我正在解决来自picoCTF-PW Crack 5(PW Crack5(的挑战
我得到了一个包含可能解决方案的字典(大约65000个(,我认为最好的方法是循环遍历字典,并将每一行传递给解码哈希的函数。但是,该代码不会产生任何输出。
来自挑战的给定脚本:
import hashlib
### THIS FUNCTION WILL NOT HELP YOU FIND THE FLAG --LT ########################
def str_xor(secret, key):
#extend key to secret length
new_key = key
i = 0
while len(new_key) < len(secret):
new_key = new_key + key[i]
i = (i + 1) % len(key)
return "".join([chr(ord(secret_c) ^ ord(new_key_c)) for (secret_c,new_key_c) in zip(secret,new_key)])
###############################################################################
flag_enc = open('level5.flag.txt.enc', 'rb').read()
correct_pw_hash = open('level5.hash.bin', 'rb').read()
def hash_pw(pw_str):
pw_bytes = bytearray()
pw_bytes.extend(pw_str.encode())
m = hashlib.md5()
m.update(pw_bytes)
return m.digest()
def level_5_pw_check():
user_pw = input("Please enter correct password for flag: ")
user_pw_hash = hash_pw(user_pw)
if( user_pw_hash == correct_pw_hash ):
print("Welcome back... your flag, user:")
decryption = str_xor(flag_enc.decode(), user_pw)
print(decryption)
return
print("That password is incorrect")
level_5_pw_check()
我修改后的脚本:
import hashlib
### THIS FUNCTION WILL NOT HELP YOU FIND THE FLAG --LT ########################
def str_xor(secret, key):
#extend key to secret length
new_key = key
i = 0
while len(new_key) < len(secret):
new_key = new_key + key[i]
i = (i + 1) % len(key)
return "".join([chr(ord(secret_c) ^ ord(new_key_c)) for (secret_c,new_key_c) in zip(secret,new_key)])
###############################################################################
flag_enc = open('level5.flag.txt.enc', 'rb').read()
correct_pw_hash = open('level5.hash.bin', 'rb').read()
def hash_pw(pw_str):
pw_bytes = bytearray()
pw_bytes.extend(repr(pw_str).encode())
m = hashlib.md5()
m.update(pw_bytes)
return m.digest()
def level_5_pw_check():
user_pw = open("dictionary.txt", "r")
for i in user_pw:
user = i.strip()
user_pw_hash = hash_pw( user)
if( user_pw_hash == correct_pw_hash ):
print("Welcome back... your flag, user:")
decryption = str_xor(repr(flag_enc.decode()), user)
print(decryption)
break
level_5_pw_check()
我确信这可能是一个小错误,因为我对这件事还很陌生。
您忘记了告诉您的尝试失败的else块
您还应该在if块中打印答案,以便知道哪个值是正确的。(同时打印用户变量(