Buka terminal kalilinux dan buat file python dengan nama easypeasy.py
touch easypeasy.py
Edit isi file dengan codingan berikut
from Crypto.Util.number import long_to_bytes
from pwn import *
conn = remote(‘mercury.picoctf.net’, 36981)
# Terima data sampai bagian flag terenkripsi
conn.recvuntil(“This is the encrypted flag!\n”.encode())
encrypted_flag = str(conn.recvline(), “ascii”).strip()
print(“Encrypted Flag:”, encrypted_flag)
flag_len = int(len(encrypted_flag) / 2)
padding = “a” * (50000 – flag_len)
# Kirim padding untuk mendapatkan key
conn.sendlineafter(“What data would you like to encrypt?”.encode(), padding.encode())
message = “a” * flag_len
conn.sendlineafter(“What data would you like to encrypt?”.encode(), message.encode())
conn.recvuntil(“Here ya go!\n”.encode())
encrypted_message = str(conn.recvline(), “ascii”).strip()
print(“Encrypted Message:”, encrypted_message)
# Ubah hex ke bytes dengan aman
encrypted_message_bytes = bytes.fromhex(encrypted_message)
encrypted_flag_bytes = bytes.fromhex(encrypted_flag)
# Hitung key
key = xor(encrypted_message_bytes, message.encode())
print(“Key:”, key)
# Decrypt flag
flag = xor(encrypted_flag_bytes, key).decode()
print(f”Flag: picoCTF{{{flag}}}”)
conn.close()
Bagian remote (yang ditandai kuning) sesuai di picoCTF
Install paket pycryptodome dan pwntools
source venv\bin\activate
pip install pycryptodome
pip install pwntools
Jalankan file python
python easypeasy.py
Maka didapatkan flag yang dibutuhkan
0 Comments