# GynvaelEN mission 017 


zeros = '\x00'*32

base64.b64encode(zeros)
'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA='

Cookie: mission017session=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
ivencrypted.encode('hex') = '927a00302d2e13896de885ece9f3445d2de83b880d2043a6ecc6e8bbb0a831dc'

result = ''
new = '{"access_level":"admin"}'
for i in range(len(new)):
 result += chr(ord(new[i]) ^ ord(ivencrypted[i]))

base64.b64encode(result) == 6VhhU05LYPoyhOCajJ9mZw+JX+VkTmHb

Cookie: mission017session=6VhhU05LYPoyhOCajJ9mZw%2BJX%2BVkTmHb
Decrypted cookie data: {"access_level":"admin"}
Flag: HMAC? What do you mean "HMAC"?

Source

https://www.youtube.com/watch?v=9xGgZUMNl2Y (2:05:00)

References

https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation
Posted by t0n1
Labels: , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)