Skip to content

Instantly share code, notes, and snippets.

@minhtt159

minhtt159/secret.py

Created November 9, 2017 08:03
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save minhtt159/391f5af77087f35f4d80cc5929bfd37a to your computer and use it in GitHub Desktop.
Save minhtt159/391f5af77087f35f4d80cc5929bfd37a to your computer and use it in GitHub Desktop.
Download ZIP
SvATTT2017 - Crypto 300
Raw
secret.py
import random
import os
import string
FLAG="FLAG_SAMPLE"
def random_str(N):
return ''.join(random.SystemRandom().choice(string.ascii_letters + string.digits) for _ in range(N))
def gen_data_kv():
n1 = random.randint(5, 20)
n2 = random.randint(30, 100)
k = random_str(n1)
v = random_str(n2)
return '"%s": "%s"' % (k,v)
def gen_data(u,f):
return '{"a":"%s", %s, "pin": "0000", %s, "flag": "%s", %s}' %(random_str(3), gen_data_kv(), u, gen_data_kv(), f, gen_data_kv())
def pack_pin(u):
return gen_data(u, FLAG)
Raw
server.py
import base64
import string
import json
from secret import pack_pin
import SocketServer
import threading
def read_key():
key = open("KEY.txt").read()
key = key.decode('hex')
return key
def xor(data, key):
l = len(key)
return bytearray((
(data[i] ^ key[i % l]) for i in range(0,len(data))
))
def encode(data):
try:
return base64.b64encode(data)
except:
return "Incorrect"
def decode(data):
try:
return base64.b64decode(data)
except:
return "Incorrect"
def unpack_pin(data):
try:
dt = json.loads(data)
if 'pin' in dt:
return dt['pin']
except:
pass
return "None"
def gen_cookie(p, k):
data = pack_pin(p)
return encode(xor(bytearray(encode(data)), bytearray(k)))
def load_cookie(c, k):
data = decode(c)
if data == "Incorrect":
return data
data = xor(bytearray(data), bytearray(k))
data = decode(data)
if data == "Incorrect":
return data
return unpack_pin(data)
class ThreadedTCPServer(SocketServer.ThreadingMixIn, SocketServer.TCPServer):
allow_reuse_address = True
class ThreadedTCPRequestHandler(SocketServer.BaseRequestHandler):
def init(self):
pass
def handle(self):
self.request.settimeout(30)
rsend = self.request.sendall
rclose = self.request.close
rrecv = self.request.recv
key = read_key()
if len(key) != 64:
rsend("Invalid key!\n")
rclose()
rsend("Welcome to secret service.\n\n")
rsend("Please choose:\n")
rsend("1: Cookie generator\n")
rsend("2: Cookie verification\n")
rsend("=======================================\n\n")
while True:
rsend("Choose your number[1,2]:\n")
choose = rrecv(4096).rstrip('\n').rstrip('\r')
if (choose == "1"):
rsend("Please enter your pin:\n")
pin = rrecv(4096).rstrip('\n').rstrip('\r')
if len(pin) >= 4:
pin = pin[:4]
cookie = gen_cookie(pin, key)
rsend("Your cookie: " + cookie + "\n")
rsend("--------------------\n")
elif (choose == "2"):
rsend("Please enter your cookie:\n")
cookie = rrecv(4096).rstrip('\n').rstrip('\r')
pin = load_cookie(cookie, key)
rsend("Your pin: " + pin + "\n")
rsend("--------------------\n")
else:
rsend("Only 1 or 2. Bye\n")
break
rclose()
HOST, PORT = '', 11337
while True:
server = ThreadedTCPServer((HOST, PORT), ThreadedTCPRequestHandler)
server_thread = threading.Thread(target=server.serve_forever)
server_thread.daemon = True
server_thread.start()
print "Server loop running in thread:", server_thread.name
server_thread.join()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment