def generate_keys(self): self.key_material() self.conn.read_key = self.conn.key_material[:16] self.conn.write_key = self.conn.key_material[16:] self.hexprint("generate_keys:\n", self.conn.read_key) self.hexprint("", self.conn.write_key) d = RC4.RC4() self.conn.rc4_read_key = d.RC4_set_key(self.conn.read_key) del d d = RC4.RC4() self.conn.rc4_write_key = d.RC4_set_key(self.conn.write_key) del d
def read_ssl(self, len=0): buf = self.recvstuff(self.sck, 2) if not buf: raise OpenSSLException, "read_ssl: recv returned nothing. (IIS with no SSL config?)" a = struct.unpack(">B", buf[0])[0] b = struct.unpack(">B", buf[1])[0] if not (a & 0x80): read_len = ((a & 0x3f) << 8) | b buf = self.recvstuff(self.sck, 1) padding = struct.unpack(">B", buf[0])[0] else: read_len = ((a & 0x7f) << 8) | b padding = 0 if len: if read_len <= 0 or read_len > len: print "warning! ssl_returned read_len: %d user_asked len: %d" % ( read_len, len) if self.debug: print "read_len %d padding %d" % (read_len, padding) buf = self.recvstuff(self.sck, read_len) if self.conn.encrypted: if (MD5_DIGEST_LENGTH + padding) >= read_len: if struct.unpack("B", buf[0])[0] == SSL2_MT_ERROR and read_len == 3: raise OpenSSLException, "error in read_ssl: crypto related." else: raise OpenSSLException, "read_ssl: short ssl packet." else: return buf self.hexprint("read_ssl enc(md5+pad+text): ", buf) d = RC4.RC4() #self.hexprint("read_key: ", self.conn.read_key) #d.RC4_set_key(self.conn.read_key) text = d.RC4_update(self.conn.rc4_read_key, buf) if padding > 0: text = text[MD5_DIGEST_LENGTH:-padding] else: text = text[MD5_DIGEST_LENGTH:] #text = MD5_DIGEST + clear text + padding #strip padding and MD5_DIGEST self.hexprint("read_ssl clear text:\n", text) if struct.unpack("B", text[0])[0] == SSL2_MT_ERROR: if read_len != 3: raise OpenSSLException, "read_ssl: bad reply from server" else: raise OpenSSLException, "read_ssl: error from server" return text
def check(key): """ Encrypt the IV with the given key and checks with the keystream """ rc4 = RC4.RC4(key) keystream = rc4.getKeystream(CHALLENGE_LEN)[16:] #keystream = rc4.getKeystream(CHALLENGE_LEN) if keystream == KEY_STREAM: secret_key = unconvert_key(key) print('\n -----KEY FOUNDED----\n\nKey : {0}\n'.format(secret_key)) raise Exception("Key founded stopping pool")
def write_ssl(self, data): if self.conn.encrypted: total_len = len(data) + MD5_DIGEST_LENGTH else: total_len = len(data) if total_len + 2 > MAX_BUFSIZ: raise OpenSSLException, "write_ssl: buffer size too big" if self.debug: print "write_ssl total_len %d" % total_len buf = struct.pack(">H", total_len | 0x8000) if self.debug: print "write seq: %d" % self.conn.write_seq if self.conn.encrypted: d = md5.new() d.update(self.conn.write_key) d.update(data) seq = struct.pack(">L", self.conn.write_seq) self.hexprint("sequence: ", seq) d.update(seq) self.hexprint("MD5 digest: \n", d.digest()) #RC4 encrypt the md5_hash+data r = RC4.RC4() #r.RC4_set_key(self.conn.write_key) buf += r.RC4_update(self.conn.rc4_write_key, (d.digest() + data)) #append else: buf += data if self.conn.encrypted: self.hexprint("write_ssl encrypt text:\n", buf) self.sendstuff(self.sck, buf) self.conn.write_seq += 1
def main(): #get the config instance config = Config() scrap = scrap_website(config.getUserId(), config.getCourseNumber()) soup = BeautifulSoup(scrap.text, "html.parser") ciphertext = soup.find('input', {"name": "Ciphertext"})['value'] if ciphertext: key = config.getKey() ciphertext, key = parsing_key_ciphertext(key, ciphertext) rc4 = RC4() rc4.set_key(key) for i in range(len(ciphertext)): ciphertext[i] ^= rc4.decrypt(i) #verify our key for i in range(20, 2): if (ciphertext[i] != ciphertext[i + 1]): print("wrong key") return res = ciphertext[20:len(ciphertext)].decode("ascii") print(res) elif ciphertext == None: print("We couldnt find any input text called ciphertext") print("Check to ensure you have the right website") return else: print("No grade to show at the moment")