Rikaard Hosein rikaardhosein

## compression_solution.py
import socket
import itertools
import struct
import string
import sys


def send_data( rsocket, data ):
	length = struct.pack('I',len(data))
	rsocket.send(length)

## compression-nonce.py
    def handle(self):
        nonce = os.urandom(8)
        self.wfile.write(nonce)

## ctest.py
#!/usr/bin/python
import zlib
import sys
PROBLEM_KEY = 'crime_sometimes_pays'
print len(zlib.compress(sys.argv[1]+PROBLEM_KEY))

## wchars.asm
(gdb) disas main
Dump of assembler code for function main:
0x08048596 <main+0>:	push   ebp
0x08048597 <main+1>:	mov    ebp,esp
0x08048599 <main+3>:	sub    esp,0x18
0x0804859c <main+6>:	and    esp,0xfffffff0
0x0804859f <main+9>:	mov    eax,0x0
0x080485a4 <main+14>:	sub    esp,eax
0x080485a6 <main+16>:	cmp    DWORD PTR [ebp+0x8],0x2
0x080485aa <main+20>:	je     0x80485ca <main+52>

## wchars_e1.asm
0x080485ef <main+89>:	mov    DWORD PTR [esp+0x4],0x8049140
0x080485f7 <main+97>:	mov    DWORD PTR [esp],0x80491a0
0x080485fe <main+104>:	call   0x80483d8 <wcscmp@plt>

## gdb_output.c
(gdb) call wprintf(0x8049140)
$1 = 8
(gdb) call fflush(stdout)
SecretPW$2 = 0

## ctest_tests
rik@sec:~/ctf/plaid2013/compression$ python ctest.py aaaa
30
rik@sec:~/ctf/plaid2013/compression$ python ctest.py bbbb
30
rik@sec:~/ctf/plaid2013/compression$ python ctest.py cccc
29
rik@sec:~/ctf/plaid2013/compression$ python ctest.py dddd
30

## hex2base64.py
def hex2bytes(hex_string):
	bytes = bytearray()
	for i in range(0,len(hex_string),2):
		bytes.append( int(data[i:i+2],16) )
	return bytes

def conv_chunk( chunk, i = 0, max = 4 ):
	charset = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'
	return conv_chunk(chunk>>6,i+1,max)+(charset[(chunk)&0x3F]) if i < max else ''


## genrsa.py
#!/usr/bin/env python

from time import time
from os import system
from Crypto.PublicKey import RSA


SEED = int(time())


## rsa_extract.py
#!/usr/bin/python
import sys
import base64
import struct

filename = sys.argv[1]
file_contents = open(filename,'rb').read()
base64_encoded_info = file_contents.split(' ')[1]
raw_bytes = base64.b64decode(base64_encoded_info)
	import socket
	import itertools
	import struct
	import string
	import sys


	def send_data( rsocket, data ):
	length = struct.pack('I',len(data))
	rsocket.send(length)
	def handle(self):
	nonce = os.urandom(8)
	self.wfile.write(nonce)
	#!/usr/bin/python
	import zlib
	import sys
	PROBLEM_KEY = 'crime_sometimes_pays'
	print len(zlib.compress(sys.argv[1]+PROBLEM_KEY))
	(gdb) disas main
	Dump of assembler code for function main:
	0x08048596 <main+0>: push ebp
	0x08048597 <main+1>: mov ebp,esp
	0x08048599 <main+3>: sub esp,0x18
	0x0804859c <main+6>: and esp,0xfffffff0
	0x0804859f <main+9>: mov eax,0x0
	0x080485a4 <main+14>: sub esp,eax
	0x080485a6 <main+16>: cmp DWORD PTR [ebp+0x8],0x2
	0x080485aa <main+20>: je 0x80485ca <main+52>
	0x080485ef <main+89>: mov DWORD PTR [esp+0x4],0x8049140
	0x080485f7 <main+97>: mov DWORD PTR [esp],0x80491a0
	0x080485fe <main+104>: call 0x80483d8 <wcscmp@plt>
	(gdb) call wprintf(0x8049140)
	$1 = 8
	(gdb) call fflush(stdout)
	SecretPW$2 = 0
	rik@sec:~/ctf/plaid2013/compression$ python ctest.py aaaa
	30
	rik@sec:~/ctf/plaid2013/compression$ python ctest.py bbbb
	30
	rik@sec:~/ctf/plaid2013/compression$ python ctest.py cccc
	29
	rik@sec:~/ctf/plaid2013/compression$ python ctest.py dddd
	30
	def hex2bytes(hex_string):
	bytes = bytearray()
	for i in range(0,len(hex_string),2):
	bytes.append( int(data[i:i+2],16) )
	return bytes

	def conv_chunk( chunk, i = 0, max = 4 ):
	charset = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'
	return conv_chunk(chunk>>6,i+1,max)+(charset[(chunk)&0x3F]) if i < max else ''
	#!/usr/bin/env python

	from time import time
	from os import system
	from Crypto.PublicKey import RSA


	SEED = int(time())
	#!/usr/bin/python
	import sys
	import base64
	import struct

	filename = sys.argv[1]
	file_contents = open(filename,'rb').read()
	base64_encoded_info = file_contents.split(' ')[1]
	raw_bytes = base64.b64decode(base64_encoded_info)