Created
December 14, 2016 08:39
-
-
Save sonickun/0e0b285250c0cded0bc96d9413c89c19 to your computer and use it in GitHub Desktop.
H4ckIT CTF 2016 | Chad – Ninja Scheme (Crypto 195pt)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#flag begins with h4ck1t{ | |
def slice(s, size): | |
return [s[i: i+size] for i in range(0, len(s), size)] | |
def xor(a, b): | |
return "".join([chr(ord(a[i]) ^ ord(b[i % len(b)])) for i in xrange(len(a))]) | |
def f(L, n): | |
ans = "" | |
for i in range(len(L)): | |
ans += chr((ord(L[i]) + n) % 256) | |
return ans | |
def ninja_decrypt(cipher, rounds): | |
assert len(cipher) == 8 | |
right = cipher[4:] | |
left = cipher[:4] | |
tmp = left | |
left = right | |
right = tmp | |
for n in reversed(range(1, rounds+1)): | |
tmp = left | |
left = right | |
right = xor(tmp, f(right, n)) | |
return left + right | |
cipher = "dd67ca82d358f0c8479e118addcec2f8ce086c0f6f239f9b66d7226a38c68198dbd777f366fb9fd83b60d11109be174759c75ea56a4866c2" | |
cipher = slice(cipher.decode("hex"), 8) | |
# print map(lambda x: x.encode("hex"), cipher) | |
for i in range(1000): | |
plain = ninja_decrypt(cipher[0], i) | |
if plain.find("h4ck1t{") >= 0: | |
print "found", i | |
rounds = i | |
flag = "" | |
for c in cipher: | |
flag += ninja_decrypt(c, rounds) | |
print flag | |
# h4ck1t{KV_F315T31_Kn0VVS_H1S_NN3Tvv0Rk_PrEttY_a1nt_B4D} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
独自のFeistel構造を持つブロック暗号を解読する問題。復号処理を実装し、keyがラウンド数に等しいと仮定してラウンド数をブルートフォースすると既知の平文に復号でき、keyが求まる。