# [安洵杯 2020] easyaes
#!/usr/bin/python | |
from Crypto.Cipher import AES | |
import binascii | |
from Crypto.Util.number import bytes_to_long | |
from flag import flag | |
from key import key | |
iv = flag.strip(b'd0g3{').strip(b'}') | |
LENGTH = len(key) | |
assert LENGTH == 16 | |
hint = os.urandom(4) * 8 | |
print(bytes_to_long(hint)^bytes_to_long(key)) | |
msg = b'Welcome to this competition, I hope you can have fun today!!!!!!' | |
def encrypto(message): | |
aes = AES.new(key,AES.MODE_CBC,iv) | |
return aes.encrypt(message) | |
print(binascii.hexlify(encrypto(msg))[-32:]) | |
''' | |
56631233292325412205528754798133970783633216936302049893130220461139160682777 | |
b'3c976c92aff4095a23e885b195077b66' | |
''' |
首先可以看到 hint 是 32 位的
而 key 只有 16 位
并且 hint 是 4 位重复 8 次
那么就可以就出 key
b=56631233292325412205528754798133970783633216936302049893130220461139160682777 | |
from Crypto.Util.number import * | |
hint=b'}4$d'*4 | |
#print(long_to_bytes(bytes_to_long(hint)^b)) | |
key=b'd0g3{welcomeyou}' |
然后我们已知最后 16 位加密得到的密文
那么通过密文解密然后与明文异或得到前一个密文
参看
key=b'd0g3{welcomeyou}' | |
def decrypt(message): | |
aes = AES.new(key,AES.MODE_ECB) | |
return aes.decrypt(message) | |
a='3c976c92aff4095a23e885b195077b66' | |
a=unhexlify(a) | |
print(a) | |
mssg=[] | |
for i in range(4): | |
mssg.append(msg[i*16:i*16+16]) | |
#print(mssg) | |
c=long_to_bytes(bytes_to_long(decrypt(a))^bytes_to_long(mssg[3])) | |
c=long_to_bytes(bytes_to_long(decrypt(c))^bytes_to_long(mssg[2])) | |
c=long_to_bytes(bytes_to_long(decrypt(c))^bytes_to_long(mssg[1])) | |
iv=long_to_bytes(bytes_to_long(decrypt(c))^bytes_to_long(mssg[0])) | |
print(iv) |
