bayotop · April 17, 2019 04:52
diff --git a/h1ctf.py b/h1ctf.py
 import sys
 import binascii

 data = bytearray.fromhex("7b0a20a0226576e56e7422ba202270e1737377ef72645fe368616ee765222c8a202022f5736572ee616d65a23a2022e2636f6cec696e22ac0a2020a26f6c64df706173f3776f72e4223a20a23a5c78c3375c78c6345c6edc784146a9293743dc783135dc784430dc784633dc784445e9553b22ac0a2020a26e6577df706173f3776f72e4223a20a2395c78c6415c78b9395c78c3415c78c5445c78c6325853c75c7844c42d5c78c3325c78b8457a48eb222c0aa0202274e96d6573f4616d70a23a2031b5303138b5383836b03030308a7d0a")
 corrected = bytearray()

 # Print original data given
 for n in data:
    sys.stdout.write(chr(n))

 print()

 # Correct the data (the first corrupted byte is at 8th position, then every 8 + 4k where k starts with 1),
 # but it doesn't matter. We just wan't the data to be human readable (JSON) so this is good enough.
 for n in data:
    if n > 127:
        corrected.append(n ^ (1 << 7))
    else:
        corrected.append(n)

 # Print corrected data
 for n in corrected:
    sys.stdout.write(chr(n))

 old = b":\xC7\xF4\n\xAF))7C\x15\xD0\xF3\xDEiU;"
 new = b"9\xFA\x99\xCA\xED\xF2XSG\xDD-\xC2\x8EzHk"

 # Reverse the passwords - clever :) 
 print(binascii.hexlify(old)[::-1]) # 3ac7f40aaf2929374315d0f3de69553b -> b35596ed3f0d5134739292faa04f7ca3 -> md5x2 ('p4ssw0rd') (Google -> http://md5decoder.org/2a9d119df47ff993b662a8ef36f9ea20)
 print(binascii.hexlify(new)[::-1]) # 39fa99caedf2585347dd2dc28e7a486b -> b684a7e82cd2dd7435852fdeac99af93 -> md5x2 ('thisiscrazy') (hashcat64.exe -m 2600 h1ctf_md5.txt rockyou.txt)
	import sys
	import binascii

	data = bytearray.fromhex("7b0a20a0226576e56e7422ba202270e1737377ef72645fe368616ee765222c8a202022f5736572ee616d65a23a2022e2636f6cec696e22ac0a2020a26f6c64df706173f3776f72e4223a20a23a5c78c3375c78c6345c6edc784146a9293743dc783135dc784430dc784633dc784445e9553b22ac0a2020a26e6577df706173f3776f72e4223a20a2395c78c6415c78b9395c78c3415c78c5445c78c6325853c75c7844c42d5c78c3325c78b8457a48eb222c0aa0202274e96d6573f4616d70a23a2031b5303138b5383836b03030308a7d0a")
	corrected = bytearray()

	# Print original data given
	for n in data:
	sys.stdout.write(chr(n))

	print()

	# Correct the data (the first corrupted byte is at 8th position, then every 8 + 4k where k starts with 1),
	# but it doesn't matter. We just wan't the data to be human readable (JSON) so this is good enough.
	for n in data:
	if n > 127:
	corrected.append(n ^ (1 << 7))
	else:
	corrected.append(n)

	# Print corrected data
	for n in corrected:
	sys.stdout.write(chr(n))

	old = b":\xC7\xF4\n\xAF))7C\x15\xD0\xF3\xDEiU;"
	new = b"9\xFA\x99\xCA\xED\xF2XSG\xDD-\xC2\x8EzHk"

	# Reverse the passwords - clever :)
	print(binascii.hexlify(old)[::-1]) # 3ac7f40aaf2929374315d0f3de69553b -> b35596ed3f0d5134739292faa04f7ca3 -> md5x2 ('p4ssw0rd') (Google -> http://md5decoder.org/2a9d119df47ff993b662a8ef36f9ea20)
	print(binascii.hexlify(new)[::-1]) # 39fa99caedf2585347dd2dc28e7a486b -> b684a7e82cd2dd7435852fdeac99af93 -> md5x2 ('thisiscrazy') (hashcat64.exe -m 2600 h1ctf_md5.txt rockyou.txt)