Skip to content

Instantly share code, notes, and snippets.

View hellman's full-sized avatar
🍊

Aleksei Udovenko hellman

🍊
617 followers · 24 following
View GitHub Profile
@hellman
hellman / almost_leet.py
Last active April 9, 2017 22:12
ASIS CTF Quals 2017 - Almost leet
from sage.all import *
from itertools import product
def frombin(v):
return int("".join(map(str, v)), 2 )
def l33tize(s, eight=False):
ms = GL(8 if eight else 6, GF(2))
while 1:
@hellman
hellman / generate.py
Created October 11, 2016 18:00
HITCON QUALS 2016 - Reverse (Reverse 500)
from binascii import crc32
def lcg_step():
global lcg
lcg = (0x5851F42D4C957F2D * lcg + 0x14057B7EF767814F) % 2**64
return lcg
def extract(val):
res = 32 + val - 95 * ((
((val - (0x58ED2308158ED231 * val >> 64)) >> 1) +
@hellman
hellman / Flag.java
Last active June 19, 2017 09:34
Google CTF 2017 Quals - Bleichenbacher’s Lattice Task - Insanity Check
/**
* Print a Flag.
* @author Daniel Bleichenbacher
*/
package blt;
import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.SecureRandom;
import java.security.GeneralSecurityException;
@hellman
hellman / chall.py
Last active July 9, 2017 09:08
Polictf 2017 – Lucky Consecutive Guessing (Crypto)
#!/usr/bin/env python
import signal, random
import sys
class LinearCongruentialGenerator:
def __init__(self, a, b, nbits):
self.a = a
self.b = b
@hellman
hellman / 0handshake.rs
Last active September 3, 2017 16:21
Google CTF 2017 Quals - Rubik
use permutation::Permutation;
use cube::Cube;
use crypto::blake2b::Blake2b;
#[derive(Copy, Clone, Eq, PartialEq, Hash)]
pub struct SecretKey {
pub a: u64,
pub b: u64,
}
@hellman
hellman / 0solve.py
Last active September 3, 2017 16:22
Google CTF 2017 Quals - Introspective CRC
'''
CRC is affine.
CRC(x) = L(x) + C, where L is linear.
We want CRC(x) = L(x) + C = x.
Write as L(x)+x = C.
Solve matrix equation.
'''
from sage.all import *
@hellman
hellman / decrypt_flag.rs
Created June 18, 2017 22:04
Google CTF 2017 Quals - Shake It
#[macro_use]
extern crate arrayref;
extern crate crypto;
use crypto::aead::AeadDecryptor;
use crypto::chacha20poly1305::ChaCha20Poly1305;
use std::env;
use std::fs::File;
use std::io::{Read, Write};
@hellman
hellman / 0_solve.py
Last active September 4, 2017 08:29
TWCTF 2017 - BabyPinhole
#-*- coding:utf-8 -*-
"""
In this challenge we have a Paillier cryptosystem.
We are given a decryption oracle, which leaks only one bit in the middle of the plaintext.
Due to homomorphic properties of the Paillier cryptosystem, we can recover the full decryption using such an oracle.
1. First, we recover the lower half of the message bit-by-bit.
This can be done by manipulating and observing the carry bit going through the pinhole,
@hellman
hellman / 0server.rb
Last active September 4, 2017 08:33
TWCTF 2017 - Liar's Trap
#!/usr/bin/env ruby
require 'securerandom'
## Parameters
P = 115792089237316195423570985008687907853269984665640564039457584007913129639747
N = 100
K = 25
L = 38 # The number of liars
def apply_polynomial(coeffs, x)
r = 0
@hellman
hellman / 0_mceliece_grs.py
Last active October 19, 2017 20:35
Hack.lu CTF 2017 - McEliece
'''
Attacking McEliece with Generalized Reed-Solomon codes (GRS), method by Sidelnikov & Shestakov.
The task is almost the same as The Russian Attack from Sharif CTF:
http://ctf.sharif.edu/blog/Write-Ups/SharifCTF-6/Crypto/08.%20The%20Russian%20Attack%20(500%20+%20300%20pts)/
The only change is the field changed from GF(p) to GF(2^8).
Here is Sage analogue of the GAP script, because finally Sage supports GRS decoding.
'''