 =', hex(pow(m, e, n2))) print('c3 =', hex(pow(m, e, n3))) # n1 = 0xc1b0a733a50636daa8f359942e259a8ae48be42dbacb1009dd765c8416ef119c450572b0f327d4cfdd044bc0875475dd5e7f29751ad2855d403af967c93e8556d1072de6cab11ce7a388391bbc399ce83af0bcb7cca97ea3686d3a346656a1458f3f84f815be1531d7e5a1baa46a968cb12e88a45b098180b95dbb0ec4d8f6b9 # n2 = 0x9044524c4153edb0c1be902b4887d227e5ba39f04a058eb07e38c55afaf5f0b8078c1adcc15ec2a7ca77543338e14e7981e07c59e96691b5f7ce349ffd68a804f442b7264c97c547f99af967d63977d6ee9b62d5b8e1af89337602ddea70baef2ccea6cd6a69c2d921ca5fe823cd8f9694d9f86d9b35dac88438a03e5d9eb7fd # n3 = 0x5898a5fdabdfec8e833575b05a2dbe60599fdcb7c103f3723a14fd8f300b2ba08085ebf8a4f8f823e87a4cc6e0564346104b0d62d5d7015c62389d6271e6084c83db31dd6b553555fbaec65f36a9e560f87e52b9e0c102e46c2fb7f54510d5da0264a5dc49d064a967a8a11380a989985d8723a1281dc2d0fed4a2d92965839b # c1 = 0xac6e4f45e0efde392ccfdc0a469ac73cd95a3f6187c562135af409c50e2d183eeed68c6b14a90254e5e25d91de7e27f236564738a9911225cdce15d57be26a25ea66d6391659339e776af990ab28c184602d82f09d9a683bcf6c00f661ccc0f6f5a3d1ebd996aa207db372e1d636ae70d0deadcafe9a4e74ff06921af3181257 # c2 = 0x1a325ef53762f6abce2dfc56275d86dd973362e6fa7a29c53df0674c71246a2fdb819dd383cda279c0831f36beacde53ca8fa13a9e1be345df444ef644b4ffef83c50d38defcd05db4f694963418264e8dd340e83b41defa0473e381fd0be2da231f85bcf1310513631a323961d2500a947a8222528aba09c02a724c429020f8 # c3 = 0x622e2bb6ffadd4adc1b9977bebda7d21f4b154f2d362603c86507f04a18f9ecd6040d61b8bd483e8fd0cf43b3655e0e094fb5fe699371aa231d3908e092b460371b8cc13cc4df4c2d668365b4a5aa3af94c7d0f97f7b193a7b9dbdba12461d42a8f85152dc3e2cad3c05fff2ac8c64c82200b87ee33cbe114ce75ba403568d6
from secret import FLAG def genkey(): while True: p = 2 while size(p) < 512: p *= getPrime(randrange(2, 12)) if isPrime(p + 1): return p + 1 def sprkey(p): p1 = p for _ in range(100): p1 = int(next_prime(p1)) p2 = int(next_prime(2 * p - p1)) return p1, p2 if __name__ == '__main__': e = 0x10001 p, (q1, q2) = genkey(), sprkey(genkey()) flag_enc = bytes_to_long(FLAG.encode()) flag_enc = pow(flag_enc, e, p * q1 * q2) print(f'n = {p * q1 * q2}') print(f'flag = {flag_enc}') # n = 89440560733164708153845415331446945959245098008966030018929526224499627757561588031620648168516773823431871418356339994635745869093527493722219078655396271734959826773338477957209319942403927521493751796095337134761865520104013849636230344195374484615442639465418351367038754528133862123415585916462336887316272609032894837016897778296130831547243876103719134564487881368375292269727492130954469891687595162077285957074426084146076230091131943856427238665819605762639 # flag = 70677748948501844132153830929251677244113768980787500369152141990965232213831862207217721522056164204162823419806165910568220932219900368675591552968178184614121712327013011109514719999717122365733828157304155345657621328222420087192300965297138284125891425367991980443832811085424797902616979150681335481651723930150196824667059658752617939365799090553917136979687242700603979742173293315404232654368071971864852868586639814633504013277004899488199641716300195627399
import sys from secret import FLAG, REGISTER, TAPS assert FLAG.startswith('flag') assert len(REGISTER) == 16 assert len(TAPS) == 5 class LFSR: def __init__(self, register, taps): self.register = register self.taps = taps def next(self): new = 0 ret = self.register[0] for i in self.taps: new ^= self.register[i] self.register = self.register[1:] + [new] return ret def encrypt(): enc_flag = [] for char in FLAG.encode(): enc_char = 0 for binary in '{:08b}'.format(char): enc_char <<= 1 enc_char += (int(binary) ^ lfsr.next()) enc_flag.append(enc_char) return bytes(enc_flag)