预期解

crypto/easy_dhke/crack.py

@@ -0,0 +1,35 @@
+from pwn import * # type: ignore
+import re
+from Crypto.Util.number import *  # type: ignore
+from Crypto.Cipher import AES
+from Crypto.Util.Padding import pad,unpad
+
+context.log_level = 'debug'
+
+conn = remote("localhost",10001)
+
+def encrypt(plain_text:bytes, key:bytes)->bytes:
+    cipher = AES.new(key, AES.MODE_ECB)
+    cipher_text = cipher.encrypt(pad(plain_text, AES.block_size))
+    return cipher_text
+
+def decrypt(encrypt_text:bytes, key:bytes)->bytes:
+    cipher = AES.new(key, AES.MODE_ECB)
+    plain_text = unpad(cipher.decrypt(encrypt_text), AES.block_size)
+    return plain_text
+
+conn.recvline()
+cipher = conn.recvuntil(b"\x0a\x5b\x2b\x5d")[:-4] # \n[+]
+
+p = 327824197795087630552811243153730025469
+g = 5
+alice = 22751
+bob = 39494
+Bob = pow(g, bob, p)
+key = long_to_bytes(pow(Bob, alice, p))
+
+conn.send(decrypt(cipher, key))
+conn.recvline()
+conn.send(encrypt(b"HackedBy0xfa", key))
+conn.recvall()
+conn.close()