From 5e716120c7848402cbf3577a2724fc805ede7de0 Mon Sep 17 00:00:00 2001 From: Maxime Vorwerk Date: Thu, 8 Aug 2024 16:56:08 +0200 Subject: [PATCH] Double DES --- double_des/ddes.py | 50 ++++++++++++++++++++++++++++++++ double_des/flag | 1 + double_des/sol.py | 71 ++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 122 insertions(+) create mode 100755 double_des/ddes.py create mode 100644 double_des/flag create mode 100755 double_des/sol.py diff --git a/double_des/ddes.py b/double_des/ddes.py new file mode 100755 index 0000000..574e3a3 --- /dev/null +++ b/double_des/ddes.py @@ -0,0 +1,50 @@ +#!python3 +from Crypto.Cipher import DES +import binascii +import itertools +import random +import string + + +def pad(msg): + block_len = 8 + over = len(msg) % block_len + pad = block_len - over + return (msg + " " * pad).encode() + +def generate_key(): + return pad("".join(random.choice(string.digits) for _ in range(6))) + + +FLAG = open("flag").read().rstrip() +KEY1 = generate_key() +KEY2 = generate_key() + + +def get_input(): + try: + res = binascii.unhexlify(input("What data would you like to encrypt? ").rstrip()).decode() + except: + res = None + return res + +def double_encrypt(m): + msg = pad(m) + + cipher1 = DES.new(KEY1, DES.MODE_ECB) + enc_msg = cipher1.encrypt(msg) + cipher2 = DES.new(KEY2, DES.MODE_ECB) + return binascii.hexlify(cipher2.encrypt(enc_msg)).decode() + + +print("Here is the flag:") +#print(double_encrypt("abcdef")) +print(double_encrypt(FLAG)) + +while True: + inputs = get_input() + if inputs: + print(double_encrypt(inputs)) + else: + print("Invalid input.") + diff --git a/double_des/flag b/double_des/flag new file mode 100644 index 0000000..6c6312b --- /dev/null +++ b/double_des/flag @@ -0,0 +1 @@ +picoCTF{flagFLAG_flagFLAG} diff --git a/double_des/sol.py b/double_des/sol.py new file mode 100755 index 0000000..34d31cb --- /dev/null +++ b/double_des/sol.py @@ -0,0 +1,71 @@ +#!python3 +from pwn import * +from Crypto.Cipher import DES + +#conn = process(["python3", "./ddes.py"]) +conn = remote("mercury.picoctf.net", 5958) +conn.recvline() +flag_encrypted = unhex(conn.recvline()) +log.info("encrypted flag: {}".format(enhex(flag_encrypted))) +conn.recvuntil(b"? ") + +def encrypt_remote(data): + conn.sendline(enhex(data).encode()) + enc = unhex(conn.recvline()) + conn.recvuntil(b"? ") + return enc + +def pad(msg): + block_len = 8 + over = len(msg) % block_len + pad = block_len - over + return (msg + b" " * pad) + +def des(data1, data2, k): + cipher = DES.new(k, DES.MODE_ECB) + return (cipher.encrypt(data1), cipher.decrypt(data2)) + +def ddes(data, k1, k2): + cipher1 = DES.new(k1, DES.MODE_ECB) + cipher2 = DES.new(k2, DES.MODE_ECB) + return cipher1.decrypt(cipher2.decrypt(data)) + +msg = b"abcdef" +log.info("encrypting message remotely: {}".format(msg.decode())) +denc = encrypt_remote(msg) +log.info("encrypted message: {}".format(enhex(denc))) +conn.close() + +a, b = des(pad(msg), pad(msg), b"123456 ") +c, d = des(b, a, b"123456 ") +assert c == d + +to_enc = pad(msg) +to_dec = denc +P = log.progress("calculating encryptions...") +keyspace = 10**6 +encs = set() +encs_dict = {} +decs = set() +decs_dict = {} +for i in range(keyspace): + k = pad(str(i).encode()) + a, b = des(to_enc, to_dec, k) + a = enhex(a) + b = enhex(b) + encs.add(a) + encs_dict[a] = i + decs.add(b) + decs_dict[b] = i + +collisions = encs & decs +P.success("{} collision(s) found".format(len(collisions))) +collision = collisions.pop() +k1 = pad(str(encs_dict[collision]).encode()) +k2 = pad(str(decs_dict[collision]).encode()) +log.info("k1: {}".format(k1.decode())) +log.indented("k2: {}".format(k2.decode())) + +flag = ddes(flag_encrypted, k1, k2) +log.success("flag: {}".format(flag.decode())) +