Rating: 5.0
from pwn import *
from Crypto.Cipher import AES
r = remote("challenges.hackover.h4q.it", 1415)
def decr(key, roll):
return u16(AES.new(key).decrypt(roll)[:2], endian="big")
for i in range(32):
r.recvuntil("My dice roll: ")
roll = b64d(r.recvline())
r.recvuntil("Your dice roll: ")
r.sendline(b64e(roll))
r.recvuntil("My key: ")
key = b64d(r.recvline())
dice = decr(key, roll)
log.info("Got dice roll: %d" % dice)
# only the first 2 bytes of the AES block are relevant
# we can bruteforce a key which decrypts to the bytes we need
i = 0
while True:
trykey = p64(0)+p64(i)
if decr(trykey, roll) == 7-dice:
break
i+=1
r.recvuntil("Your key: ")
r.sendline(b64e(trykey))
r.interactive()
