Last active
January 21, 2022 05:20
-
-
Save SimonTheCoder/c36207cd85a81de73f651a5810d493de to your computer and use it in GitHub Desktop.
Writeup for CTF fez.py with symbolic executiong (claripy). This is a RE question includes a python source code(fez.py,modified for python3) and a log file(fez.log). The fez_sym.py is my solution with claripy.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
50543fc0bca1bb4f21300f0074990f846a8009febded0b2198324c1b31d2e2563c908dcabbc461f194e70527e03a807e9a478f9a56f7 | |
66bbd551d9847c1a10755987b43f8b214ee9c6ec2949eef01321b0bc42cffce6bdbd604924e5cbd99b7c56cf461561186921087fa1e9 | |
44fc6f82bdd0dff9aca3e0e82cbb9d6683516524c245494b89c272a83d2b88452ec0bfa0a73ffb42e304fe3748896111b9bdf4171903 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import os | |
def xor(a,b): | |
assert len(a)==len(b) | |
c=bytearray() | |
for i in range(len(a)): | |
#c+=chr(ord(a[i])^ord(b[i])) | |
c.append((a[i])^(b[i])) | |
return c | |
def round(M,K): | |
L=M[0:27] | |
R=M[27:54] | |
new_l=R | |
new_r=xor(xor(R,L),K) | |
return new_l+new_r | |
def fez(m,K): | |
for i in K: | |
m=round(m,i) | |
return m | |
K=[] | |
for i in range(7): | |
K.append(os.urandom(27)) | |
m=open("flag","rb").read() | |
assert len(m)<54 | |
m+=os.urandom(54-len(m)) | |
test=os.urandom(54) | |
print (test.hex()) | |
print (fez(test,K).hex()) | |
print (fez(m,K).hex()) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import os | |
import claripy | |
s = claripy.Solver() | |
def xor(a,b): | |
# assert len(a)==len(b) | |
# c=bytearray() | |
# for i in range(len(a)): | |
# #c+=chr(ord(a[i])^ord(b[i])) | |
# c.append((a[i])^(b[i])) | |
# return c | |
return a^b | |
def round(M,K): | |
#L=M[0:27] | |
#R=M[27:54] | |
L=M.get_bytes(0,27) | |
R=M.get_bytes(27,27) | |
new_l=R | |
new_r=xor(xor(R,L),K) | |
print(new_l) | |
print(new_r) | |
return claripy.Concat(new_l,new_r) | |
def fez(m,K): | |
for i in K: | |
m=round(m,i) | |
print("round:",i) | |
print(m) | |
return m | |
K=[] | |
for i in range(7): | |
#K.append(os.urandom(27)) | |
K.append(claripy.BVS("K%d"%i,27*8)) | |
#m=open("flag","rb").read() | |
#assert len(m)<54 | |
#m+=os.urandom(54-len(m)) | |
m = claripy.BVS("m", 54*8) | |
test=bytes(bytearray.fromhex("50543fc0bca1bb4f21300f0074990f846a8009febded0b2198324c1b31d2e2563c908dcabbc461f194e70527e03a807e9a478f9a56f7")) | |
#bytearray need to be converted to bytes, or (test_s == test) will be 'False' instead of a BV. | |
test_s = claripy.BVS("test_s",54*8) | |
test_s_con = (test_s == test) | |
s.add(test_s_con == True) | |
fez_test_k = bytes(bytearray.fromhex("66bbd551d9847c1a10755987b43f8b214ee9c6ec2949eef01321b0bc42cffce6bdbd604924e5cbd99b7c56cf461561186921087fa1e9")) | |
fez_m_k = bytes(bytearray.fromhex("44fc6f82bdd0dff9aca3e0e82cbb9d6683516524c245494b89c272a83d2b88452ec0bfa0a73ffb42e304fe3748896111b9bdf4171903")) | |
fez_test_k_sym = fez(test_s,K) | |
fez_m_k_sym = fez(m,K) | |
print("--------------") | |
print("fez_test_k_sym:",fez_test_k_sym) | |
print("fez_m_k_sym :",fez_m_k_sym) | |
fez_e_sym = (fez_test_k_sym == fez_test_k) | |
fez_m_sym = (fez_m_k_sym == fez_m_k) | |
s.add(fez_e_sym == True) | |
s.add(fez_m_sym == True) | |
print(m) | |
print("==================================") | |
print("s.satisfiable:",s.satisfiable()) | |
m_r = s.eval(m, 1)[0].to_bytes(54,'big') | |
print(m_r) | |
# print (test.hex()) | |
# print (fez(test,K).hex()) | |
# print (fez(m,K).hex()) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment