The challenge contains two modules:
# File: securePickle.py
import pickle, io
whitelist = []
class IIter: | |
def __init__(self, m, n): | |
self.m = m | |
self.n = n | |
self.arr = [0 for _ in range(n)] | |
self.sum = 0 | |
self.stop = False | |
def __iter__(self): | |
return self |
require_relative './happy' # rename happy -> happy.rb | |
q = 180754955592872777770305021165949447837520820408608437544593001477325680227199967219036800612237524673886247520794601572290402702594122131782305474875236404413820478308317235725623037177247985490515533618988964977186476558003216903 | |
p = 166878663790065040663149504970052368124427462024107500159158464138407657299730521908976684364578086644682045134207945137293534705688910696520830729908263578233018529387676221035298300775812585471932551347478303730822844748034186479 | |
k = 2 | |
e = 65537 | |
d1 = e.pow((p - 1) / 2 - 2, (p - 1)) | |
d2 = e.pow(((q - 1) / 2 - 1) * (q - 1) * (k > 1 ? q ** (k - 2) : 1) - 1, q ** (k - 1) * (q - 1)) | |
cf = p.pow(q ** (k - 1) * (q - 1) - 1, q ** k) | |
key = Key.new({ |
diff --git a/block0.cpp b/block0.cpp | |
index ad99358..e92eb04 100644 | |
--- a/block0.cpp | |
+++ b/block0.cpp | |
@@ -83,11 +83,18 @@ void find_block0(uint32 block[], const uint32 IV[]) | |
Q[Qoff + 16] = (xrng64() & 0x1ffdffff) | 0xa0000000 | (~Q[Qoff + 15] & 0x40020000); | |
MD5_REVERSE_STEP(0, 0xd76aa478, 7); | |
+ if (!ok_uint32(block[0])) continue; | |
MD5_REVERSE_STEP(6, 0xa8304613, 17); |
from sage.crypto.sbox import SBox | |
# List taken from De Canniere's PhD Thesis | |
# Available at http://blog.sciencenet.cn/upload/blog/file/2009/3/20093320521938772.pdf | |
representatives = [ | |
SBox([0x4, 0x0, 0x1, 0xF, 0x2, 0xB, 0x6, 0x7, 0x3, 0x9, 0xA, 0x5, 0xC, 0xD, 0xE, 0x8]), | |
SBox([0x8, 0x0, 0x1, 0xC, 0x2, 0x5, 0x6, 0x9, 0x4, 0x3, 0xA, 0xB, 0x7, 0xD, 0xE, 0xF]), | |
SBox([0x8, 0x0, 0x1, 0xC, 0xF, 0x5, 0x6, 0x7, 0x4, 0x3, 0xA, 0xB, 0x9, 0xD, 0xE, 0x2]), | |
SBox([0x2, 0x0, 0x1, 0x8, 0x3, 0xD, 0x6, 0x7, 0x4, 0x9, 0xA, 0x5, 0xC, 0xB, 0xE, 0xF]), |
Description | |
--- | |
Just matrix chain multiplication. | |
Input format | |
--- | |
There may be multiple test cases. | |
Each test case consists of two lines. | |
On the first line is an integer, $n$, the number of matrices. | |
On the second line are $n + 1$ integers, the dimension of the matrices. |
from scryptos import * | |
import hashlib | |
''' | |
DEFCON Quals 2018 Official: Crypto part | |
Partial random-value Exposure Attack for DSA (<=> biased-k DSA) | |
References: https://crypto.stackexchange.com/questions/44644/how-does-the-biased-k-attack-on-ecdsa-work | |
Thanks: @Bono_iPad and binja members | |
''' |
require 'yaml' | |
require 'base64' | |
require 'erb' | |
class ActiveSupport | |
class Deprecation | |
def initialize() | |
@silenced = true | |
end | |
class DeprecatedInstanceVariableProxy |
import socket, struct, os, binascii, base64, random, time, itertools | |
import telnetlib | |
def readline(sc, show = True): | |
res = "" | |
while len(res) == 0 or res[-1] != "\n": | |
data = sc.recv(1) | |
if len(data) == 0: | |
print repr(res) | |
raise Exception("Server disconnected") |
Lots of commands in GDB's protocol use hex-encoded data. A $
starts a packet, and all packets end with #
followed by a one-byte, hex-encoded checksum.
Let's look at the protocol for the request:
remote get /proc/self/cmdline ./cmdline
Which should fetch /proc/self/cmdline
and dump it to ./cmdline
. It does!
$ phd cmdline