Skip to content

Instantly share code, notes, and snippets.

@tylerkerr
Created June 1, 2017 00:09
Show Gist options
  • Save tylerkerr/29e457bca4e83615fb1fca9b6219f2a5 to your computer and use it in GitHub Desktop.
Save tylerkerr/29e457bca4e83615fb1fca9b6219f2a5 to your computer and use it in GitHub Desktop.
#!/usr/bin/env python3
from array import array
ctfile = './cd/debian-40r9-amd64-businesscard.iso'
ptfile = './debian-40r9-amd64-businesscard.iso'
flagfile = './flags/flag.txt'
with open(ctfile, 'rb') as f1:
ctbytes = array('B', f1.read())
with open(ptfile, 'rb') as f2:
ptbytes = array('B', f2.read())
with open(flagfile, 'rb') as f3:
flagbytes = array('B', f3.read())
offset = 32 # IV is 3 for debian iso, 5 for flag.txt. this is two AES blocks of 16 bytes each for a total of 32 bytes
keystream = [ctbytes[i] ^ ptbytes[i] for i in range(len(flagbytes) + offset)] # KPA on the encrypted debian ISO to derive a big chunk of keystream
decrypted = [flagbytes[i] ^ keystream[i+offset] for i in range(len(flagbytes))] # using the keystream at the correct offset to decrypt the flag
[print(chr(d), end='') for d in decrypted]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment