[安洵杯 2020]easyaes | Putao0v0のBlog

type

Post

status

Published

date

Jul 4, 2022

slug

[安洵杯 2020]easyaes

summary

[安洵杯 2020]easyaes


#!/usr/bin/python
from Crypto.Cipher import AES
import binascii
from Crypto.Util.number import bytes_to_long
from flag import flag
from key import key

iv = flag.strip(b'd0g3{').strip(b'}')

LENGTH = len(key)
assert LENGTH == 16

hint = os.urandom(4) * 8
print(bytes_to_long(hint)^bytes_to_long(key))

msg = b'Welcome to this competition, I hope you can have fun today!!!!!!'

def encrypto(message):
    aes = AES.new(key,AES.MODE_CBC,iv)
    return aes.encrypt(message)

print(binascii.hexlify(encrypto(msg))[-32:])

'''
56631233292325412205528754798133970783633216936302049893130220461139160682777
b'3c976c92aff4095a23e885b195077b66'
'''

首先可以看到hint是32位的而key只有16位并且hint是4位重复8次那么就可以就出key


b=56631233292325412205528754798133970783633216936302049893130220461139160682777
from Crypto.Util.number import *

hint=b'}4$d'*4
#print(long_to_bytes(bytes_to_long(hint)^b))
key=b'd0g3{welcomeyou}'

然后我们已知最后16位加密得到的密文

那么通过密文解密然后与明文异或得到前一个密文

AESCBC EN

参看


key=b'd0g3{welcomeyou}'

def decrypt(message):
    aes = AES.new(key,AES.MODE_ECB)
    return aes.decrypt(message)
a='3c976c92aff4095a23e885b195077b66'
a=unhexlify(a)
print(a)
mssg=[]
for i in range(4):
    mssg.append(msg[i*16:i*16+16])
#print(mssg)
c=long_to_bytes(bytes_to_long(decrypt(a))^bytes_to_long(mssg[3]))

c=long_to_bytes(bytes_to_long(decrypt(c))^bytes_to_long(mssg[2]))
c=long_to_bytes(bytes_to_long(decrypt(c))^bytes_to_long(mssg[1]))

iv=long_to_bytes(bytes_to_long(decrypt(c))^bytes_to_long(mssg[0]))
print(iv)