Esempio n. 1
0
def test():
    file_value = bytes(request.args.get("file"), "utf-8")
    signature_hex = bytes(request.args.get("signature"), "utf-8")
    computed_signature_hex = myhmac(sha1_from_github, file_value, HMAC_KEY)
    print(computed_signature_hex)
    if insecure_equals(hexToRaw(signature_hex), hexToRaw(computed_signature_hex)):
        return RESPONSE_200
    else:
        return RESPONSE_500
Esempio n. 2
0
def test():
    file_value = bytes(request.args.get("file"), 'utf-8')
    signature_hex = bytes(request.args.get("signature"), 'utf-8')
    computed_signature_hex = myhmac(sha1_from_github, file_value, HMAC_KEY)
    print(computed_signature_hex)
    if (insecure_equals(hexToRaw(signature_hex),
                        hexToRaw(computed_signature_hex))):
        return RESPONSE_200
    else:
        return RESPONSE_500
def hex_xor(hex1, hex2):
    if (len(hex1) != len(hex2)):
        return '';
    raw1 = hexToRaw(hex1);
    raw2 = hexToRaw(hex2);
    rawresult = '';
    for i in range(0, len(raw1)):
        rawresult += chr(raw1[i] ^ raw2[i]);
#    rawresult = raw1 ^ raw2;
    return rawToHex(rawresult);
Esempio n. 4
0
def findGoodKeys(cipher):
    for i in range(256):
        mg, plain = tryKey(cipher, rawToHexLUT[i]);
        #print(str(i) + ": " + str(mg));
        if (mg > .050):
            print("potential key: 0x" + rawToHexLUT[i]);
            print("Potential hex(plain): " + str(plain).lstrip("b'").rstrip("'"));
            print(str(plain).lstrip("b'").rstrip("'"))
            print("potential plaintext: " + str(hexToRaw(str(plain).lstrip("b'").rstrip("'"))))
            print("potential plaintext: " + str(hexToRaw(str(plain).lstrip("b'").rstrip("'"))).lstrip("b'").rstrip("'"));
Esempio n. 5
0
def hex_xor(hex1, hex2):
    if (len(hex1) != len(hex2)):
        return ''
    raw1 = hexToRaw(hex1)
    raw2 = hexToRaw(hex2)
    rawresult = ''
    for i in range(0, len(raw1)):
        rawresult += chr(raw1[i] ^ raw2[i])


#    rawresult = raw1 ^ raw2;
    return rawToHex(rawresult)
Esempio n. 6
0
def findGoodKeys(cipher):
    for i in range(256):
        mg, plain = tryKey(cipher, rawToHexLUT[i])
        #print(str(i) + ": " + str(mg));
        if (mg > .050):
            print("potential key: 0x" + rawToHexLUT[i])
            print("Potential hex(plain): " +
                  str(plain).lstrip("b'").rstrip("'"))
            print(str(plain).lstrip("b'").rstrip("'"))
            print("potential plaintext: " +
                  str(hexToRaw(str(plain).lstrip("b'").rstrip("'"))))
            print("potential plaintext: " +
                  str(hexToRaw(str(plain).lstrip("b'").rstrip("'"))).lstrip(
                      "b'").rstrip("'"))
def rsa_demo2():
    e = 3;
    p = 4;
    q = 4;
    while ((p % e) == 1):
        p = generatePrime(1024);
    while ((q % e) == 1):
        q = generatePrime(1024);
    N = p*q;
    phi = (p-1)*(q-1);
    assert((phi%e) != 0);
    d = invmod(e, phi);
    message = 42;
    encrypted = mypow(message, e, N);
    decrypted = mypow(encrypted, d, N);
    assert(message == decrypted);
#Finally, to encrypt a string, do something cheesy, like convert the
#string to hex and put "0x" on the front of it to turn it into a
#number. The math cares not how stupidly you feed it strings.
    rawMessage = b'May the Force be with you'
    hexMessage = rawToHex(rawMessage);
    intMessage = int(hexMessage, 16);
    encrypted = mypow(intMessage, e, N);
    decrypted = mypow(encrypted, d, N);
    assert(intMessage == decrypted);
    assert(hexToRaw(hex(intMessage)[2:]) == rawMessage);
Esempio n. 8
0
def hex_xor(hex1, hex2):
    if (len(hex1) != len(hex2)):
        return '';
    raw1 = hexToRaw(hex1);
    raw2 = hexToRaw(hex2);
    for i in range(len(hex2)):
        a=type(hex1[i])
        print(a)
        print(hex1[i],hex2[i])
        print(hex1[i]^hex2[i])
    rawresult = '';
    for i in range(0, len(raw1)):
        print(raw1[i]^raw2[i])
        rawresult += chr(raw1[i] ^ raw2[i]);
#    rawresult = raw1 ^ raw2;
    return rawToHex(rawresult);
Esempio n. 9
0
def rsa_demo2():
    e = 3
    p = 4
    q = 4
    while ((p % e) == 1):
        p = generatePrime(1024)
    while ((q % e) == 1):
        q = generatePrime(1024)
    N = p * q
    phi = (p - 1) * (q - 1)
    assert ((phi % e) != 0)
    d = invmod(e, phi)
    message = 42
    encrypted = mypow(message, e, N)
    decrypted = mypow(encrypted, d, N)
    print('p = %d;q = %d; N = %d; e=%d; d=%d; message = %d; encrypted=%d' %
          (p, q, N, e, d, message, encrypted))
    assert (message == decrypted)
    #Finally, to encrypt a string, do something cheesy, like convert the
    #string to hex and put "0x" on the front of it to turn it into a
    #number. The math cares not how stupidly you feed it strings.
    rawMessage = b'May the Force be with you'
    hexMessage = rawToHex(rawMessage)
    intMessage = int(hexMessage, 16)
    encrypted = mypow(intMessage, e, N)
    decrypted = mypow(encrypted, d, N)
    assert (intMessage == decrypted)
    assert (hexToRaw(hex(intMessage)[2:]) == rawMessage)
Esempio n. 10
0
def aes_cbc_enc(rawPlain, rawKey, rawIV):
    plainBlocks = chunks(rawPlain, 16);
    cipher = b'';
    for block in plainBlocks:
        blockIn = hexToRaw(hex_xor(rawToHex(block), rawToHex(rawIV)));
        blockOut = aes_ecb_enc(blockIn, rawKey);
        rawIV = blockOut;
        cipher += blockOut;
    return cipher;
Esempio n. 11
0
def myhmac(hash_function, message, key):
    if (len(key) > 64):
        key = hash(key)
    if (len(key) < 64):
        key += (b'\x00' * (64 - len(key)))

    opad = raw_xor(b'\x5c' * 64, key)
    ipad = raw_xor(b'\x36' * 64, key)
    return (hash_function(opad + hexToRaw(hash_function(ipad + message))))
Esempio n. 12
0
def findSingleCharXOR(ciphers):
    for cip in ciphers:
        for i in range(256):
            mg, plain = tryKey(cip, rawToHexLUT[i]);
            if (mg > .050):
                print("potential key: 0x" + rawToHexLUT[i]);
                print("potential hex(cipher): " + str(cip).lstrip("b'").rstrip("'"));
                print("potential hex(plain): " + str(plain).lstrip("b'").rstrip("'"));
                print("potential plaintext: " + str(hexToRaw(str(plain).lstrip("b'").rstrip("'"))).lstrip("b'").rstrip("'"));
Esempio n. 13
0
def aes_cbc_dec(rawCipher, rawKey, rawIV):
    cipherBlocks = chunks(rawCipher, 16)
    plain = b""
    for block in cipherBlocks:
        ecbOut = aes_ecb_dec(block, rawKey)
        cbcOut = hexToRaw(hex_xor(rawToHex(ecbOut), rawToHex(rawIV)))
        rawIV = block
        plain += cbcOut
    return plain
Esempio n. 14
0
def myhmac(hash_function, message, key):
    if len(key) > 64:
        key = hash(key)
    if len(key) < 64:
        key += b"\x00" * (64 - len(key))

    opad = raw_xor(b"\x5c" * 64, key)
    ipad = raw_xor(b"\x36" * 64, key)
    return hash_function(opad + hexToRaw(hash_function(ipad + message)))
Esempio n. 15
0
def aes_cbc_enc(rawPlain, rawKey, rawIV):
    plainBlocks = chunks(rawPlain, 16)
    cipher = b""
    for block in plainBlocks:
        blockIn = hexToRaw(hex_xor(rawToHex(block), rawToHex(rawIV)))
        blockOut = aes_ecb_enc(blockIn, rawKey)
        rawIV = blockOut
        cipher += blockOut
    return cipher
Esempio n. 16
0
def aes_cbc_dec(rawCipher, rawKey, rawIV):
    cipherBlocks = chunks(rawCipher, 16);
    plain = b'';
    for block in cipherBlocks:
        ecbOut = aes_ecb_dec(block, rawKey);
        cbcOut = hexToRaw(hex_xor(rawToHex(ecbOut), rawToHex(rawIV)));
        rawIV = block;
        plain += cbcOut;
    return plain;
Esempio n. 17
0
def aes_cbc_dec(rawCipher, rawKey, rawIV):
    cipherBlocks = chunks(rawCipher, 16)
    plain = b''
    for block in cipherBlocks:
        ecbOut = aes_ecb_dec(block, rawKey)
        cbcOut = hexToRaw(hex_xor(rawToHex(ecbOut), rawToHex(rawIV)))
        rawIV = block
        plain += cbcOut
    return plain
Esempio n. 18
0
def aes_cbc_enc(rawPlain, rawKey, rawIV):
    plainBlocks = chunks(rawPlain, 16)
    cipher = b''
    for block in plainBlocks:
        blockIn = hexToRaw(hex_xor(rawToHex(block), rawToHex(rawIV)))
        blockOut = aes_ecb_enc(blockIn, rawKey)
        rawIV = blockOut
        cipher += blockOut
    return cipher
Esempio n. 19
0
def myhmac(hash_function, message, key):
    if (len(key) > BLOCKSIZE):
        key = hash(key)
    if (len(key) < BLOCKSIZE):
        key += (b'\x00' * (BLOCKSIZE - len(key)))

    opad = raw_xor(b'\x5c' * BLOCKSIZE, key)
    ipad = raw_xor(b'\x36' * BLOCKSIZE, key)

    return hash_function(opad + hexToRaw(hash_function(ipad + message)))
def myhmac(hash_function, message, key):
    if (len(key) > BLOCKSIZE):
        key = hash(key)
    if (len(key) < BLOCKSIZE):
        key += (b'\x00' * (BLOCKSIZE - len(key)));

    opad = raw_xor(b'\x5c' * BLOCKSIZE, key);
    ipad = raw_xor(b'\x36' * BLOCKSIZE, key);
        
    return hash_function(opad + hexToRaw(hash_function(ipad + message)));
Esempio n. 21
0
    def handle(self):
        while True:
            # typical url: http://localhost:9000/test?file=foo&signature=46b4ec586117154dacd49d664e5d63fdc88efb51
            line = self.rfile.readline().strip();
            if (line == None):
                break;
            file_index = line.find(b'file=')
            signature_index = line.find(b'&signature=')
            if ((file_index == -1 ) or (signature_index == -1)):
                continue;
            file_value = line[file_index + len(b'file='):signature_index]
            signature_hex = line[signature_index+len(b'&signature='):]
            computed_signature_hex = bytes(myhmac(sha1_from_github, file_value, HMAC_KEY), 'UTF-8');
            
            if (insecure_equals(hexToRaw(signature_hex), hexToRaw(computed_signature_hex))):
                self.wfile.write(RESPONSE_200);
            else:
                self.wfile.write(RESPONSE_500);
            

        self.wfile.write(self.data.upper())
Esempio n. 22
0
def findSingleCharXOR(ciphers):
    for cip in ciphers:
        for i in range(256):
            mg, plain = tryKey(cip, rawToHexLUT[i])
            if (mg > .050):
                print("potential key: 0x" + rawToHexLUT[i])
                print("potential hex(cipher): " +
                      str(cip).lstrip("b'").rstrip("'"))
                print("potential hex(plain): " +
                      str(plain).lstrip("b'").rstrip("'"))
                print("potential plaintext: " +
                      str(hexToRaw(str(plain).lstrip("b'").rstrip(
                          "'"))).lstrip("b'").rstrip("'"))
Esempio n. 23
0
def appendMessage(original, tag, extra):    
    #assume secret is between 0 and 64 bytes in length
    for i in range(65):
        oldpadding = generateSHAPadding(len(original)+i);
        newpadding= generateSHAPadding(len(original) + len(oldpadding) + len(extra) + i);
        newdata = extra + newpadding;
        a = int.from_bytes(tag[0:4], byteorder='big');
        b = int.from_bytes(tag[4:8], byteorder='big');
        c = int.from_bytes(tag[8:12], byteorder='big');
        d = int.from_bytes(tag[12:16], byteorder='big');
        e = int.from_bytes(tag[16:20], byteorder='big');        
        newtag = hexToRaw(nopaddingSHA(newdata, h0=a, h1=b, h2=c, h3=d, h4=e))
        if (checkDumbHashAuth(original + oldpadding + extra, newtag)):
            return newtag
    print("Failure");
Esempio n. 24
0
def generateEncryptedAdminProfile():
    # get to a fresh block
    s = 'A' * (16 - (len(prefix) % 16));
    #locate the IV for my block
    myIVBlock = ((len(prefix) + len(s)) // 16) - 1;
    # add a known block value
    s += 'X' * 16;
    # encrypt
    cip = padAndEncryptString(s);
    # extract IV for block of interest
    allBlocks = chunks(cip, 16);
    myIV = allBlocks[myIVBlock];
    # xor in IV with desired value
    hexIV = rawToHex(myIV);
    hexKnown = rawToHex('X'*16);
    hexDesired = rawToHex(";admin=true;XXXX")
    newHexIV = hex_xor(hexIV, hex_xor(hexKnown, hexDesired));
    newIV = hexToRaw(newHexIV);
    # insert "error"
    allBlocks[myIVBlock] = newIV;
    myCipher = b'';
    for b in allBlocks:
        myCipher += b;
    return myCipher;
Esempio n. 25
0
def tryKey(cipher, key):
    fullkey = key * len(cipher);
    fullkey = fullkey[:len(cipher)];
    potential_plain = hex_xor(cipher, fullkey);
    return calculateMG(hexToRaw(potential_plain)), potential_plain;
Esempio n. 26
0
"MVQHYhoGGksABwdJAB0ASTpFNwQcTRoDBBgDUkksGioRHUkKCE5THEVCC08E" + \
"EgF0BBwJSQoOGkgGADpfADETDU5tBzcJEFMLTx0bAHQJCx8ADRJUDRdMN1RH" + \
"YgYGTi5jMURFeQEaSRAEOkURDAUCQRkKUmQ5XgBIKwYbQFIRSBVJGgwBGgtz" + \
"RRNNDwcVWE8BT3hJVCcCSQwGQx9IBE4KTwwdASEXF01jIgQATwZIPRpXKwYK" + \
"BkdEGwsRTxxDSToGMUlSCQZOFRwKUkQ5VEMnUh0BR0MBGgAAZDwGUwY7CBdN" + \
"HB5BFwMdUz0aQSwWSQoITlMcRUILTxoCEDUXF01jNw4BTwVBNlRBYhAIGhNM" + \
"EUgIRU5CRFMkOhwGBAQLTVQOHFkvUkUwF0lkbXkbHUVUBgAcFA0gRQYFCBpB" + \
"PU8FQSsaVycTAkJHYhsRSQAXABxUFzFFFggICkEDHR1OPxoqER1JDQhNEUgK" + \
"TkJPDAUAJhwQAg0XQRUBFgArU04lUh0GDlNUGwpOCU9jeTY1HFJARE4xGA4L" + \
"ACxSQTZSDxsJSw1ICFUdBgpTNjUcXk0OAUEDBxtUPRpCLQtFTgBPVB8NSRoK" + \
"SREKLUUVAklkERgOCwAsUkE2Ug8bCUsNSAhVHQYKUyI7RQUFABoEVA0dWXQa" + \
"Ry1SHgYOVBFIB08XQ0kUCnRvPgwQTgUbGBwAOVREYhAGAQBJEUgETgpPGR8E" + \
"LUUGBQgaQRIaHEshGk03AQANR1QdBAkAFwAcUwE9AFxNY2QxGA4LACxSQTZS" + \
"DxsJSw1ICFUdBgpTJjsIF00GAE1ULB1NPRpPLF5JAgJUVAUAAAYKCAFFXjUe" + \
"DBBOFRwOBgA+T04pC0kDElMdC0VXBgYdFkU2CgtNEAEUVBwTWXhTVG5SGg8e" + \
"AB0cRSo+AwgKRSANExlJCBQaBAsANU9TKxFJL0dMHRwRTAtPBRwQMAAATQcB" + \
"FlRlIkw5QwA2GggaR0YBBg5ZTgIcAAw3SVIaAQcVEU8QTyEaYy0fDE4ITlhI" + \
"Jk8DCkkcC3hFMQIEC0EbAVIqCFZBO1IdBgZUVA4QTgUWSR4QJwwRTWM="

if __name__ == "__main__":
    bestKeySizes, bestScores = findKeySize(base64toHex(b64cipher), 20)
    # after running this with a bunch of different number of blocks, 29 always pops out.
    # I'm confident 29 is the right answer.
    splits = splitCipher(base64toRaw(b64cipher), 29)
    key = ""
    for s in splits:
        key += (findKey(s))
    print("Key: " + str(key))
    print("Plain: " + str(
        hexToRaw(repeating_hex_xor(base64toHex(b64cipher), rawToHex(key)))))
Esempio n. 27
0
def tryKey(cipher, key):
    fullkey = key * len(cipher)
    fullkey = fullkey[:len(cipher)]
    potential_plain = hex_xor(cipher, fullkey)
    return calculateMG(hexToRaw(potential_plain)), potential_plain
def dumbHashAuth(key, message):
    return hexToRaw(sha1_from_github(key + message));
Esempio n. 29
0
def dumbHashAuth(key, message):
    return hexToRaw(sha1_from_github(key + message))
"YgYGTi5jMURFeQEaSRAEOkURDAUCQRkKUmQ5XgBIKwYbQFIRSBVJGgwBGgtz" + \
"RRNNDwcVWE8BT3hJVCcCSQwGQx9IBE4KTwwdASEXF01jIgQATwZIPRpXKwYK" + \
"BkdEGwsRTxxDSToGMUlSCQZOFRwKUkQ5VEMnUh0BR0MBGgAAZDwGUwY7CBdN" + \
"HB5BFwMdUz0aQSwWSQoITlMcRUILTxoCEDUXF01jNw4BTwVBNlRBYhAIGhNM" + \
"EUgIRU5CRFMkOhwGBAQLTVQOHFkvUkUwF0lkbXkbHUVUBgAcFA0gRQYFCBpB" + \
"PU8FQSsaVycTAkJHYhsRSQAXABxUFzFFFggICkEDHR1OPxoqER1JDQhNEUgK" + \
"TkJPDAUAJhwQAg0XQRUBFgArU04lUh0GDlNUGwpOCU9jeTY1HFJARE4xGA4L" + \
"ACxSQTZSDxsJSw1ICFUdBgpTNjUcXk0OAUEDBxtUPRpCLQtFTgBPVB8NSRoK" + \
"SREKLUUVAklkERgOCwAsUkE2Ug8bCUsNSAhVHQYKUyI7RQUFABoEVA0dWXQa" + \
"Ry1SHgYOVBFIB08XQ0kUCnRvPgwQTgUbGBwAOVREYhAGAQBJEUgETgpPGR8E" + \
"LUUGBQgaQRIaHEshGk03AQANR1QdBAkAFwAcUwE9AFxNY2QxGA4LACxSQTZS" + \
"DxsJSw1ICFUdBgpTJjsIF00GAE1ULB1NPRpPLF5JAgJUVAUAAAYKCAFFXjUe" + \
"DBBOFRwOBgA+T04pC0kDElMdC0VXBgYdFkU2CgtNEAEUVBwTWXhTVG5SGg8e" + \
"AB0cRSo+AwgKRSANExlJCBQaBAsANU9TKxFJL0dMHRwRTAtPBRwQMAAATQcB" + \
"FlRlIkw5QwA2GggaR0YBBg5ZTgIcAAw3SVIaAQcVEU8QTyEaYy0fDE4ITlhI" + \
"Jk8DCkkcC3hFMQIEC0EbAVIqCFZBO1IdBgZUVA4QTgUWSR4QJwwRTWM=";

if __name__ == "__main__":
    bestKeySizes, bestScores = findKeySize(base64toHex(b64cipher), 20);
    # print(bestKeySizes);
    # print(bestScores);
    # after running this with a bunch of different number of blocks, 29 always pops out.
    # I'm confident 29 is the right answer.
    splits = splitCipher(base64toRaw(b64cipher), 29);
    key = "";
    for s in splits:
        key += (findKey(s));
    print("Key: " + str(key));
    print("Plain: " + str(hexToRaw(repeating_hex_xor(base64toHex(b64cipher), rawToHex(key)))));