Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import re
- import socket
- from telnetlib import Telnet
- from Crypto.Util import number
- ip,port = 'challenge01.root-me.org',51031
- n = 456378902858290907415273676326459758501863587455889046415299414290812776158851091008643992243505529957417209835882169153356466939122622249355759661863573516345589069208441886191855002128064647429111920432377907516007825359999
- e = 65537
- c = 41662410494900335978865720133929900027297481493143223026704112339997247425350599249812554512606167456298217619549359408254657263874918458518753744624966096201608819511858664268685529336163181156329400702800322067190861310616
- rx_flag = re.compile(b'The corresponding plaintext is: (.*)\n')
- class Hacker:
- def __init__(self):
- self.target = (ip,port)
- def reconnect(self):
- self.s = socket.socket(socket.AF_INET,socket.SOCK_STREAM)
- self.s.connect(self.target)
- self.t = Telnet()
- self.t.sock=self.s
- def close_connection(self):
- self.s.close()
- def banner(self):
- resp = self.t.read_until(b'to decrypt?');print(resp)
- def recon(self):
- self.t.interact()
- def attack(self):
- self.banner()
- self.t.write(f"{c*pow(2,e,n)}\n".encode())
- resp = self.t.read_until(b'\n\n');print(resp)
- plaintint = int(rx_flag.search(resp).group(1))
- inv_2 = number.inverse(2,n)
- plaintint = (plaintint*inv_2)%n
- print(plaintint.to_bytes((plaintint.bit_length()+7)//8,'big'))
- self.banner()
- ## Well done! The flag is S1d3Ch4nn3l4tt4ck
- if __name__=='__main__':
- hacker = Hacker()
- hacker.reconnect()
- # hacker.recon()
- hacker.attack()
- hacker.close_connection()
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement