def save(self): """ сохраняем настройки """ s=self.rb_var.get() if s==0: self.app.app.app.sets.sync_enable=False elif s==2: self.app.app.app.sets.sync_enable=True self.app.app.app.sets.sync_period=0 elif s==1: try:t=int(self.cron_ent.get()) except: box.showerror(title='Ошибка',message='Не корректное время!') self.app.win.deiconify() return if t<15: box.showerror(title='Ошибка',message='Время должно быть больше 15 минут!') self.app.win.deiconify() return self.app.app.app.sets.sync_enable=True self.app.app.app.sets.sync_period=t point=self.points_var.get() passw=self.passw_ent.get() if passw=='*****': passw=self.app.app.app.sets.sync_passw else: passw=md5py.new(passw).hexdigest() self.app.app.app.sets.sync_login=self.login_ent.get() self.app.app.app.sets.sync_passw=passw self.app.app.app.sets.sync_point=point self.app.reload=True
def check_points_from_server(self):
""" проверка сохраненных точек на сервере """
login=self.login_ent.get()
passw=self.passw_ent.get()
if passw=='*****':
passw=self.app.app.app.sets.sync_passw
else:
passw=md5py.new(passw).hexdigest()
self.check_var.set('Идет проверка')
self.check_points['state']='disable'
self.frame.update()
d={}
j=json.dumps({'auth':{'login':login,'passw':passw},'request':'check_points'})
d['data']=j
url=self.app.app.app.sets.sync_server
try:
response=urllib.urlopen(url+'/utils',urllib.urlencode(d)).read()
except:
response=None
self.check_points['state']='normal'
if response:
self.check_var.set('Обновлено')
try:
r=eval(response)
self.app.app.app.sets.sync_points=repr(r)
self.points_ent['values']=r
except:
self.check_var.set('Ошибка...')
return
else:
self.check_var.set('Не удалось соединиться с сервером')
def save(self):
""" сохраняем настройки """
s = self.rb_var.get()
if s == 0:
self.app.app.app.sets.sync_enable = False
elif s == 2:
self.app.app.app.sets.sync_enable = True
self.app.app.app.sets.sync_period = 0
elif s == 1:
try:
t = int(self.cron_ent.get())
except:
box.showerror(title='Ошибка', message='Не корректное время!')
self.app.win.deiconify()
return
if t < 15:
box.showerror(title='Ошибка',
message='Время должно быть больше 15 минут!')
self.app.win.deiconify()
return
self.app.app.app.sets.sync_enable = True
self.app.app.app.sets.sync_period = t
point = self.points_var.get()
passw = self.passw_ent.get()
if passw == '*****':
passw = self.app.app.app.sets.sync_passw
else:
passw = md5py.new(passw).hexdigest()
self.app.app.app.sets.sync_login = self.login_ent.get()
self.app.app.app.sets.sync_passw = passw
self.app.app.app.sets.sync_point = point
self.app.reload = True
def check_login(self):
""" проверка правильности логина и пароля на сервере """
login = self.login_ent.get()
passw = self.passw_ent.get()
if passw == '*****':
passw = self.app.app.app.sets.sync_passw
else:
passw = md5py.new(passw).hexdigest()
self.check_var.set('Идет проверка')
self.check_login['state'] = 'disable'
self.frame.update()
d = {}
j = json.dumps({
'auth': {
'login': login,
'passw': passw
},
'request': 'check_login'
})
d['data'] = j
url = self.app.app.app.sets.sync_server
try:
response = urllib.urlopen(url + '/utils',
urllib.urlencode(d)).read()
except:
response = 'Не удалось соединиться'
self.check_var.set(response[:50])
self.check_login['state'] = 'normal'
def set_enter(self,event=None):
passw=md5py.new(self.passw.get().encode('utf-8')).hexdigest()
self.app.db.execute('select passw from users where name=?',(self.name,))
# проверяем правильность пароля
if self.app.db.fetchone()[0]==passw:
self.app.set_user(self.name)
else:
box.showerror(title='Ошибка!',message='Не верный пароль')
self.passw.delete(0,END)
self.passw.focus()
def set_enter(self, event=None):
passw = md5py.new(self.passw.get().encode('utf-8')).hexdigest()
self.app.db.execute('select passw from users where name=?',
(self.name, ))
# проверяем правильность пароля
if self.app.db.fetchone()[0] == passw:
self.app.set_user(self.name)
else:
box.showerror(title='Ошибка!', message='Не верный пароль')
self.passw.delete(0, END)
self.passw.focus()
def save_changes(self):
""" сохраняем изменения """
if self.pass_state:
if not self.pass_ent.get()=='*****':
self.passw=md5py.new(self.pass_ent.get().encode('utf-8')).hexdigest()
else:
self.passw=''
self.app.app.app.db.execute('update users set caps=? , passw=? where name=?',(repr(self.caps),self.passw,self.selected))
self.app.app.app.con.commit()
self.app.reload=True
def save_changes(self):
""" сохраняем изменения """
if self.pass_state:
if not self.pass_ent.get() == '*****':
self.passw = md5py.new(
self.pass_ent.get().encode('utf-8')).hexdigest()
else:
self.passw = ''
self.app.app.app.db.execute(
'update users set caps=? , passw=? where name=?',
(repr(self.caps), self.passw, self.selected))
self.app.app.app.con.commit()
self.app.reload = True
def check_points_from_server(self):
""" проверка сохраненных точек на сервере """
login = self.login_ent.get()
passw = self.passw_ent.get()
if passw == '*****':
passw = self.app.app.app.sets.sync_passw
else:
passw = md5py.new(passw).hexdigest()
self.check_var.set('Идет проверка')
self.check_points['state'] = 'disable'
self.frame.update()
d = {}
j = json.dumps({
'auth': {
'login': login,
'passw': passw
},
'request': 'check_points'
})
d['data'] = j
url = self.app.app.app.sets.sync_server
try:
response = urllib.urlopen(url + '/utils',
urllib.urlencode(d)).read()
except:
response = None
self.check_points['state'] = 'normal'
if response:
self.check_var.set('Обновлено')
try:
r = eval(response)
self.app.app.app.sets.sync_points = repr(r)
self.points_ent['values'] = r
except:
self.check_var.set('Ошибка...')
return
else:
self.check_var.set('Не удалось соединиться с сервером')
def check_login(self):
""" проверка правильности логина и пароля на сервере """
login=self.login_ent.get()
passw=self.passw_ent.get()
if passw=='*****':
passw=self.app.app.app.sets.sync_passw
else:
passw=md5py.new(passw).hexdigest()
self.check_var.set('Идет проверка')
self.check_login['state']='disable'
self.frame.update()
d={}
j=json.dumps({'auth':{'login':login,'passw':passw},'request':'check_login'})
d['data']=j
url=self.app.app.app.sets.sync_server
try:
response=urllib.urlopen(url+'/utils',urllib.urlencode(d)).read()
except:response='Не удалось соединиться'
self.check_var.set(response[:50])
self.check_login['state']='normal'
recv()
s.send('1\n')
recv()
s.send(message + '\n')
data = recv()
m = re.search(r'Your hash: (\w+)', data)
if not m:
exit()
legit, = m.groups()
print('legit ' + legit)
# initialize hash object with state of a vulnerable hash
fake_md5 = md5py.new('A' * 64)
fake_md5.A, fake_md5.B, fake_md5.C, fake_md5.D = md5py._bytelist2long(
legit.decode('hex'))
# update legit hash with malicious message
fake_md5.update(malicious)
# fake_hash is the hash for md5(secret + message + padding + malicious)
fake_hash = fake_md5.hexdigest()
print('fake ' + fake_hash)
#############################
### STEP 2: Craft payload ###
#############################
# TODO: calculate proper padding based on secret + message
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((host, port))
data = s.recv(1024)
s.send('1\n')
data = s.recv(1024)
s.send(message + '\n')
data = s.recv(1024)
m = re.search('Your hash: ([a-z0-9]*)', data)
legit = m.group(1)
#legit = '7d2a3a8f9b9b6491736c785c68ce02c1' # a legit hash of secret + message goes here, obtained from signing a message
# initialize hash object with state of a vulnerable hash
fake_md5 = md5py.new('A' * 64)
fake_md5.A, fake_md5.B, fake_md5.C, fake_md5.D = md5py._bytelist2long(legit.decode('hex'))
malicious = 'malicious message' # put your malicious message here
# update legit hash with malicious message
fake_md5.update(malicious)
# fake_hash is the hash for md5(secret + message + padding + malicious)
fake_hash = fake_md5.hexdigest()
#print(fake_hash)
#############################
### STEP 2: Craft payload ###
#############################
#send the message
data = s.recv(1024)
s.send(message + '\n')
#get the hash
data = s.recv(1024)
my_hash = data[39:].strip() #grab the hash and strip the string
print(my_hash)
#continue to main 'menu'
data = s.recv(1024)
legit = my_hash
# initialize hash object with state of a vulnerable hash
fake_hash = md5py.new('A' * 64)
fake_hash.A, fake_hash.B, fake_hash.C, fake_hash.D = md5py._bytelist2long(
legit.decode('hex'))
malicious = 'Hack' # put your malicious message here
# update legit hash with malicious message
fake_hash.update(malicious)
# test is the correct hash for md5(secret + message + padding + malicious)
test = fake_hash.hexdigest()
#############################
### STEP 2: Craft payload ###
#############################
# TODO: calculate proper padding based on secret + message
def get_flag():
ip = '192.168.17.30'
port = 3006
generator = 2
p = 999959
send = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
send.connect((ip, port))
data = send.recv(1024)
tmp = data.split(" ")
pubkey = int(tmp[1])
# get the rsa variables
# returned as dict
# f*****g test suit cant make its mind up about too small of N and too big of N.
# phi: 16077600ERROR: This p and q are taken. Please find another pair.
key = gen_rsa(81, 5)
# generat our public key
our_pubkey = gen_pub_key(generator, key['d'], p)
sending_pubkey = "PUBKEY {}".format(str(our_pubkey))
send.send(sending_pubkey)
# derive session key
#3. Both sides then derive the session key as MD5(g^(sc) mod p).
m = md5py.new()
shared_secret = pow(pubkey, key['d'], p)
m.update(str(shared_secret))
session_key = m.hexdigest()
# convert sessino key to bytes for AES encryption
session_key_bytes = unhexlify(session_key)
# 4. You can now encrypt your request ("GET FLAG") with AES-128 in CBC mode
# you should use PKCS7 padding padding to fill the remaining bytes
request = "GET FLAG"
# first part of the block is the IV, so we need to extract that.
# 128 bit blocks, 8 bits per block, 16 bytes
BLOCK_SIZE = 16
iv = Random.new().read(BLOCK_SIZE)
# first blobk is the Initialization Vector.
cipher = AES.new(session_key_bytes, AES.MODE_CBC, iv)
# TODO CHECK PADDING IS RIGHT
ciphertext = cipher.encrypt(pad(request, BLOCK_SIZE))
# send this to the server
payload = iv + ciphertext
# Then send your encrypted request to the server as raw binary bytes.
send.send(payload)
data = send.recv(1024)
# every once in a while we get this garbage
'''
'\xeb@\x83\xdb\x1c\x98\xf3R\x1c:S|-"\x01\xcdp\xf7\xbe+%\x85\xc2\x96u)\x9f\xb1H#\x9b\xa7'
FLAG f5fb23681f3298f38d4c
'XT\r\n'
'''
# where the server provided ciphertext is not a multiple of 16. This happens about once every 20 requests.
# decrypt the data using AES 128 CBC
iv = data[:BLOCK_SIZE]
cipher = AES.new(session_key_bytes, AES.MODE_CBC, iv)
raw = cipher.decrypt(data[BLOCK_SIZE:]).strip()
# better way to remove padding
pad_num = int(raw[-1].encode('hex'))
flag = raw[:-(pad_num)]
# all done, got the encrypted flag
send.close()
return flag
def pad(s):
padlen = 64 - ((len(s) + 8) % 64)
bit_len = 8*len(s)
if(padlen < 64):
s = s + '\x80' + '\x00' * (padlen - 1)
a=struct.pack('<q', bit_len)
a=[ chr(x) for x in a]
b="".join(a)
s=s+b
return s
print ("This is the program that perform the hash attack to MD5!!!")
print ("You need to forge the signature and caculate the sum of first MagicNumber(1st)")
val = md5py.new(secret+initialData)
print ("You get the hash(secret + message1):", val.hexdigest())
#the code here:generate the signature
payload = pad(secret+initialData)+append
legit = md5py.new(payload)
print ("The digital signature(hash(secret+message1+message2)) is:", legit.hexdigest())
#the code here:modify MagicNumber to acheive extension attack
not_legit = md5py.new("z"*64)
not_legit.A, not_legit.B, not_legit.C, not_legit.D = md5py._bytelist2long(val.digest())
MagicSum=not_legit.A + not_legit.B + not_legit.C+ not_legit.D
not_legit.update(append)
print ("Your forged signature is:", not_legit.hexdigest())
if legit.hexdigest() == not_legit.hexdigest():
pdat = ''.join((c if 32 <= ord(c) <= 126 else '.' )for c in lin)
print(' %04x: %-48s %s' % (b, hxdat, pdat))
print
secret = b"secret"
original = b"data"
append = b"append"
def pad(s):
padlen = 64 - ((len(s) + 8) % 64)
bit_len = 8*len(s)
if(padlen < 64):
s += '\x80' + '\000' * (padlen - 1)
return s + struct.pack('<q', bit_len)
val = md5py.new(secret+original)
print "Original payload:", val.hexdigest()
payload = pad(secret+original)+append
hexdump(payload)
legit = md5py.new(payload)
print "Legit digest:", legit.hexdigest()
not_legit = md5py.new("A"*64)
not_legit.A, not_legit.B, not_legit.C, not_legit.D = md5py._bytelist2long(val.digest())
not_legit.update(append)
print "Illicit digest:", not_legit.hexdigest()
if legit.hexdigest() == not_legit.hexdigest():
print "Success!"