Beispiel #1
0
def Handshake(password, reader, writer):
    myPrivateKey = Private()
    myNonce = os.urandom(32)

    WriteBin(writer, myPrivateKey.get_public().serialize())
    WriteBin(writer, myNonce)

    theirPublicKey = ReadBin(reader)
    theirNonce = ReadBin(reader)

    if myNonce == theirNonce:
        return None
    if theirPublicKey in (b'\x00' * 32, b'\x01' + (b'\x00' * 31)):
        return None

    theirPublicKey = Public(theirPublicKey)

    sharedKey = myPrivateKey.get_shared_key(theirPublicKey)
    myProof = ComputeProof(sharedKey, theirNonce + password)

    WriteBin(writer, myProof)
    theirProof = ReadBin(reader)

    if not VerifyProof(sharedKey, myNonce + password, theirProof):
        return None

    return sharedKey
Beispiel #2
0
    def test_basic(self):
        secret1 = b"abcdefghijklmnopqrstuvwxyz123456"
        self.assertEqual(len(secret1), 32)

        secret2 = b"654321zyxwvutsrqponmlkjihgfedcba"
        self.assertEqual(len(secret2), 32)
        priv1 = Private(secret=secret1)
        pub1 = priv1.get_public()
        priv2 = Private(secret=secret2)
        pub2 = priv2.get_public()
        shared12 = priv1.get_shared_key(pub2)
        e = b"b0818125eab42a8ac1af5e8b9b9c15ed2605c2bbe9675de89e5e6e7f442b9598"
        self.assertEqual(hexlify(shared12), e)
        shared21 = priv2.get_shared_key(pub1)
        self.assertEqual(shared12, shared21)

        pub2a = Public(pub2.serialize())
        shared12a = priv1.get_shared_key(pub2a)
        self.assertEqual(hexlify(shared12a), e)
Beispiel #3
0
#!/usr/bin/env python3

from curve25519 import Private, Public
from binascii import hexlify

keys = set()

for i in range(30):
    myPrivate = Private()
    val = int.to_bytes(
        325606250916557431795983626356110631294008115727848805560023387167927233504,
        32, 'little')
    theirPublic = Public(val)
    shared = myPrivate.get_shared_key(theirPublic)
    print(hexlify(shared))
    keys.add(shared)

print("[~] Num of different keys: {}".format(len(keys)))
Beispiel #4
0
#!/usr/bin/env python3

from curve25519 import Public
import nacl.secret
import socket
import binascii

socket_server = ("mitm.ctfcompetition.com", 1337)
public_key_val = Public(int.to_bytes(325606250916557431795983626356110631294008115727848805560023387167927233504, 32, 'little'))
shared_key = binascii.unhexlify(b'68b59f127c671255346e099c3b9ea067a5595ba2adf26daa5e69d6a8a29d191a')


def make_sockets():
    server = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    server.connect(socket_server)

    client = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    client.connect(socket_server)

    return server, client


def attack():
    s, c = make_sockets()
    s.send(b's\n')
    c.send(b'c\n')

    server_pub = s.recv(4096)[:-1]
    print(server_pub.decode())
    server_nonce = s.recv(4096)[:-1]
    print(server_nonce.decode())
Beispiel #5
0
import logging
import sys
import os

from curve25519 import Private, Public
import nacl.secret
import hmac
import hashlib

from pwn import *

context.log_level = 'debug'

sk = Private()
mypk = b'\xed\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x7f'
pk = Public(mypk)
myshare = sk.get_shared_key(pk)


def getmac(myn):
    c = remote('mitm.ctfcompetition.com', 1337)
    c.sendline('c')
    pk = c.recvline()
    n0 = c.recvline()
    c.sendline(hexlify(mypk))
    c.sendline(myn)
    mac = c.recvline()
    c.close()
    return mac