๋ฐ์ํ
https://cryptohack.org/challenges/general/
ASCII
ASCII is a 7-bit encoding standard which allows the representation of text using the integers 0-127.
Using the below integer array, convert the numbers to their corresponding ASCII characters to obtain a flag. [99, 114, 121, 112, 116, 111, 123, 65, 83, 67, 73, 73, 95, 112, 114, 49, 110, 116, 52, 98, 108, 51, 125]
In Python, the chr() function can be used to convert an ASCII ordinal number to a character (the ord() function does the opposite).
์์คํค์ฝ๋๋ก ๋จ์ด๋ฅผ ์์๋ด๋ ๋ฌธ์ .
์น์ ํ๊ฒ ํํธ๋ก ํ์ด์ฌ์์ chr()๋ฅผ ์ฐ๋ฉด ๋๋ค๊ณ ๋ ์๋ ค์ค๋ค.
๊ฐ๋จํ ๋ฌธ์ ์ด๋ฏ๋ก ์ง์ ์ฝ๋๋ฅผ ์ง ๋ค
HEX
When we encrypt something the resulting ciphertext commonly has bytes which are not printable ASCII characters.If we want to share our encrypted data, it's common to encode it into something more user-friendly and portable across different systems.
Included below is a flag encoded as a hex string. Decode this back into bytes to get the flag. 63727970746f7b596f755f77696c6c5f62655f776f726b696e675f776974685f6865785f737472696e67735f615f6c6f747d
In Python, the bytes.fromhex() function can be used to convert hex to bytes. The .hex() instance method can be called on byte strings to get the hex representation.
16์ง์๋ฅผ ๋ณํํ๋ ๋ฌธ์ ์ด๋ค. ๋ง์ฐฌ๊ฐ์ง๋ก ๊ฐ๋จํ๊ธฐ ๋๋ฌธ์ ํ์ด์ฌ์ผ๋ก ์ฝ๋๋ฅผ ์งฐ๋ค
#!/usr/bin/env python3
text = "63727970746f7b596f755f77696c6c5f62655f776f726b696e675f776974685f6865785f737472696e67735f615f6c6f747d"
print(bytes.fromhex(text))
Base64
Another common encoding scheme is Base64, which allows us to represent binary data as an ASCII string using 64 characters. One character of a Base64 string encodes 6 bits, and so 4 characters of Base64 encode three 8-bit bytes.
Base64 is most commonly used online, so binary data such as images can be easily included into HTML or CSS files.
Take the below hex string, decode it into bytes and then encode it into Base64.
72bca9b68fc16ac7beeb8f849dca1d8a783e8acf9679bf9269f7bf
In Python, after importing the base64 module with import base64, you can use the base64.b64encode() function. Remember to decode the hex first as the challenge description states.
hex ๋ฌธ์์ด์ ์ ๋ฌธ์ ์ฒ๋ผ ๋์ฝ๋ฉํ๊ณ , base64๋ก ์ธ์ฝ๋ฉํ๋ ๋ฌธ์
#!/usr/bin/env python3
import base64
code ="72bca9b68fc16ac7beeb8f849dca1d8a783e8acf9679bf9269f7bf"
decode = bytes.fromhex(code)
encode = base64.b64encode(decode)
print(encode)
๋๋ณด๊ธฐ
crypto/Base+64+Encoding+is+Web+Safe/
Bytes and Big Integers
Cryptosystems like RSA works on numbers, but messages are made up of characters. How should we convert our messages into numbers so that mathematical operations can be applied?
The most common way is to take the ordinal bytes of the message, convert them into hexadecimal, and concatenate. This can be interpreted as a base-16 number, and also represented in base-10.
To illustrate:
message: HELLO
ascii bytes: [72, 69, 76, 76, 79]
hex bytes: [0x48, 0x45, 0x4c, 0x4c, 0x4f]
base-16: 0x48454c4c4f
base-10: 310400273487
Python's PyCryptodome library implements this with the methods bytes_to_long() and long_to_bytes(). You will first have to install PyCryptodome and import it with from Crypto.Util.number import *. For more details check the FAQ.
Encoding Challenge
Now you've got the hang of the various encodings you'll be encountering, let's have a look at automating it.
Can you pass all 100 levels to get the flag?
The 13377.py file attached below is the source code for what's running on the server. The pwntools_example.py file provides the start of a solution using the incredibly convenient pwntools library. which we recommend. If you'd prefer to use Python's in-built telnetlib, telnetlib_example.py is also provided.
For more information about connecting to interactive challenges, see the FAQ. Feel free to skip ahead to the cryptography if you aren't in the mood for a coding challenge!
Connect at nc socket.cryptohack.org 13377
Challenge files:
- 13377.py
- pwntools_example.py
-
13777.py
๋๋ณด๊ธฐ
#!/usr/bin/env python3
from Crypto.Util.number import bytes_to_long, long_to_bytes
from utils import listener # this is cryptohack's server-side module and not part of python
import base64
import codecs
import random
FLAG = "crypto{????????????????????}"
ENCODINGS = [
"base64",
"hex",
"rot13",
"bigint",
"utf-8",
]
with open('/usr/share/dict/words') as f:
WORDS = [line.strip().replace("'", "") for line in f.readlines()]
class Challenge():
def __init__(self):
self.challenge_words = ""
self.stage = 0
def create_level(self):
self.stage += 1
self.challenge_words = "_".join(random.choices(WORDS, k=3))
encoding = random.choice(ENCODINGS)
if encoding == "base64":
encoded = base64.b64encode(self.challenge_words.encode()).decode() # wow so encode
elif encoding == "hex":
encoded = self.challenge_words.encode().hex()
elif encoding == "rot13":
encoded = codecs.encode(self.challenge_words, 'rot_13')
elif encoding == "bigint":
encoded = hex(bytes_to_long(self.challenge_words.encode()))
elif encoding == "utf-8":
encoded = [ord(b) for b in self.challenge_words]
return {"type": encoding, "encoded": encoded}
#
# This challenge function is called on your input, which must be JSON
# encoded
#
def challenge(self, your_input):
if self.stage == 0:
return self.create_level()
elif self.stage == 100:
self.exit = True
return {"flag": FLAG}
if self.challenge_words == your_input["decoded"]:
return self.create_level()
return {"error": "Decoding fail"}
listener.start_server(port=13377)
pwntools_example.py
๋๋ณด๊ธฐ
from pwn import * # pip install pwntools
import json
r = remote('socket.cryptohack.org', 13377, level = 'debug')
def json_recv():
line = r.recvline()
return json.loads(line.decode())
def json_send(hsh):
request = json.dumps(hsh).encode()
r.sendline(request)
received = json_recv()
print("Received type: ")
print(received["type"])
print("Received encoded value: ")
print(received["encoded"])
to_send = {
"decoded": "changeme"
}
json_send(to_send)
json_recv()
telnetlib_example.py
๋๋ณด๊ธฐ
import telnetlib
import json
HOST = "socket.cryptohack.org"
PORT = 13377
tn = telnetlib.Telnet(HOST, PORT)
def readline():
return tn.read_until(b"\n")
def json_recv():
line = readline()
return json.loads(line.decode())
def json_send(hsh):
request = json.dumps(hsh).encode()
tn.write(request)
received = json_recv()
print("Received type: ")
print(received["type"])
print("Received encoded value: ")
print(received["encoded"])
to_send = {
"decoded": "changeme"
}
json_send(to_send)
json_recv()
๋ฐ์ํ
'๐ Cyber Security > Cryptography (์ํธํ)' ์นดํ ๊ณ ๋ฆฌ์ ๋ค๋ฅธ ๊ธ
[CryptoHack] General Challenge - XOR (0) | 2022.11.10 |
---|---|
[CryptoHack] Introduction to CryptoHack (0) | 2022.11.10 |