47 lines
1.5 KiB
Python
47 lines
1.5 KiB
Python
|
import hashlib
|
||
|
|
from base64 import b64decode
|
||
|
|
|
||
|
|
from Crypto.Cipher import AES
|
||
|
|
from Crypto.Util.Padding import unpad
|
||
|
|
|
||
|
|
xor = lambda x, key: [x[i] ^ key[i % len(key)] for i in range(len(x))]
|
||
|
|
|
||
|
|
Step = list(map(ord, "magic"))
|
||
|
|
Desc = list(map(ord, "water"))
|
||
|
|
Note = list(map(ord, "keep steaks for dinner"))
|
||
|
|
Password = xor([62, 38, 63, 63, 54, 39, 59, 50, 39], [83])
|
||
|
|
|
||
|
|
first_check = [
|
||
|
|
50, 148, 76, 233, 110, 199, 228,
|
||
|
|
72, 114, 227, 78, 138, 93, 189,
|
||
|
|
189, 147, 159, 70, 66, 223, 123,
|
||
|
|
137, 44, 73, 101, 235, 129, 16,
|
||
|
|
181, 139, 104, 56
|
||
|
|
]
|
||
|
|
|
||
|
|
first_check_hex = ''.join(map(lambda x: hex(x)[2:], first_check))
|
||
|
|
first_check_value = hashlib.sha256(bytearray(Password + Note + Step + Desc)).hexdigest()
|
||
|
|
|
||
|
|
assert(first_check_value == first_check_hex)
|
||
|
|
|
||
|
|
key_component = bytearray([
|
||
|
|
Desc[2], Password[6], Password[4], Note[4], Note[0], Note[17],
|
||
|
|
Note[18], Note[16], Note[11], Note[13], Note[12], Note[15],
|
||
|
|
Step[4], Password[6], Desc[1], Password[2], Password[2],
|
||
|
|
Password[4], Note[18], Step[2], Password[4], Note[5], Note[4],
|
||
|
|
Desc[0], Desc[3], Note[15], Note[8], Desc[4], Desc[3], Note[4],
|
||
|
|
Step[2], Note[13], Note[18], Note[18], Note[8], Note[4], Password[0],
|
||
|
|
Password[7], Note[0], Password[4], Note[11], Password[6], Password[4],
|
||
|
|
Desc[4], Desc[3]
|
||
|
|
])
|
||
|
|
|
||
|
|
key = hashlib.sha256(key_component).digest()
|
||
|
|
iv = b'NoSaltOfTheEarth'
|
||
|
|
ciphertext = open('./Runtime.dll', 'rb').read()
|
||
|
|
|
||
|
|
# RijndaelManaged is AES
|
||
|
|
cipher = AES.new(key, AES.MODE_CBC, iv=iv)
|
||
|
|
plaintext = b64decode(unpad(cipher.decrypt(ciphertext), 16))
|
||
|
|
|
||
|
|
open('tk.png', 'wb').write(plaintext)
|