Tags: pwntools python
Rating:
This is just a simple understanding the code challenge.
Here, we have to figureout the `m_bit`. After looking through the code thoroughly, we can find that with encryption and immediate decryption of previous cipher text provides us with the msg that is picked-up during encryption which lets us to figure out the `m_bit`.
As we have to iterate for 128 times, a simple pwntols script like below works best.
```
#!/usr/bin/env python3
from pwn import *
import warnings
warnings.filterwarnings("ignore")
HOST = 'mc.ax'
PORT = 31493
p = remote(HOST, PORT)
string1 = b'61616161616161616161616161616161'
string2 = b'61616161616161616161616161616162'
for i in range(5):
print(p.readline().decode('utf-8'), end='')
for i in range(128):
p.writelineafter('Action: ', b'1')
p.writelineafter('m0 (16 byte hexstring): ', string1)
p.writelineafter('m1 (16 byte hexstring): ', string2)
encrypt = p.readline().decode('utf-8').strip('\n')
print(encrypt)
p.writelineafter('Action: ', b'2')
p.writelineafter('ct (512 byte hexstring): ', encrypt)
decrypt = p.readline().decode('utf-8').strip('\n')
print(decrypt)
if decrypt == string1.decode('utf-8'):
guess_bit = b'0'
else:
guess_bit = b'1'
print(f'Guess bit: {guess_bit}')
p.writelineafter('Action: ', b'0')
p.writelineafter('m_bit guess: ', guess_bit)
print(p.readline())
print(p.read())
```
https://github.com/kalyancheerla/writeups/blob/main/2023/dicectf/Provably_Secure/loop.py