satos---jp/decode.py

## decode.py
from Crypto.Cipher import AES
import hashlib

dnonce = b"531d8592bbf347cec586a5797f99da00"[:-2]
nonce = ("0" * len(dnonce))
nonce = bytes.fromhex(nonce)
B = b'0'

key = hashlib.sha256(B).digest()

key2 = "5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9"
key2 = bytes.fromhex(key2)
assert (key == key2)
print(key)

s = 'd33f2f7113a22370380d9775361927d480e716222939118046896bb9d1046a7afa73f15d0f14d7ff4934f102be5ad96b150fb00b50db0427836ebfa71a0f008e56ad2609921309cf8e52'
s = bytes.fromhex(s)

cipher = AES.new(key, AES.MODE_CTR, nonce = nonce)

pt = cipher.decrypt(s)
print(pt)

# b'ctfzone{Remember_hacking_is_more_than_just_a_crime_It_is_a_survival_trait}'

## remote.py
#coding: utf-8
from socket import *
import time


isgaibu = False
#isgaibu = True

sock = socket(AF_INET, SOCK_STREAM)
sock.connect(("crypto-mitm.ctfz.one",3339))

size_t = 0x8 #x64かx86か。sizeof(void*) の値で。

import struct

def send(s):
  ls = len(s)
  print(ls)
  ts = struct.pack('H',ls) + s
  print(ts)
  sock.send(ts)

def recv():
  ls = struct.unpack('H',sock.recv(2))[0]
  print('recv %d' % ls)
  res = b''
  while len(res) < ls:
    res += sock.recv(ls-len(res))
  return res

send(b'ClientHello:SHA_AES_CTR_RSA_DHE_2048\n')
s = recv()
print(s)
db = b"9ddbecbc4295ff817e10f07b127b51e14d1258690a85b0b445cd2f07a43327f146992032338336fb86fd6dfd5d51b1da5e05f9604ab0d755851993f2ffef04d5f31421304e1c1e81e06ea6f04c093e17f00f6147552e619096851b3db84b27840a987a82ee3138a3e1e6724bbacea997b46ed2764d460157b12de268aadf11501f86328a174939ca1b6f7064fa06720ec3258fb6077a296bdc8702fbc5437aa1b78f31925e57ff235aee918ed742fbb222455715b41f0665cbbbe7461d14df368957cc4573ebb8cb6188e91d12914ce6d0c838e2923f09b59545b8a5139febe178740abbf395854121ccb458741dfcd87ca7e600099c1b9f0203e98721681b80"
#B = (b"0" * len(db))[:-1]
B = b'00'
dnonce = b"531d8592bbf347cec586a5797f99da00"
nonce = (b"0" * len(dnonce))
assert len(nonce) == 32
send(b'OK:B=0%s|nonce=%s|\n' % (B,nonce))
t = recv()
print(t)
	from Crypto.Cipher import AES
	import hashlib

	dnonce = b"531d8592bbf347cec586a5797f99da00"[:-2]
	nonce = ("0" * len(dnonce))
	nonce = bytes.fromhex(nonce)
	B = b'0'

	key = hashlib.sha256(B).digest()

	key2 = "5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9"
	key2 = bytes.fromhex(key2)
	assert (key == key2)
	print(key)

	s = 'd33f2f7113a22370380d9775361927d480e716222939118046896bb9d1046a7afa73f15d0f14d7ff4934f102be5ad96b150fb00b50db0427836ebfa71a0f008e56ad2609921309cf8e52'
	s = bytes.fromhex(s)

	cipher = AES.new(key, AES.MODE_CTR, nonce = nonce)

	pt = cipher.decrypt(s)
	print(pt)

	# b'ctfzone{Remember_hacking_is_more_than_just_a_crime_It_is_a_survival_trait}'
	#coding: utf-8
	from socket import *
	import time


	isgaibu = False
	#isgaibu = True

	sock = socket(AF_INET, SOCK_STREAM)
	sock.connect(("crypto-mitm.ctfz.one",3339))

	size_t = 0x8 #x64かx86か。sizeof(void*) の値で。

	import struct

	def send(s):
	ls = len(s)
	print(ls)
	ts = struct.pack('H',ls) + s
	print(ts)
	sock.send(ts)

	def recv():
	ls = struct.unpack('H',sock.recv(2))[0]
	print('recv %d' % ls)
	res = b''
	while len(res) < ls:
	res += sock.recv(ls-len(res))
	return res

	send(b'ClientHello:SHA_AES_CTR_RSA_DHE_2048\n')
	s = recv()
	print(s)
	db = b"9ddbecbc4295ff817e10f07b127b51e14d1258690a85b0b445cd2f07a43327f146992032338336fb86fd6dfd5d51b1da5e05f9604ab0d755851993f2ffef04d5f31421304e1c1e81e06ea6f04c093e17f00f6147552e619096851b3db84b27840a987a82ee3138a3e1e6724bbacea997b46ed2764d460157b12de268aadf11501f86328a174939ca1b6f7064fa06720ec3258fb6077a296bdc8702fbc5437aa1b78f31925e57ff235aee918ed742fbb222455715b41f0665cbbbe7461d14df368957cc4573ebb8cb6188e91d12914ce6d0c838e2923f09b59545b8a5139febe178740abbf395854121ccb458741dfcd87ca7e600099c1b9f0203e98721681b80"
	#B = (b"0" * len(db))[:-1]
	B = b'00'
	dnonce = b"531d8592bbf347cec586a5797f99da00"
	nonce = (b"0" * len(dnonce))
	assert len(nonce) == 32
	send(b'OK:B=0%s\|nonce=%s\|\n' % (B,nonce))
	t = recv()
	print(t)