Create a gist now

Instantly share code, notes, and snippets.

SECCON 2017 × CEDEC CHALLENGE - 通信の復号を行うスクリプト (デモ:
# mitmdump -s
import hashlib
import json
import sys
from mitmproxy import ctx
from Crypto.Cipher import AES
def xor(a, b):
res = ''
if len(a) < len(b):
a, b = b, a
for k, c in enumerate(a):
res += chr(ord(c) ^ ord(b[k % len(b)]))
return res
def unpad(msg):
return msg[:-ord(msg[-1])]
def decrypt(key, iv, c):
s =, AES.MODE_CBC, IV=iv).decrypt(c)
return json.loads(unpad(s))
KEY_A = 'def4ul7KeY1Z3456'
KEY_B = 'K33pK3y53cr3TYea'
KEY = xor(KEY_A, KEY_B)
IV = 'IVisNotSecret123'
key, iv = KEY, IV
def request(flow):
global key, iv
if flow.request.path in ('/2017/key', '/2017/uuid'):
key, iv = KEY, IV
if flow.request.urlencoded_form:
data = flow.request.urlencoded_form['data'].decode('base64')
data = decrypt(key, iv, data)'>%s: %s' % (flow.request.path, data))
def response(flow):
global key, iv
data = flow.response.get_content()
if data:
data = decrypt(key, iv, data.decode('base64'))
if 'metadata' in data:
metadata = data['metadata']
if 'key' in metadata:
key = metadata['key']
if 'iv' in metadata:
iv = metadata['iv']'<%s: %s' % (flow.request.path, data))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment