Skip to content

Instantly share code, notes, and snippets.

@pun1sher729

pun1sher729/writeup.md

Created March 1, 2022 12:39
Show Gist options
  • Save pun1sher729/887d687c0990666494fead222c3c9644 to your computer and use it in GitHub Desktop.
Save pun1sher729/887d687c0990666494fead222c3c9644 to your computer and use it in GitHub Desktop.
Download ZIP
Cryptohack - CTRIME writeup
Raw
writeup.md

It is CRIME sttack. https://shainer.github.io/crypto/2017/01/02/crime-attack.html

Code:

import requests
import json
import string

def encrypt(pt_hex):
    url = f"http://aes.cryptohack.org/ctrime/encrypt/{pt_hex}/"
    r = requests.get(url)
    try:
        enc = (json.loads(r.text))['ciphertext']
        return enc
    except:
        enc = (json.loads(r.text))
        return enc

flag = b'crypto{'
#c = encrypt(flag.hex())
#print(len(c))

while 1:
    c = encrypt(flag.hex())
    for i in string.printable:
        p = (flag+i.encode()).hex()
        l = len(encrypt(p))
        #print(l, i)
        n = len(c)
        if l == n:
            flag += i.encode()
            print(flag.decode())
            break
    if flag.endswith(b'M'):  
        flag += b'E'        
        print(flag.decode())
    '''Had to add this if statement because every printable gives the same length so guessed it would be "E" after "CRIM" '''
    if flag.endswith(b'}'):
        print(flag.decode())
        break

Flag = crypto{CRIME_571ll_p4y5}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment