Rating: 5.0
from pwn import * from Crypto.Cipher import AES
r = remote("challenges.hackover.h4q.it", 1415)
def decr(key, roll): return u16(AES.new(key).decrypt(roll)[:2], endian="big")
for i in range(32): r.recvuntil("My dice roll: ") roll = b64d(r.recvline()) r.recvuntil("Your dice roll: ") r.sendline(b64e(roll)) r.recvuntil("My key: ") key = b64d(r.recvline()) dice = decr(key, roll) log.info("Got dice roll: %d" % dice)
# only the first 2 bytes of the AES block are relevant
# we can bruteforce a key which decrypts to the bytes we need
i = 0
while True:
trykey = p64(0)+p64(i)
if decr(trykey, roll) == 7-dice:
break
i+=1
r.recvuntil("Your key: ")
r.sendline(b64e(trykey))
r.interactive()
