def recover_seed(ciphertext, known_text):
    known_length = len(known_text)
    padding = len(ciphertext) - known_length

    rounded_padding = padding % 4
    if rounded_padding != 0:
        rounded_padding = 4 - rounded_padding

    # Start of our known text
    known_start = padding + rounded_padding
    known_end = padding + rounded_padding + 8
    known = ciphertext[known_start:known_end]

    # Convert them to numbers which were generated by rng
    t = util.string_xor(known, known_text[-8:])
    known_a = struct.unpack(">L", t[:4])[0]
    known_b = struct.unpack(">L", t[4:])[0]

    for i in xrange(65536):
        update_progress(i, 65536)
        mt = MersenneTwister(i)
        for ignore in xrange(padding/4):
            mt.next()
        for check in xrange(known_length + 5):
            if mt.next() == known_a:
                if mt.next() == known_b:
                    return i

    return "FAILED"
Example #2
0
def MtStream(textLen, seed):
    """Generates the stream of random bytes."""
    generator = MersenneTwister(seed)
    stream = []

    for i in range(0, textLen):
        stream.append(generator.randomNumber() % (2**8))

    return stream
Example #3
0
def CrackSeed(generatedNumber):
	currentTime = int(time.time())

	for tries in range(0, 1000000):
		mt = MersenneTwister(currentTime)
		if mt.randomNumber() == generatedNumber:
			return currentTime

		currentTime -= 1

	return None
Example #4
0
def RandWithTimestampedSeed():
	pause = random.randint(MIN_PAUSE, MAX_PAUSE)
	time.sleep(pause)

	seed = int(time.time())
	# Just to know if we did it right.
	print('[**] Leaking the seed for verification purposes: ' + str(seed))
	mt = MersenneTwister(seed)

	pause = random.randint(MIN_PAUSE, MAX_PAUSE)
	time.sleep(pause)

	return mt.randomNumber()
Example #5
0
def is_in_stream(seed, token, max_output):
    mt = MersenneTwister(seed)
    stream = []
    #get full token worth to compare with
    while len(stream) < len(token):
        stream.append(chr(mt.extract_number() % 256))

    if stream == token: return True

    max_output -= len(stream)
    i = 0
    while i < max_output:
        stream.pop(0)
        stream.append(chr(mt.extract_number() % 256))
        if stream == token: return True
        i += 1
    return False
Example #6
0
def recover_key(known_pt, ct):
    prefix_len = len(ct) - len(known_pt)
    partial_key = xor(known_pt, ct[prefix_len:])

    #try all partial 16 bit seeds
    for i in range((1 << 16)):
        mt = MersenneTwister(i)
        skip_output(mt, prefix_len)

        match = True
        #check to see if output matches
        for c in partial_key:
            if ord(c) != (mt.extract_number() % 256):
                match = False
                break
        if match:
            return i
    def cipher(self, text, seed):
        self.mt = MersenneTwister(seed)
        enc = ''
        length = len(text)
        for c in xrange(0, length, 4):
            random_number = self.mt.next()
            random_bytes = struct.pack('>I', random_number)

            for i in xrange(4):
                if c + i == length:
                    break
                enc += chr(ord(random_bytes[i]) ^ ord(text[c+i]))
        return enc
Example #8
0
    # How many characters in the ciphertext are random characters that
    # were prepended. We pretend we do not know what these characters
    # are.
    randomLen = len(ciphertext) - 14
    internalState = []

    # This gives the generated random numbers from randomLen on; we
    # cannot retrieve the first ones because we do not know the
    # associated plaintext characters.
    for ch in range(randomLen, len(ciphertext)):
        internalState += BlockXor(bytes([ciphertext[ch]]), b'X')

    # For each possible seed, we build a MT random generator, generate
    # numbers and compare them with the retrieve internal state. If
    # they match, we found the right seed. This takes at most 1-2 minutes
    # when the random seed is close to maxSeed.
    #
    # TODO: find a more efficient cracking way than bruteforce.
    for probableSeed in range(0, maxSeed):
        mt = MersenneTwister(probableSeed)

        reproducedState = []
        for i in range(0, len(ciphertext)):
            reproducedState.append(mt.randomNumber() % (2**8))

        if reproducedState[randomLen:] == internalState:
            print('[**] The cracked seed is: ', str(probableSeed))
            break
    else:
        print('[!!] Could not crack seed.')
Example #9
0
    i = h << 7
    k = y ^ (i & mask)

    return k

def untemperD(y):
    a = y >> 11
    b = y ^ a
    c = b >> 11
    return y ^ c

def untemper(n):
    n = untemperA(n)
    n = untemperB(n)
    n = untemperC(n)
    n = untemperD(n)
    return n

def clone_mt(mt):
    state = []
    for i in xrange(624):
        state.append(untemper(mt.next()))
    return ClonedMersenneTwister(state, 0)

if __name__ == '__main__':
    mt = MersenneTwister(0)
    cmt = clone_mt(mt)
    for i in xrange(10):
        print "From cloned: %s, from original: %s" % (mt.next(), cmt.next())
def rng():
    time.sleep(random.randint(42, 1024))
    mt = MersenneTwister(int(time.time()))
    time.sleep(random.randint(42, 1024))
    return mt.next()
Example #11
0
    x = y ^ z
    s = x >> 11
    y = y ^ s
    return y

def FindStateFromOutputs(realOutputs):
	state = []
	isFirst = True

	for output in realOutputs:
		state.append(Untemper(output))

	return state

if __name__ == '__main__':
	realMt = MersenneTwister(10)
	realOutputs = []

	for i in range(0, 624):
		realOutputs.append(realMt.randomNumber())

	# Reconstruct the internal state array from the random outputs.
	state = FindStateFromOutputs(realOutputs)
	clonedMt = MersenneTwister(seed=10, injectedState=state)
	clonedOutputs = []

	# Generates again all numbers depending on the current state
	# from the cloned generator.
	for i in range(0, 624):
		clonedOutputs.append(clonedMt.randomNumber())
Example #12
0
            temp = state[i] ^ state[(i + self.m) % self.n]  # find leading bit
            if temp % 2:
                temp ^= self.a
            shifted = (temp << 1) & self.upper_mask
            temp = state[(i - 1) % self.n] ^ state[
                (i + self.m - 1) % self.n]  # ending bits of int
            if temp & self.upper_mask == self.upper_mask:  # check if leading bit is the same
                temp ^= self.a
                shifted |= 1
            state[i] = shifted ^ (temp << 1) & self.lower_mask
        return state


if __name__ == "__main__":
    # this can also be used to crack floats if you scale and round them first
    random_32 = MersenneTwister()
    old_state_32 = random_32.getstate()
    outputs_32 = [random_32.random_integer() for _ in range(624)]
    cracker_32 = MersenneCracker()
    new_state_32 = cracker_32.crack_state(outputs_32)
    random_32.setstate([new_state_32, 0])  # start at beginning of state
    assert outputs_32 == [random_32.random_integer() for _ in range(624)]
    print("32-bit Successfully Cracked")
    assert cracker_32.untwist(new_state_32)[1:] == old_state_32[0][
        1:]  # seed may be different
    print("32-bit Successfully Reversed")

    random_32_alt = MersenneTwister(variant="mt11213b")
    outputs_32_alt = [random_32_alt.random_integer() for _ in range(624)]
    cracker_32_alt = MersenneCracker(variant="mt11213b")
    new_state_32_alt = cracker_32_alt.crack_state(outputs_32_alt)
Example #13
0
def encrypt(message, seed):
    mt = MersenneTwister(seed)
    return ''.join(
        [chr(ord(m) ^ (mt.extract_number() % 256)) for m in message])
Example #14
0
def get_token2():
    mt = MersenneTwister(int(time.time()))
    skip_output(mt, random_int16())
    return [chr(mt.extract_number() % 256) for _ in range(8)]
Example #15
0
def get_token(seed=int(time.time())):
    mt = MersenneTwister(seed)
    return ''.join([chr(mt.extract_number() % 256) for _ in range(8)])
import socket
import os

from mersenne_twister import MersenneTwister

host = ''
port = 50000
backlog = 5
size = 1024
s = socket.socket(socket.AF_INET,socket.SOCK_STREAM)
s.bind((host,port))
s.listen(backlog)

while 1:
    print("Started Server....")
    print("At port : %s with process id : %s " % (port,os.getpid()))
    client,address = s.accept()
    data = client.recv(size)
    if data:
        params=data.split("|")
        process_id =int(params[0])
        num_of_rand = int(params[1])
        print("Invoking MersenneTwister with process id : %s and number of random number : %s" % (process_id,num_of_rand))
        rand_gen = MersenneTwister(process_id,num_of_rand)
        client.send(rand_gen.rand())
    else:
        print("Incorrect input recieved from client")
        client.send("Unable to generate random number")