> For the complete documentation index, see [llms.txt](https://docs.cooku222.kr/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.cooku222.kr/security/crypto/dreamhack/dreamhack-line-ctf-2021-babycrypto2.md). # \[Dreamhack] \[LINE CTF 2021] babycrypto2 문제 출처 : [ \[LINE CTF 2021\] babycrypto2 dreamhack.io](https://dreamhack.io/wargame/challenges/387) *** **babyCrypto2.py** ``` #!/usr/bin/env python from base64 import b64decode from base64 import b64encode import socket import multiprocessing from Crypto.Cipher import AES from Crypto.Random import get_random_bytes from Crypto.Util.Padding import pad, unpad import hashlib import sys class AESCipher: def __init__(self, key): self.key = key def encrypt(self, data): iv = get_random_bytes(AES.block_size) self.cipher = AES.new(self.key, AES.MODE_CBC, iv) return b64encode(iv + self.cipher.encrypt(pad(data, AES.block_size))) def encrypt_iv(self, data, iv): self.cipher = AES.new(self.key, AES.MODE_CBC, iv) return b64encode(iv + self.cipher.encrypt(pad(data, AES.block_size))) def decrypt(self, data): raw = b64decode(data) self.cipher = AES.new(self.key, AES.MODE_CBC, raw[:AES.block_size]) return unpad(self.cipher.decrypt(raw[AES.block_size:]), AES.block_size) flag = open("flag", "rb").read().strip() AES_KEY = get_random_bytes(AES.block_size) TOKEN = b64encode(get_random_bytes(AES.block_size*10-1)) COMMAND = [b'test',b'show'] PREFIX = b'Command: ' def run_server(client): client.send(b'test Command: ' + AESCipher(AES_KEY).encrypt(PREFIX+COMMAND[0]+TOKEN) + b'\n') while(True): client.send(b'Enter your command: ') tt = client.recv(1024).strip() tt2 = AESCipher(AES_KEY).decrypt(tt) client.send(tt2 + b'\n') if tt2 == PREFIX+COMMAND[1]+TOKEN: client.send(b'The flag is: ' + flag) client.close() break if __name__ == '__main__': server = socket.socket(socket.AF_INET, socket.SOCK_STREAM) server.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) server.bind(('0.0.0.0', 16002)) server.listen(1) while True: client, address = server.accept() process = multiprocessing.Process(target=run_server, args=(client, )) process.daemon = True process.start() ``` * 클라이언트에게 Command: test + TOKEN을 CBC 암호화하여 전달(XOR 연산) * 클라이언트는 Command: show + TOKEN을 CBC로 암호화해 보내야 flag를 획득 할 수 있고, CBC 모드에서 이전 블록이 다음 블록 복호 결과에 영향을 준다는 점을 악용할 수 있다. ``` import base64 import io import os from pwn import * r = remote('host3.dreamhack.games', 21827) r.recvuntil(b'test Command:') enc_test = base64.b64decode(r.recvuntil(b'\n')) f = io.BytesIO(enc_test) f.seek(len(b'Command: ')) test = b'test' show = b'show' for x in range(4): ch = f.read(1) f.seek(-1, os.SEEK_CUR) f.write(bytes([ch[0]^test[x]^show[x]])) r.recvuntil('command: ') r.sendline(base64.b64encode(f.getbuffer())) r.interactive() ``` test와 show 각각 바이너리화 한 후 XOR 연산 시켜줌 ``` DH{ad818ae5fc955a9ff75f1e0deca4e25a033298f8} ``` --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.cooku222.kr/security/crypto/dreamhack/dreamhack-line-ctf-2021-babycrypto2.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.