Cryptography Challenge

서버는 암호화된 플래그와 함께 패딩의 유효성을 확인할 수 있는 API를 제공합니다! 이를 활용하여 플래그를 복구하세요.

ROUTER SOURCE
from Crypto.Cipher import AES
from Crypto.Util.Padding import pad

KEY = b'????????????????'
FLAG = b'????????????????'

@app.route('/encrypt')
def encrypt():
    iv = os.urandom(BLOCK_SIZE)
    cipher = AES.new(KEY, AES.MODE_CBC, iv)
    padded_data = pad(FLAG, BLOCK_SIZE)
    encrypted = cipher.encrypt(padded_data)
    return (iv + encrypted).hex()

@app.route('/valid/<ciphertext>')
def valid(ciphertext):
    try:
        ctext = bytes.fromhex(ciphertext)
        iv = ctext[:BLOCK_SIZE]
        encrypted = ctext[BLOCK_SIZE:]
        cipher = AES.new(KEY, AES.MODE_CBC, iv)
        decrypted = cipher.decrypt(encrypted)
        last_block = decrypted[-BLOCK_SIZE:]
        padding_length = last_block[-1]
        padding = last_block[-padding_length:]
        if all(p == padding_length for p in padding):
            return {"status": "success", "message": "Valid"}
        else:
            return {"status": "error", "message": "Invalid"}
    except Exception:
        return {"status": "error", "message": "Invalid"}
INTERACTIVE

Get Encrypted Flag

GET /encrypt

Check Padding

GET /valid/<ciphertext>

XOR Tool

Text to Hex

Hex to Text