def main():
""" Input and outputs in hex as given by the challenge"""
hex_in_1 = '1c0111001f010100061a024b53535009181c'
hex_in_2 = '686974207468652062756c6c277320657965'
hex_out = '746865206b696420646f6e277420706c6179'
"""Convert hex to bytes for XOR"""
bytes_in_1 = bso.hex_to_bytes(hex_in_1)
bytes_in_2 = bso.hex_to_bytes(hex_in_2)
XOR = bso.FixedXOR(bytes_in_1, bytes_in_2)
"""Don't miss out on the 90's rap reference"""
print(XOR)
"""Check results"""
assert bso.bytes_to_hex(XOR) == hex_out
def main():
message = b'A test message'
message_int = int(bso.bytes_to_hex(message), 16)
ciphertexts = []
public_keys = []
#Encrypt the same message 3 times with 3 different public keys. Keep track
# of the ciphertext and public key. It is not necessary to use 3, just need to
# use the value of e in rsa.
while len(ciphertexts) < 3:
server = rsa.RSAServer(e=3)
client = rsa.RSAClient()
e, n = server.send_public_key()
client.recv_public_key(e, n)
ciphertext = client.encrypt(message_int)
ciphertexts.append(ciphertext)
public_keys.append(n)
#Now decrypt without using the secret key
discovered_message_int = rsa_attacks.hastad_attack(3, ciphertexts,
public_keys)
discovered_message = bso.hex_to_bytes(hex(discovered_message_int)[2:])
assert discovered_message == message
def dictattack():
#Load the parameters needed to calculate the hmac for each trial password
with open('Challenge38_hash_storage.txt', 'r') as file:
params = json.load(file)
#hmac is stored as a hex sting
params['HMAC'] = bso.hex_to_bytes(params['HMAC'])
#The dictionary attack usea a function that takes the test pasword
#as an argument and returns True/False depending on if it matchs.
verify = lambda test_password: test_hmac(test_password,
params['salt'],
params['u'],
params['client_public_key'],
params['secret_key'],
params['base'],
params['HMAC'])
#Open the file with english words and test if ech is the password
with open('words_alpha.txt', 'br') as word_list:
for test_password in word_list:
test_password = test_password[:-2]
if verify(test_password):
return test_password
raise Exception('Password not in dictionary')
def main():
oracle = RSAOracle()
client = rsa.RSAClient()
client.recv_public_key(*oracle.send_public_key())
message = b'A secret message'
#Client encrypts the message
message_int = int(bso.bytes_to_hex(message), 16)
ciphertext = client.encrypt(message_int)
#Client sends ciphertext which gets decrypted
assert message == bso.hex_to_bytes(hex(oracle.decrypt(ciphertext))[2:])
#Attacker intercepts the ciphertext and tries to get the plaintext from
#the oracle. This fails because the oracle only decrypts each plaintext once
try:
successfully_decrypted = message == bso.hex_to_bytes(
hex(oracle.decrypt(ciphertext))[2:])
except:
successfully_decrypted = False
assert successfully_decrypted == False
#instead the attacker can get the decryption of an alternate ciphertext and
# convert it to the original message. This attack uses the fat that exponentiation
# is a homomorphism
e, n = oracle.send_public_key()
#S can be any value
S = 2
altered_ciphertext = nt.modexp(S, e, n) * ciphertext % n
altered_message = oracle.decrypt(altered_ciphertext)
#altered message = S * message
new_message = altered_message * nt.invmod(S, n) % n
assert message == bso.hex_to_bytes(hex(new_message)[2:])
def main():
#input hex from challenge
hex_in = '1b37373331363f78151b7f2b783431333d78397828372d363c78373e783a393b3736'
ciphertext = bso.hex_to_bytes(hex_in)
result = next(xorattacks.xor_singlebyte_key_attack(ciphertext))
assert result['decryption'] == b"Cooking MC's like a pound of bacon"
def verify_hmac(self, recv_hmac):
"""
Recieves and stores hmac. Returns positive verification
Args:
recv_hmac (string): hmac computed by the client as a string in hex
Returns:
'OK', 200
"""
recv_hmac = bso.hex_to_bytes(recv_hmac)
return MaliciousSRPServer.verify_hmac(self, recv_hmac)
def verify_hmac(self, recv_hmac):
"""
Final SRP verification. Computes the hmac which depends depends on the
salt and password but also on a Diffie Hellmen shared key. Equates with
the hamc submitted by the client
Args:
recv_hmac (string): hmac computed by the client as a string in hex
Returns:
string, int: 'OK', 200 if the verification is successful
'Nope', 400 if the verification is unsuccessful
"""
recv_hmac = bso.hex_to_bytes(recv_hmac)
return SimplifiedSRPServer.verify_hmac(self, recv_hmac)
def main():
#Load in the cipher texts from the file
ciphertexts = []
with open('4.txt') as file:
for line in file:
ciphertexts.append(bso.hex_to_bytes(line))
results = []
for ciphertext in ciphertexts:
results.append(next(xorattacks.xor_singlebyte_key_attack(ciphertext)))
results = sorted(results, key=lambda val: val['score'], reverse=True)
assert results[0]['decryption'] == b'Now that the party is jumping\n'
return
def main():
alice = rsa.RSAServer()
bob = rsa.RSAClient()
e, n = alice.send_public_key()
bob.recv_public_key(e, n)
bob_msg = secrets.randbelow(2**1024)
ciphertext = bob.encrypt(bob_msg)
assert alice.decrypt(ciphertext) == bob_msg
plaintext = b'A random message'
plaintext_int = int(bso.bytes_to_hex(plaintext), 16)
decrypted_message = alice.decrypt(bob.encrypt(plaintext_int))
decrypted_message = hex(decrypted_message)
decrypted_message = bso.hex_to_bytes(decrypted_message[2:])
assert decrypted_message == plaintext
def main():
server = RSAParityOracle()
client = rsa.RSAClient()
e, mod = server.send_public_key()
client.recv_public_key(e, mod)
plaintext = 'VGhhdCdzIHdoeSBJIGZvdW5kIHlvdSBkb24ndCBwbGF5IGFyb3VuZCB3aXRoIHRoZSBGdW5reSBDb2xkIE1lZGluYQ=='
plaintext = base64.b64decode(plaintext)
integer_plaintext = int(bso.bytes_to_hex(plaintext), 16)
ciphertext = client.encrypt(integer_plaintext)
cracked_plaintext = rsa_attacks.parity_oracle_attack(
ciphertext, e, mod, lambda val: server.is_even(val))
assert bso.hex_to_bytes(
hex(cracked_plaintext)[2:]
) == b"That's why I found you don't play around with the Funky Cold Medind"