Last active
December 19, 2020 10:28
-
-
Save minhtt159/ad72fe2bcc57b04299700b29e48df6c3 to your computer and use it in GitHub Desktop.
UETCTF Crypto
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # _author_ = "qd" | |
| from Crypto.Cipher import AES | |
| from hashlib import md5 | |
| import os | |
| import json | |
| import SocketServer | |
| import threading | |
| host = 'crypto.nyanwith.me' | |
| port = 9999 | |
| welcome = """ | |
| ---------------------------------- | |
| Welcome to the S3CR3T shop | |
| ---------------------------------- | |
| Here are some options: | |
| [R]egister | |
| [L]ogin | |
| [E]xit | |
| Your choice? | |
| """ | |
| flag = 'UETCTF{fl11p1nG_1s_h0w_1_g0t_h3r3}' | |
| key = os.urandom(16) | |
| class AES_(object): | |
| def __init__(self, key): | |
| self.blocksize = 16 | |
| self.key = md5(key.encode("hex")).digest() | |
| def pad(self, st): | |
| return st + (self.blocksize - len(st) % self.blocksize) * chr(self.blocksize - len(st) % self.blocksize) | |
| def unpad(self, st): | |
| return st[:-ord(st[len(st)-1:])] | |
| def encrypt(self, msg): | |
| msg = self.pad(msg) | |
| iv = os.urandom(16) | |
| crypt = AES.new(self.key, AES.MODE_CBC, iv) | |
| return (iv + crypt.encrypt(msg)).encode("base64") | |
| def decrypt(self, msg): | |
| msg = msg.decode("base64") | |
| iv = msg[:self.blocksize] | |
| crypt = AES.new(self.key, AES.MODE_CBC, iv) | |
| return self.unpad(crypt.decrypt(msg[self.blocksize:])) | |
| class incoming(SocketServer.BaseRequestHandler): | |
| def handle(self): | |
| cur_thread = threading.current_thread() | |
| req = self.request | |
| while True: | |
| req.send(welcome) | |
| choice = req.recv(1024).rstrip('\n').lower() | |
| print choice | |
| if choice == 'r': | |
| aes = AES_(key) | |
| req.send('Who dares to bring an axe into my sacred groves\nShow me your name: ') | |
| name = req.recv(1024).rstrip('\n') | |
| if 'admin' in name.lower(): | |
| req.send('You can\'t see the forest\n') | |
| continue | |
| else: | |
| cred = {} | |
| cred['user'] = name | |
| cred_encrypted = aes.encrypt(json.dumps(cred)) | |
| req.send('The glens are calling, {0}.\nNow you can login with your credential: {1}\n'.format(cred['user'], cred_encrypted)) | |
| elif choice == 'l': | |
| aes = AES_(key) | |
| req.send('Who are you?:\n') | |
| token = req.recv(1024).rstrip('\n') | |
| try: | |
| login = json.loads(aes.decrypt(token)) | |
| except: | |
| print "Invalid credential!\n" | |
| continue | |
| if login['user'] == 'admin': | |
| req.send('Welcome back, Goddess of the Woods!\n') | |
| req.send('Here\'s your flag: ' + flag) | |
| req.close() | |
| break | |
| else: | |
| req.send('The glens are calling, {0}.\nBut you need to be \'admin\' to get flag!\n'.format(login['user'])) | |
| else: | |
| req.send('I will rise next season.!\n') | |
| req.close() | |
| break | |
| class ReuseableServer(SocketServer.ThreadingMixIn, SocketServer.TCPServer): | |
| pass | |
| server = ReuseableServer((host, port), incoming) | |
| server_thread = threading.Thread(target=server.serve_forever) | |
| server_thread.daemon = True | |
| server_thread.start() | |
| server_thread.join() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from Crypto.PublicKey import RSA | |
| import os | |
| import SocketServer | |
| import threading | |
| flag = "UETCTF{RSA_1s_3a5y!_tRy_4n0th3r_0n3}" | |
| host = "crypto.nyanwith.me" | |
| port = 6969 | |
| class incoming(SocketServer.BaseRequestHandler): | |
| def handle(self): | |
| cur_thread = threading.current_thread() | |
| N = RSA.generate(1024,os.urandom).n | |
| welcome = """ | |
| ------------------------------------------------------------------------------- | |
| , _, _, __, _,. . __ .__ . ,.__ __, , _, . . ._, _,.__ . . , __ _, | |
| /| '_) '_) / '_)|\ |/ `[__) \./ [__) / /| |.| |\ | |_ '_)[__)\ //| / `'_) | |
| | ._) ._) / ._)| \|\__.| \ | | / | |_| | \| ._)._)| \ \/ | \__.._) | |
| ------------------------------------------------------------------------------- | |
| """ | |
| req = self.request | |
| req.send(welcome) | |
| #You can't see me, My time is now | |
| req.send("We will give you the flag to prove how 5ecur3 our service is:\n") | |
| req.send("-------------------------\n") | |
| req.send("N: " + str(hex(N)) + "\n") | |
| req.send("Flag: " + str(hex(pow(int(flag.encode("hex"), 16),5,N))) + "\n") | |
| req.send("-------------------------\n") | |
| req.send("0nly h4x0r can see the flag\n") | |
| while True: | |
| req.send("\nNow send me some message to encrypt:\n") | |
| m = req.recv(1024) | |
| req.send("Here you go:\n") | |
| req.send("-------------------------\n") | |
| req.send(str(hex(pow(int(m.encode("hex"), 16),5,N))) + "\n") | |
| req.send("-------------------------\n") | |
| class ReuseableServer(SocketServer.ThreadingMixIn, SocketServer.TCPServer): | |
| pass | |
| server = ReuseableServer((host, port), incoming) | |
| server_thread = threading.Thread(target=server.serve_forever) | |
| server_thread.daemon = True | |
| server_thread.start() | |
| server_thread.join() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment