"""
Analyze the malicious package’s code:
https://pypi.org/project/asciibanner/1.4.0

Obtain the flag using the attacker’s IP address and port number.
"""

from hashlib import sha256
from Crypto.Cipher import AES  # pip install PyCryptodome

ip = '<REDACTED>'
port = '<REDACTED>'

print('Checking...')
key = sha256(f'{ip}:{port}'.encode()).digest()
for _ in range(1337_1337):
    key = sha256(key).digest()

c = 'd85624d68b96d8f736788bff2096e1488c3d6c87c868a946c6087e5e241136778e05e1678a94d5993dbb3c676119842c'
ciphertext = bytes.fromhex(c)

cipher = AES.new(key, AES.MODE_ECB)
flag = cipher.decrypt(ciphertext)

if flag.startswith(b'MUSTCTF{'):
    print('Correct! Flag is: ' + flag.decode())
else:
    print('Incorrect')