Last active
August 29, 2019 17:05
-
-
Save Mister2Tone/295d45d79821223184ef2e736c0358cb to your computer and use it in GitHub Desktop.
decoder the payload that got from pcap files
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python2.7 | |
import string | |
import random | |
from base64 import b64encode, b64decode | |
FLAG = 'flag{xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx}' | |
enc_ciphers = ['rot13', 'b64e', 'caesar'] | |
dec_ciphers = ['rot13', 'b64d', 'caesard'] | |
def rot13(s): | |
_rot13 = string.maketrans( | |
"ABCDEFGHIJKLMabcdefghijklmNOPQRSTUVWXYZnopqrstuvwxyz", | |
"NOPQRSTUVWXYZnopqrstuvwxyzABCDEFGHIJKLMabcdefghijklm") | |
return string.translate(s, _rot13) | |
def b64e(s): | |
return b64encode(s) | |
def b64d(s): | |
return b64decode(s) | |
def caesar(plaintext, shift=3): | |
alphabet = string.ascii_lowercase | |
shifted_alphabet = alphabet[shift:] + alphabet[:shift] | |
table = string.maketrans(alphabet, shifted_alphabet) | |
return plaintext.translate(table) | |
def caesard(cipher, shift=-3): | |
alphabet = string.ascii_lowercase | |
shifted_alphabet = alphabet[shift:] + alphabet[:shift] | |
table = string.maketrans(alphabet, shifted_alphabet) | |
return cipher.translate(table) | |
def encode(pt, cnt=50): | |
tmp = '2{}'.format(b64encode(pt)) | |
for cnt in xrange(cnt): | |
c = random.choice(enc_ciphers) | |
i = enc_ciphers.index(c) + 1 | |
_tmp = globals()[c](tmp) | |
tmp = '{}{}'.format(i, _tmp) | |
return tmp | |
def decode(cipher): | |
while 'flag' not in cipher: | |
i = int(cipher[0]) | |
raw = cipher[1:] | |
print '# ['+ str(i) + '] <= '+cipher[0] | |
print 'raw: '+ cipher[0:] +', Running function :' + dec_ciphers[i-1] | |
decoded_text = globals()[dec_ciphers[i-1]](raw) | |
print 'decoded: '+decoded_text+'\n' | |
cipher = decoded_text | |
print cipher | |
if __name__ == '__main__': | |
#print encode(FLAG, cnt=?) | |
with open('payload.txt', 'r') as raw: | |
print decode(raw.read().strip()) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment