Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- from base64 import *
- import requests
- def payload(b64string):
- r = requests.post('http://chall04-crypto02.wargame.whitehat.vn/',data = {"crypto":b64string})
- return r.text.split('<p>')[1].split('</p>')[0].split('\n')[0].split(' ')[1]
- #AES_ECB
- #s = "something!" + "a"*21 + flag
- #s = "something!aaaaaa" + a*15 + flag
- #-> can brute 1 characters of flag
- flag = ''
- for i in range(0,16):
- n = 21 - i
- encoded = b64decode(payload(b64encode(n*'a')))[16:32]
- for c in range(32,127):
- brute = n*'a' + flag + chr(c)
- if b64decode(payload(b64encode(brute)))[16:32] == encoded:
- flag+= chr(c)
- break
- print flag
- #Easy_point_c13
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
