Skip to content

Instantly share code, notes, and snippets.

@pun1sher729

pun1sher729/writeup.md

Last active January 28, 2024 13:49
Show Gist options
  • Save pun1sher729/8ac9c9fc38337f989fe920006d09a44a to your computer and use it in GitHub Desktop.
Save pun1sher729/8ac9c9fc38337f989fe920006d09a44a to your computer and use it in GitHub Desktop.
Download ZIP
Cryptohack - Flipping Cookie writeup
Raw
writeup.md

082113_1459_CBCByteFlip3

From cbc decryption: P0 = iv xor block_decryption(C0)

P0 --> "admin=False" P' --> "admin=True" (what we want)

"admin=True" = iv' xor block_decryption(C0)

iv' = "admin=True" xor block_decryption(C0)

block_decryption(C0) = "admin=False" xor iv

iv' = iv xor "admin=False" xor "admin=True"

Code:

from Crypto.Util.number import *
import requests
import json
from pwn import xor

def get_ciphertext():
    url = "http://aes.cryptohack.org/flipping_cookie/get_cookie/"
    r = requests.get(url)
    ct = (json.loads(r.text))['cookie']
    return ct

def check_cookie(cookie, iv):
    url = "http://aes.cryptohack.org/flipping_cookie/check_admin/"+cookie+"/"+iv
    r = requests.get(url)
    try:
        flag = (json.loads(r.text))['flag']
    except:
        flag = (json.loads(r.text))['error']
    return flag

c = get_ciphertext()
iv = bytes.fromhex((c[:32]))
ct = c[32:]

iv1 = xor(iv,b'admin=False',b'admin=True;').hex()
flag = check_cookie(ct, iv1)
print(flag)

Flag = crypto{4u7h3n71c4710n_15_3553n714l}

note: in cbc bit flipping attack the number of bytes of P0 and P' must be equal

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment