School WiFi Security
Challenge Description
Story: Found this cool script on GitHub and I've been using it to keep my secrets safe from anyone sniffing packets on the school WiFi.
It claims to implement a proper Diffie–Hellman key exchange before encrypting messages using AES in CBC mode. The shared secret is hashed and used as a 128-bit AES key.
Here’s a transcript from one of my “secure” sessions:
p = 6864797660130609714981900799081393217269435300143305409394463459185543183397656052122559640661454554977296311391480858037121987999716643812574028291115057151
g = 5
A = 4760466804833672373851895690371461201732466410076344641998970103560774933189704345188578493034252083661598015199154870593743929759951776092595308867548080326
B = 1540684031323876219574502947917645670903441908014016004560796647156395649168040952112945883024902438443294209536735535497673506540883094610179871040567423225
iv = a5dc37f1a2dc5358730ccf5ad0589e8e
ciphertext = 5b9e0abfd4123ad39dd5baa71996f49b121f0b98a6d6c2e32c7628dcfaa864a739a8c6fbae062c52e2de16b7f245715b
The developers insist everything follows standard cryptographic practice.
But something feels… off.
Analyze the protocol, recover the shared secret, and decrypt the message.
Submit Flag
Login to submit a flag.