def run():
ct = b''
pt = unhexlify(b'89504e470d0a1a0a0000000d494844520000')
with open("encrypted_png", "rb") as f:
ct = f.read()
key = xor(ct[:8], pt, 'min')
a_stream = bits(key)[::-1]
print(b'ct: ' + hexlify(ct[:8]))
print(b'pt: ' + hexlify(pt))
print(b'key: ' + hexlify(key))
print(f'a_stream: {a_stream}')
q = 2
while q < 2000:
print(f'q: {q}')
m = 0
k = int(math.log(q, 2))
# print(f'k: {k}')
# print(f'a_stream: {a_stream[-k:]}')
a = 0
for bit in a_stream[-k:]:
a = (a << 1) | bit
while m < 2000:
generator = FCSR(q, m, a)
encrypted = generator.encrypt(ct[:8])
# print(hexlify(encrypted))
# print(hexlify(pt))
if encrypted == pt:
print(f'q: {q}')
print(f'm: {m}')
print(f'a: {a}')
exit()
m += 1
q += 1
def run2():
ct = b''
pt = unhexlify(b'89504e470d0a1a0a0000000d494844520000')
with open("encrypted_png", "rb") as f:
ct = f.read()
key = xor(ct[:8], pt, cut='min')
a_stream = bits(key)
print(b'ct: ' + hexlify(ct[:8]))
print(b'pt: ' + hexlify(pt))
print(b'key: ' + hexlify(key))
print(f'a_stream: {a_stream}')
p, q = small_fcsr_finder(a_stream)
print(f'p: {bin(p)} {p}')
print(f'q: {bin(q)} {q}')
p, q = p//gcd(p,q), q//gcd(p,q)
p, q = abs(int(p)), abs(int(q))
print(p,q)
r = q.bit_length()-1
y = 0
for i in range(r):
for j in range(i+1):
if j ==0:
y -= 1
else:
y += int(bin(q)[2:][-j-1])*2**i
m = (y-p) % 2**r
print(f'm: {m}')
a = int(''.join(map(str, a_stream[:r][::-1])), 2)
fcsr = FCSR(q, 0, a)
fd = open('encrypted_png', 'rb')
data = fd.read()
fd.close()
encrypted_png = fcsr.encrypt(data)
fd = open('decrypted.png', 'wb')
fd.write(encrypted_png)
fd.close()
fcsr = FCSR(q, 0, a)
a_ = fcsr.encrypt(b'\0'*8)
print(a_)
for m in range(q):
fcsr = FCSR(q,m,a)
check = fcsr.encrypt(b'\0'*8)
if bits(check) == a_stream[:64]:
print('done', m)
fcsr = FCSR(q,m,a)
fd = open('encrypted_png', 'rb')
data = fd.read()
fd.close()
encrypted_png = fcsr.encrypt(data)
fd = open('decrypted.png', 'wb')
fd.write(encrypted_png)
fd.close()
breakpoint()
def solve_first():
p = remote("challs.m0lecon.it", 2561)
proof_of_work(p)
ptt = b'0' * 18 #+pt
p.sendline(ptt.hex())
print(p.recvline())
data = bytes.fromhex(p.recvline().strip().decode('ascii'))
print("Response:", data)
ptt = ptt
b = bits(xor(data[:len(ptt)], ptt))
#fcsr = small_fcsr(b[:-8], b[-8:])
fcsr = small_fcsr(b)
print("Built fcsr")
b1 = [fcsr.clock() for _ in range(len(data) * 8)]
assert (b == b1[:len(b)])
dec = xor(unbits(b1), data)
print("Decrypted data", dec)
def solve_second():
data = bytes.fromhex(open("output.txt").read())
known = xor(data[:len(pt)], pt)
b = bits(xor(data[:len(pt)], pt))
print(xor(data[:len(pt)], unbits(b)))
assert (unbits(bits(data[:len(pt)])) == data[:len(pt)])
#fcsr = small_fcsr(b[:-8], b[-8:])
fcsr = small_fcsr(b)
#b1 = [fcsr.clock() for _ in b]
#print(xor(data[len(pt):], unbits(b1)))
print("Built fcsr")
#dec = fcsr.encrypt(data)
b1 = [fcsr.clock() for _ in range(len(data) * 8)]
dec = xor(unbits(b1), data)
print(dec)
def build_chall(n):
#pt = "Look, a new flag: " + flag
#pt = pt.encode()
lfsr_len = [random.randint(4, 6) for _ in range(random.randint(9, 12))]
L = [buildLFSR(i) for i in lfsr_len]
u = 0
key = b""
bits = []
for i in range(n):
ch = 0
for j in range(8):
outvec = [l.clock() for l in L]
out = (reduce(lambda i, j: i ^ j, outvec) ^ u) & 1
u = (u + sum(outvec)) // 2
ch += out * pow(2, 7 - j)
bits.append(out)
key += bytes([ch])
res = xor(key, pt).hex()
return bits
def test():
f, enc, q_orig, a_orig = get_test()
print(a_orig)
key = xor(f[:8], enc, cut='min')
print(key)
a_stream = bits(key)
print(a_stream)
print(bin(a_orig))
p, q = small_fcsr_finder(a_stream)
p, q = p//gcd(p,q), q//gcd(p,q)
p, q = abs(int(p)), abs(int(q))
print(bin(p))
print(bin(q))
print(p,q)
r = q.bit_length()-1
a = int(''.join(map(str, a_stream[:r][::-1])), 2)
fcsr = FCSR(q, 0, a)
decrypted = fcsr.encrypt(enc)
print(decrypted == f)
breakpoint()
def score(cipher, key):
plain = fiddling.xor(_in(cipher), key)
error = error_vs_english(plain)
return [error, key, plain]
import binascii import pwnlib.util.fiddling as fiddling cipher = binascii.unhexlify(b'1c0111001f010100061a024b53535009181c') key = binascii.unhexlify(b'686974207468652062756c6c277320657965') print(binascii.hexlify(fiddling.xor(cipher, key)))
def score(key):
plain = fiddling.xor(cipher, key)
error = error_vs_english(plain)
return MatchesEnglishScore(error, key, plain)
import binascii
import pwnlib.util.fiddling as fiddling
def _in(hexstring):
return binascii.unhexlify(hexstring)
def _out(bytestring):
print("bytestring: ", bytestring)
print("hex: ", binascii.hexlify(bytestring))
plain = """Burning 'em, if you ain't quick and nimble
I go crazy when I hear a cymbal"""
key = "ICE"
_out(fiddling.xor(plain, key))