python3 app.py
Traceback (most recent call last):
File “app.py”, line 7, in
from secret import FLAG
ModuleNotFoundError: No module named ‘secret’
:-/
Edit: I am stupid
Edit 2: I am stuck hard as ■■■■… I think, I am at the last 20% of the challenge :neutral: Hope, someone could help me
Edit 3: FINALLY I got it! Thanks very much to my new best friends @alienum and @Civero for helping me and being very patient. @P3t4: Very nice challenge! I learnt so much about python, crypto and how to use instances here
I think this challenge is hard for newbies in python and crypto, but it was very nice and I’m glad I solved it
Hello, I’ve been struggling with the flipping for some time and still unable to know where to apply it without messing everything up. Could someone PM me or provide a hint? Thank you!
Hi, can anyone give me some help on this challenge, please?
I wrote a python script, that seems to work as I wish, but I cannot seem to retrieve the good output
Hi, can anyone give me some help on this challenge, please?
I wrote a python script, that seems to work as I wish, but I cannot seem to retrieve the good output
Have you taken a look at which mode of operation is AES using?
You must exploit some vulnerability related to that.
Hello everyone
I need some helps / hints for this chall, I tried some staffs but nothing.
I think I understood how script and encryption works, I identified 3 blocks in the leaked ciphertext too but when I tried to modify a byte or when I encode the 2 last block myself , it doesn’t work …
File “app.py”, line 1, in
import socketserver
ImportError: No module named socketserver
I tried to resolve and search i got that for python2.7 its like SocketServer and for python3 its socketserver.
when i tried to run “sudo python3 app.py” it gives me another error.
Crypto.Util.Padding import pad,unpad
For anyone trying to solve this challenge and not knowing what the ■■■■ is going on, I highly recommend going over to the Matasano cryptographic challenges (also know as Cryptopals). It’s a lot of work but it pays off
That being said, if you know what attack to use it’s not necessary to dive into the concepts.
Hello, I have some problems when sending bytes belonging to a crafted ciphertext: since it’s an encrypted string, many bytes are not even printable and the decode() in the app.py gives me an error saying it cannot decode that specific bytes. But how am I supposed to send a ciphertext as required if it refuses those bytes?
Also, I receive many errors like “must be str, not bytes” or “odd length string” even when these conditions aren’t real ahahah, meaning that my payload is actually an odd length string.
EDIT: Solved, many of my problems were caused by not using hexlify/unhexlify functions, as used by the source, so make good use of them
As suggested by others as well, the name of the challenge is a big hint for the kind of attack that can be performed here, so get on Google and start learning.