Skip to content

Instantly share code, notes, and snippets.

Created June 1, 2017 00:09
What would you like to do?
#!/usr/bin/env python3
from array import array
ctfile = './cd/debian-40r9-amd64-businesscard.iso'
ptfile = './debian-40r9-amd64-businesscard.iso'
flagfile = './flags/flag.txt'
with open(ctfile, 'rb') as f1:
ctbytes = array('B',
with open(ptfile, 'rb') as f2:
ptbytes = array('B',
with open(flagfile, 'rb') as f3:
flagbytes = array('B',
offset = 32 # IV is 3 for debian iso, 5 for flag.txt. this is two AES blocks of 16 bytes each for a total of 32 bytes
keystream = [ctbytes[i] ^ ptbytes[i] for i in range(len(flagbytes) + offset)] # KPA on the encrypted debian ISO to derive a big chunk of keystream
decrypted = [flagbytes[i] ^ keystream[i+offset] for i in range(len(flagbytes))] # using the keystream at the correct offset to decrypt the flag
[print(chr(d), end='') for d in decrypted]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment