simonwuelker · August 20, 2025 14:33 · Sep 7, 2022 · Sep 7, 2022
diff --git a/README.md b/README.md
@@ -1,3 +1,4 @@
 This is a crypto challenge i created for [the hackthissite discord](https://discord.gg/hts).
 I have a working exploit, so I'm somewhat confident that everything works fine - still, 
-if you run into any issues, feel free ping `Alaska#4736`.
+if you run into any issues, feel free ping `Alaska#4736`.
+(Yes, the flag is already viewable. I'm not hosting an instance of this. If you create your own flag, make it about equal in length)
diff --git a/README.md b/README.md
@@ -0,0 +1,3 @@
+This is a crypto challenge i created for [the hackthissite discord](https://discord.gg/hts).
+I have a working exploit, so I'm somewhat confident that everything works fine - still, 
+if you run into any issues, feel free ping `Alaska#4736`.
diff --git a/flag.txt b/flag.txt
@@ -0,0 +1 @@
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
diff --git a/main.py b/main.py
@@ -0,0 +1,69 @@
+#!/usr/bin/env python3
+from Crypto.Cipher import AES
+from Crypto.Random import get_random_bytes, random
+from Crypto.Util import Counter
+import binascii
+
+used_nonces = set()
+MAX_NONCE = 100000
+
+def get_random_nonce():
+    global used_nonces
+    if len(used_nonces) == MAX_NONCE:
+        print("""Error: Nonce space is exhausted, continuing would compromise security.
+        Installing a new key will allow nonces to be reused safely, go do that :^)""")
+        exit(0)
+
+    while True:
+        nonce = random.randint(0, MAX_NONCE)
+        if nonce not in used_nonces:
+            used_nonces.add(nonce)
+            return nonce
+
+def encrypt(data):
+    nonce = get_random_nonce()
+    counter = Counter.new(nbits=128, initial_value=nonce)
+    cipher = AES.new(key, AES.MODE_CTR, counter=counter)
+    ciphertext = cipher.encrypt(data)
+    return nonce, binascii.hexlify(ciphertext).decode("ascii")
+
+
+key = get_random_bytes(16)
+
+print("""Welcome to Alaska's super duper mega encryption system.
+We encrypt our data with state of the art AES-CTR mode - which is
+mathematically unbreakable since it involves a one time pad.
+You'll never be able to get the flag!""")
+
+while True:
+    print("""Enter a number between [1-3]:
+    1. Get encrypted flag.txt
+    2. Encrypt your own data
+    3. Quit""")
+    choice = input(">")
+
+    if choice == "1":
+        with open("flag.txt", "rb") as infile:
+            data = infile.read()
+        nonce, ciphertext = encrypt(data)
+
+        print("nonce:", nonce)
+        print("ct:", ciphertext)
+    elif choice == "2":
+        print("Please give me the data to encrypt (as hex):")
+        data = binascii.unhexlify(input(">"))
+
+        if len(data) > 256:
+            print("data must not be larger than 256 bytes")
+            continue
+
+        nonce, ciphertext = encrypt(data)
+        print("nonce:", nonce)
+        print("ct:", ciphertext)
+    elif choice == "3":
+        break
+    else:
+        print(f"Invalid input '{choice}', try again:")
+    print()
+print("Bye!")
+
diff --git a/requirements.txt b/requirements.txt
@@ -0,0 +1 @@
+pycryptodome==3.15.0
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
No results found