# AIS3 Pre-exam/MFC 2023 Write up > [name= WHY] ## Misc + Welcome 打開welcome.pdf檔案,將各頁的英數符號寫下,即為flag。 + Robot 1. 於terminal 輸入`nc chals1.ais3.org 12348` 2. 回答每一題的答案 ![](https://hackmd.io/_uploads/rkgPtS2Sn.png) 3. 最後得到flag ![](https://hackmd.io/_uploads/SJqvFr2B3.png) ## Crypto + Fernet 起初看到題目進行了encrypt, 我運用python進行decrypt,即獲得flag。 程式碼如下。 ```python= import os import base64 from cryptography.fernet import Fernet from Crypto.Hash import SHA256 from Crypto.Protocol.KDF import PBKDF2 from secret import * def encrypt(plaintext, password): salt = os.urandom(16) key = PBKDF2(password.encode(), salt, 32, count=1000, hmac_hash_module=SHA256) f = Fernet(base64.urlsafe_b64encode(key)) ciphertext = f.encrypt(plaintext.encode()) return base64.b64encode(salt + ciphertext).decode() def decrypt(ciphertext, password): ciphertext = base64.b64decode(ciphertext) salt = ciphertext[:16] ciphertext = ciphertext[16:] key = PBKDF2(password.encode(), salt, 32, count=1000, hmac_hash_module=SHA256) f = Fernet(base64.urlsafe_b64encode(key)) plaintext = f.decrypt(ciphertext) return plaintext.decode() # 題目txt file中提供的資訊 leak_password = 'mysecretpassword' ciphertext = "iAkZMT9sfXIjD3yIpw0ldGdBQUFBQUJrVzAwb0pUTUdFbzJYeU0tTGQ4OUUzQXZhaU9HMmlOaC1PcnFqRUIzX0xtZXg0MTh1TXFNYjBLXzVBOVA3a0FaenZqOU1sNGhBcHR3Z21RTTdmN1dQUkcxZ1JaOGZLQ0E0WmVMSjZQTXN3Z252VWRtdXlaVW1fZ0pzV0xsaUM5VjR1ZHdj" plaintext = decrypt(ciphertext, leak_password) print("Decrypted data:", plaintext) ``` --- ###### tags: `Side-Project`