type
Post
status
Published
date
Jul 4, 2022
slug
[安洵杯 2020]easyaes
summary
[安洵杯 2020]easyaes
tags
Crypto
CTF
category
CRYPTO
icon
password
[安洵杯 2020]easyaes
#!/usr/bin/python from Crypto.Cipher import AES import binascii from Crypto.Util.number import bytes_to_long from flag import flag from key import key iv = flag.strip(b'd0g3{').strip(b'}') LENGTH = len(key) assert LENGTH == 16 hint = os.urandom(4) * 8 print(bytes_to_long(hint)^bytes_to_long(key)) msg = b'Welcome to this competition, I hope you can have fun today!!!!!!' def encrypto(message): aes = AES.new(key,AES.MODE_CBC,iv) return aes.encrypt(message) print(binascii.hexlify(encrypto(msg))[-32:]) ''' 56631233292325412205528754798133970783633216936302049893130220461139160682777 b'3c976c92aff4095a23e885b195077b66' '''
首先可以看到hint是32位的 而key只有16位 并且hint是4位重复8次 那么就可以就出key
b=56631233292325412205528754798133970783633216936302049893130220461139160682777 from Crypto.Util.number import * hint=b'}4$d'*4 #print(long_to_bytes(bytes_to_long(hint)^b)) key=b'd0g3{welcomeyou}'
然后我们已知最后16位加密得到的密文
那么通过密文解密然后与明文异或得到前一个密文

AESCBC EN
参看
key=b'd0g3{welcomeyou}' def decrypt(message): aes = AES.new(key,AES.MODE_ECB) return aes.decrypt(message) a='3c976c92aff4095a23e885b195077b66' a=unhexlify(a) print(a) mssg=[] for i in range(4): mssg.append(msg[i*16:i*16+16]) #print(mssg) c=long_to_bytes(bytes_to_long(decrypt(a))^bytes_to_long(mssg[3])) c=long_to_bytes(bytes_to_long(decrypt(c))^bytes_to_long(mssg[2])) c=long_to_bytes(bytes_to_long(decrypt(c))^bytes_to_long(mssg[1])) iv=long_to_bytes(bytes_to_long(decrypt(c))^bytes_to_long(mssg[0])) print(iv)
- 作者:Putao0v0
- 链接:https://tangly1024.com/article/%5B%E5%AE%89%E6%B4%B5%E6%9D%AF%202020%5Deasyaes
- 声明:本文采用 CC BY-NC-SA 4.0 许可协议,转载请注明出处。
相关文章