#!/usr/bin/env python3 from Crypto.Util.Padding import unpad from Crypto.Cipher import AES from os import urandom from random import SystemRandom from utils import listener FLAG = 'crypto{????????????????????????????????????????????????????}' rng = SystemRandom() class Challenge: def __init__(self): self.before_input = "That last challenge was pretty easy, but I'm positive that this one will be harder!\n" self.message = urandom(16).hex() self.key = urandom(16) self.query_count = 0 self.max_queries = 12_000 def update_query_count(self): self.query_count += 1 if self.query_count >= self.max_queries: self.exit = True def get_ct(self): iv = urandom(16) cipher = AES.new(self.key, AES.MODE_CBC, iv=iv) ct = cipher.encrypt(self.message.encode("ascii")) return {"ct": (iv+ct).hex()} def check_padding(self, ct): ct = bytes.fromhex(ct) iv, ct = ct[:16], ct[16:] cipher = AES.new(self.key, AES.MODE_CBC, iv=iv) pt = cipher.decrypt(ct) # does not remove padding try: unpad(pt, 16) except ValueError: good = False else: good = True self.update_query_count() return {"result": good ^ (rng.random() > 0.4)} def check_message(self, message): if message != self.message: self.exit = True return {"error": "incorrect message"} return {"flag": FLAG} # # This challenge function is called on your input, which must be JSON # encoded # def challenge(self, msg): if "option" not in msg or msg["option"] not in ("encrypt", "unpad", "check"): return {"error": "Option must be one of: encrypt, unpad, check"} if msg["option"] == "encrypt": return self.get_ct() elif msg["option"] == "unpad": return self.check_padding(msg["ct"]) elif msg["option"] == "check": return self.check_message(msg["message"]) import builtins; builtins.Challenge = Challenge # hack to enable challenge to be run locally, see https://cryptohack.org/faq/#listener listener.start_server(port=13423)