def crack_rsa(n,e = None,c = None):
"""
Tries all currently implemented attacks on RSA key.
"""
log.info("Cracking RSA key")
# Wieners attack
if e != None:
log.waitfor("Trying Wiener's attack")
res = wieners_attack(n,e)
if res != None:
log.succeeded("success!")
log.success("Factors: %d %d" % res)
return
else:
log.failed()
# Factor
log.waitfor("Trying to factor...")
res = factor(n)
if res != None:
p, q = res
log.succeeded("success!")
log.success("Factors: %d %d" % (p, q))
if e != None:
d = calculate_private_key(p,q,e)
log.success("d = %d" % d)
if c != None:
log.info("Possible message: %s" % int2bytes(decrypt(c,d,n)))
return
else:
log.failed("failed")
def crack_rsa(n, e=None, c=None):
"""
Tries all currently implemented attacks on RSA key.
"""
log.info("Cracking RSA key")
# Wieners attack
if e != None:
log.waitfor("Trying Wiener's attack")
res = wieners_attack(n, e)
if res != None:
log.succeeded("success!")
log.success("Factors: %d %d" % res)
return
else:
log.failed()
# Factor
log.waitfor("Trying to factor...")
res = factor(n)
if res != None:
p, q = res
log.succeeded("success!")
log.success("Factors: %d %d" % (p, q))
if e != None:
d = calculate_private_key(p, q, e)
log.success("d = %d" % d)
if c != None:
log.info("Possible message: %s" % int2bytes(decrypt(c, d, n)))
return
else:
log.failed("failed")
def wait_for_connection(self):
log.waitfor('Waiting for connection on port %d' % self.port)
self.listensock.settimeout(self.timeout)
try:
self.sock, self.target = self.listensock.accept()
except Exception as e:
log.failed('Got exception: %s' % e)
raise
log.succeeded('Got connection from %s:%d' % self.target)
def wait_for_connection(self):
log.waitfor('Waiting for connection on port %d' % self.port)
self.listensock.settimeout(self.timeout)
try:
self.sock, self.target = self.listensock.accept()
except Exception as e:
log.failed('Got exception: %s' % e)
raise
log.succeeded('Got connection from %s:%d' % self.target)
def bruteforce(function,
alphabet,
length,
condition=None,
method='upto',
start=None):
"""
Bruteforce a given string function.
Arguments:
function: the function to bruteforce
alphabet: possible characters in the string
length: length of the string
method:
upto: try lengths 1..repeat
fixed: only try 'repeat' length
downfrom: try lengths repeat..1
start: a tuple (i,N) which splits the search space up into N pieces
and starts at piece i.
"""
import pwn.log as log
total_iterations = len(alphabet)**length
cur_iteration = 0
if method == 'upto' and length > 1:
iterator = product(alphabet, repeat=1)
for i in xrange(2, length + 1):
iterator = chain(iterator, product(alphabet, repeat=i))
elif method == 'downfrom' and length > 1:
iterator = product(alphabet, repeat=length)
for i in xrange(length - 1, 1, -1):
iterator = chain(iterator, product(alphabet, repeat=i))
elif method == 'fixed':
iterator = product(alphabet, repeat=length)
if start is not None:
i, N = start
if i > N:
raise ValueError('invalid starting point')
i -= 1
chunk_size = total_iterations / N
rest = total_iterations % N
starting_point = 0
for chunk in range(N):
if chunk >= i:
break
if chunk <= rest:
starting_point += chunk_size + 1
else:
starting_point += chunk_size
if rest >= i:
chunk_size += 1
consume(iterator, starting_point)
iterator = take(chunk_size, iterator)
total_iterations = chunk_size
else:
raise NotImplementedError('Unknown method')
log.waitfor('Bruteforcing')
for e in iterator:
cur = ''.join(map(str, list(e)))
cur_iteration += 1
if cur_iteration % 2000 == 0:
log.status('Trying {0}, {1}%'.format(
cur, 100.0 * cur_iteration / total_iterations, 100))
res = function(cur)
if condition == res:
log.succeeded('Found key: \'{0}\', matching {1}'.format(cur, res))
return res
log.failed('No matches found')
def bruteforce(function, alphabet, length, condition=None, method='upto', start=None):
"""
Bruteforce a given string function.
Arguments:
function: the function to bruteforce
alphabet: possible characters in the string
length: length of the string
method:
upto: try lengths 1..repeat
fixed: only try 'repeat' length
downfrom: try lengths repeat..1
start: a tuple (i,N) which splits the search space up into N pieces
and starts at piece i.
"""
import pwn.log as log
total_iterations = len(alphabet) ** length
cur_iteration = 0
if method == 'upto' and length > 1:
iterator = product(alphabet, repeat=1)
for i in xrange(2, length+1):
iterator = chain(iterator, product(alphabet, repeat=i))
elif method == 'downfrom' and length > 1:
iterator = product(alphabet, repeat=length)
for i in xrange(length-1, 1, -1):
iterator = chain(iterator, product(alphabet, repeat=i))
elif method == 'fixed':
iterator = product(alphabet, repeat=length)
if start is not None:
i, N = start
if i > N:
raise ValueError('invalid starting point')
i -= 1
chunk_size = total_iterations / N
rest = total_iterations % N
starting_point = 0
for chunk in range(N):
if chunk >= i:
break
if chunk <= rest:
starting_point += chunk_size + 1
else:
starting_point += chunk_size
if rest >= i:
chunk_size += 1
consume(iterator, starting_point)
iterator = take(chunk_size, iterator)
total_iterations = chunk_size
else:
raise NotImplementedError('Unknown method')
log.waitfor('Bruteforcing')
for e in iterator:
cur = ''.join(map(str, list(e)))
cur_iteration += 1
if cur_iteration % 2000 == 0:
log.status('Trying {0}, {1}%'.format(cur,
100.0*cur_iteration/total_iterations,
100))
res = function(cur)
if condition == res:
log.succeeded('Found key: \'{0}\', matching {1}'.format(cur, res))
return res
log.failed('No matches found')
