-
Notifications
You must be signed in to change notification settings - Fork 42
/
challenge13.py
50 lines (43 loc) · 1.27 KB
/
challenge13.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
from Cryptodome.Cipher import AES
from Cryptodome.Random import get_random_bytes
import util
def encode_profile(profile):
s = b''
def sanitize(s):
return s.replace(b'&', b'').replace(b'=', b'')
for kv in profile:
sanitizedKV = [sanitize(x.encode('ascii')) for x in kv]
if s != b'':
s += b'&'
s += sanitizedKV[0] + b'=' + sanitizedKV[1]
return s
def profile_for(email):
profile = [
['email', email],
['uid', '10'],
['role', 'user']
]
return encode_profile(profile)
key = get_random_bytes(16)
def encrypt_profile_for(email):
cipher = AES.new(key, AES.MODE_ECB)
encoded_profile = util.padPKCS7(profile_for(email), 16)
return cipher.encrypt(encoded_profile)
def unpadPKCS7(s, k):
i = s[-1]
return s[0:-i]
def decrypt_profile(s):
cipher = AES.new(key, AES.MODE_ECB)
decrypted_profile = unpadPKCS7(cipher.decrypt(s), 16)
pairs = decrypted_profile.split(b'&')
profile = []
for p in pairs:
profile += [[x.decode('ascii') for x in p.split(b'=')]]
return profile
email1 = '[email protected]' + ('\x0b' * 11)
x1 = encrypt_profile_for(email1)
email2 = '[email protected]'
x2 = encrypt_profile_for(email2)
x = x2[0:32] + x1[16:32]
y = decrypt_profile(x)
print(y)