Skip to content

Instantly share code, notes, and snippets.

@juananpe
Created July 29, 2024 20:08
Show Gist options
  • Save juananpe/d98d4f5223c7c4b3341ca4962e1160fc to your computer and use it in GitHub Desktop.
Save juananpe/d98d4f5223c7c4b3341ca4962e1160fc to your computer and use it in GitHub Desktop.
Hackit 2024 / EE32 / Level 3/ hackit3solver.py
import socket
import requests
import itertools
host = 'ikasten.io'
port = 31337
message = b"HELP ME PLEASE"
def xor_bytes(bytes1, bytes2):
return bytes(a + b for a, b in zip(bytes1, bytes2))
def crypt_bytes(message, key):
return bytes(a+b for a,b in zip(message, itertools.cycle(key)))
def decrypt_bytes(message, key):
print(f'Descifrando {message[0]} - {key[0]} = {chr(message[0] - key[0])} ')
return bytes(a-b for a,b in zip(message, itertools.cycle(key)))
def ip_to_hex_string(ip):
"""
Converts an IP address to a concatenated hex string representation.
Args:
ip (str): The IP address to convert.
Returns:
str: The concatenated hex representation of the IP address.
"""
# Split the IP address into its individual octets
octets = ip.split('.')
# Convert each octet to an integer and format it as a 2-digit hexadecimal
hex_octets = [format(int(octet), '02x') for octet in octets]
# Concatenate all the hex octets into a single string
hex_ip = ''.join(hex_octets)
return hex_ip
def get_external_ip():
response = requests.get('https://ipinfo.io/ip')
return response.text.strip()
try:
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.connect((host, port))
myip = get_external_ip()
print('My IP:', myip)
# Use the function to get the hex string representation
hex_string = ip_to_hex_string(myip)
# Encode the concatenated hex string using 'latin-1'
mykey = hex_string.encode('latin-1')
print("My Key:", mykey)
banner = sock.recv(4096)
print("Banner: ", banner.decode('utf-8'))
sock.sendall(message)
response = sock.recv(4096)
print("Respuesta del servidor:", response)
l = response.splitlines()
cyphertext = l[1][-len(message):]
print("Cyphertext HEX:", cyphertext.hex())
cifrado_ip = crypt_bytes(message,mykey)
print(f"El mensaje cifrado {cifrado_ip.hex()} debería coincidir con el devuelto por el servidor {cyphertext.hex()}")
descifrado_ip = decrypt_bytes(cyphertext,mykey)
print(f"El mensaje descifrado {descifrado_ip} debería coincidir con el mensage {message}")
sock.sendall(cyphertext)
response2 = sock.recv(4096)
print("Respuesta del servidor:", response2)
print("Respuesta2 HEX:", response2.hex())
# srvip, _ = sock.getpeername()
srvip = '172.17.0.2'
print("Server IP:", srvip)
hex_string = ip_to_hex_string(srvip)
# Encode the concatenated hex string using 'latin-1'
srvkey = hex_string.encode('latin-1')
print(srvkey.hex())
print("Server Key:", srvkey)
descifrado_srv = decrypt_bytes(response2[:-1],srvkey)
print(f"Respuesta descifrada: {descifrado_srv}")
password_please = crypt_bytes(b"PASSWORD PLEASE",mykey)
sock.sendall(password_please)
response_pass = sock.recv(4096)
descifrado_pass = decrypt_bytes(response_pass[:-1],srvkey)
print(f"Password descifrado: {descifrado_pass}")
finally:
sock.close()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment