๐Ÿ”’ Cyber Security/Cryptography (์•”ํ˜ธํ•™)

[CryptoHack] Introduction to CryptoHack

์„ ๋‹ฌ 2022. 11. 10. 10:40
๋ฐ˜์‘ํ˜•

https://cryptohack.org/challenges/introduction/

 

CryptoHack – Home

A fun, free platform to learn about cryptography through solving challenges and cracking insecure code. Can you reach the top of the leaderboard?

cryptohack.org

 

     

    Finding Flags

    Each challenge is designed to help introduce you to a new piece of cryptography. Solving a challenge will require you to find a "flag".

    These flags will usually be in the format crypto{y0ur_f1rst_fl4g}. The flag format helps you verify that you found the correct solution.

    Try submitting this into the form below to solve your first challenge.

    ์ง„ํ–‰๋ฐฉ์‹์„ ์„ค๋ช…ํ•ด์ฃผ๋Š” ์ฒซ๋ฒˆ์งธ ๋ฌธ์ œ !

    ๋ฌธ์ œ์— ๋‚˜์™€์žˆ๋Š” ํ”Œ๋ž˜๊ทธ๋ฅผ ๊ทธ๋Œ€๋กœ ์ž…๋ ฅํ•˜๋ฉด ํ•ด๊ฒฐ

     


    Great Sankes

    Modern cryptography involves code, and code involves coding. CryptoHack provides a good opportunity to sharpen your skills.

    Of all modern programming languages, Python 3 stands out as ideal for quickly writing cryptographic scripts and attacks. For more information about why we think Python is so great for this, please see the FAQ.

    Run the attached Python script and it will output your flag.

    Challenge files: - great_snakes.py

    #!/usr/bin/env python3
    
    import sys
    # import this
    
    if sys.version_info.major == 2:
        print("You are running Python 2, which is no longer supported. Please update to Python 3.")
    
    ords = [81, 64, 75, 66, 70, 93, 73, 72, 1, 92, 109, 2, 84, 109, 66, 75, 70, 90, 2, 92, 79]
    
    print("Here is your flag:")
    print("".join(chr(o ^ 0x32) for o in ords))โ€‹

    ๊ฒฐ๊ตญ ๋ฌธ์ œ๋Š” ๋งˆ์ง€๋ง‰์ค„ !

    " Run the attached Python script and it will output your flag. "

    ์•„๋ž˜ ํŒŒ์ด์ฌ ์ฝ”๋“œ๋ฅผ ์‹คํ–‰ํ•˜๋ฉด ํ”Œ๋ž˜๊ทธ๊ฐ€ ๋‚˜์˜จ๋‹ค

     

     


    Network Attacks

    Several of the challenges are dynamic and require you to talk to our challenge servers over the network. This allows you to perform man-in-the-middle attacks on people trying to communicate, or directly attack a vulnerable service. To keep things consistent, our interactive servers always send and receive JSON objects.

    Python makes such network communication easy with the telnetlib module. Conveniently, it's part of Python's standard library, so let's use it for now.

    For this challenge, connect to socket.cryptohack.org on port 11112. Send a JSON object with the key buy and value flag.

    The example script below contains the beginnings of a solution for you to modify, and you can reuse it for later challenges.

    Connect at nc socket.cryptohack.org 11112

    Challenge files:
      - telnetlib_example.py

    #!/usr/bin/env python3
    
    import telnetlib
    import json
    
    HOST = "socket.cryptohack.org"
    PORT = 11112
    
    tn = telnetlib.Telnet(HOST, PORT)
    
    
    def readline():
        return tn.read_until(b"\n")
    
    def json_recv():
        line = readline()
        return json.loads(line.decode())
    
    def json_send(hsh):
        request = json.dumps(hsh).encode()
        tn.write(request)
    
    
    print(readline())
    print(readline())
    print(readline())
    print(readline())
    
    
    request = {
        "buy": "clothes"
    }
    json_send(request)
    
    response = json_recv()
    
    print(response)โ€‹

     

    ์ฃผ์–ด์ง„ ํŒŒ์ผ์—์„œ request ๊ฐ์ฒด์— buy ํ‚ค์— flag๋ผ๋Š” ๊ฐ’์œผ๋กœ ๋ฐ”๊ฟ”์ฃผ๋ฉด ๋œ๋‹ค.

     

    ...
    
    request = {
        "buy": "flag"
    }
    
    ...

     

     

    FLAG

    ๋”๋ณด๊ธฐ

    crypto{sh0pp1ng_f0r_fl4g5}

    ๋ฐ˜์‘ํ˜•

    '๐Ÿ”’ Cyber Security > Cryptography (์•”ํ˜ธํ•™)' ์นดํ…Œ๊ณ ๋ฆฌ์˜ ๋‹ค๋ฅธ ๊ธ€

    [CryptoHack] General Challenge - XOR  (0) 2022.11.10
    [CryptoHack] General Challenge - Ecoding  (0) 2022.11.10