-
-
Save juananpe/d98d4f5223c7c4b3341ca4962e1160fc to your computer and use it in GitHub Desktop.
Hackit 2024 / EE32 / Level 3/ hackit3solver.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import socket | |
import requests | |
import itertools | |
host = 'ikasten.io' | |
port = 31337 | |
message = b"HELP ME PLEASE" | |
def xor_bytes(bytes1, bytes2): | |
return bytes(a + b for a, b in zip(bytes1, bytes2)) | |
def crypt_bytes(message, key): | |
return bytes(a+b for a,b in zip(message, itertools.cycle(key))) | |
def decrypt_bytes(message, key): | |
print(f'Descifrando {message[0]} - {key[0]} = {chr(message[0] - key[0])} ') | |
return bytes(a-b for a,b in zip(message, itertools.cycle(key))) | |
def ip_to_hex_string(ip): | |
""" | |
Converts an IP address to a concatenated hex string representation. | |
Args: | |
ip (str): The IP address to convert. | |
Returns: | |
str: The concatenated hex representation of the IP address. | |
""" | |
# Split the IP address into its individual octets | |
octets = ip.split('.') | |
# Convert each octet to an integer and format it as a 2-digit hexadecimal | |
hex_octets = [format(int(octet), '02x') for octet in octets] | |
# Concatenate all the hex octets into a single string | |
hex_ip = ''.join(hex_octets) | |
return hex_ip | |
def get_external_ip(): | |
response = requests.get('https://ipinfo.io/ip') | |
return response.text.strip() | |
try: | |
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) | |
sock.connect((host, port)) | |
myip = get_external_ip() | |
print('My IP:', myip) | |
# Use the function to get the hex string representation | |
hex_string = ip_to_hex_string(myip) | |
# Encode the concatenated hex string using 'latin-1' | |
mykey = hex_string.encode('latin-1') | |
print("My Key:", mykey) | |
banner = sock.recv(4096) | |
print("Banner: ", banner.decode('utf-8')) | |
sock.sendall(message) | |
response = sock.recv(4096) | |
print("Respuesta del servidor:", response) | |
l = response.splitlines() | |
cyphertext = l[1][-len(message):] | |
print("Cyphertext HEX:", cyphertext.hex()) | |
cifrado_ip = crypt_bytes(message,mykey) | |
print(f"El mensaje cifrado {cifrado_ip.hex()} debería coincidir con el devuelto por el servidor {cyphertext.hex()}") | |
descifrado_ip = decrypt_bytes(cyphertext,mykey) | |
print(f"El mensaje descifrado {descifrado_ip} debería coincidir con el mensage {message}") | |
sock.sendall(cyphertext) | |
response2 = sock.recv(4096) | |
print("Respuesta del servidor:", response2) | |
print("Respuesta2 HEX:", response2.hex()) | |
# srvip, _ = sock.getpeername() | |
srvip = '172.17.0.2' | |
print("Server IP:", srvip) | |
hex_string = ip_to_hex_string(srvip) | |
# Encode the concatenated hex string using 'latin-1' | |
srvkey = hex_string.encode('latin-1') | |
print(srvkey.hex()) | |
print("Server Key:", srvkey) | |
descifrado_srv = decrypt_bytes(response2[:-1],srvkey) | |
print(f"Respuesta descifrada: {descifrado_srv}") | |
password_please = crypt_bytes(b"PASSWORD PLEASE",mykey) | |
sock.sendall(password_please) | |
response_pass = sock.recv(4096) | |
descifrado_pass = decrypt_bytes(response_pass[:-1],srvkey) | |
print(f"Password descifrado: {descifrado_pass}") | |
finally: | |
sock.close() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment