def main():
s = socket.socket()
print "Socket successfully created"
port = 6583
s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
s.bind(('', port))
print "socket binded to %s" % (port)
s.listen(5)
print "socket is listening"
while True:
c, addr = s.accept()
print 'Got connection from', addr
data = str(c.recv(100))
# print(data)
data_split = data.split(' ')
# print(data_split)
user = data_split[0]
T = data_split[1]
Nonce = data_split[2]
rndfile = Random.new()
# print(user,T,Nonce)
hash = SHA256.new()
hash.update(password)
key = hash.digest()[:16]
iv = hash.digest()[16:]
user_key_file = 'AS/key_user_' + str(getUserNo(user)) + '.txt'
f = open(user_key_file, 'r')
user_key_encrypted = bd(f.readline())
user_key = aes_cbc_dec(key, iv, user_key_encrypted)
f.close()
f = open('AS/key_tgs.txt', 'r')
key_tgs_encrypted = bd(f.readline())
key_tgs = aes_cbc_dec(key, iv, key_tgs_encrypted)
f.close()
print('key_tgs: ' + be(key_tgs))
print('user_key: ' + be(user_key))
key_c_tgs = be(rndfile.read(16))
print('key_c_tgs: ' + key_c_tgs)
ekc_msg = key_c_tgs + ' ' + T + ' ' + Nonce
ekc = be(aes_ecb_enc(user_key, add_padding(ekc_msg)))
ticket_msg = key_c_tgs + ' ' + user + ' ' + addr[0] + ' ' + T
print('ticket_msg: ' + ticket_msg)
ticket_tgs = be(aes_ecb_enc(key_tgs, add_padding(ticket_msg)))
msg = user + ' ' + ticket_tgs + ' ' + ekc
c.send(msg)
c.close()
def get_hypos_legend(kind):
encoded_img = None
if kind == 'A':
encoded_img = be(open(f'{LCL}dlegend.png', 'rb').read())
elif kind == 'T':
encoded_img = be(open(f'{LCL}tlegend.png', 'rb').read())
return f"data:image/jpg;base64,{encoded_img.decode('utf8')}"
def CHAP_Client(client):
'''Function To execute client side of the CHAP protocol
Parameters: <loauth.client Object> with class attributes
- endpoint <string>
- secret <string>
- sig_alg <loauth.cijfer.Cijfer Object>
- uuid <string>
Return Value: <requests.get() Object> Response object containing Auth Status
'''
if not isinstance(client, Client):
raise TypeError
# make challenge request
a = requests.get(client.endpoint,
params={
'uuid': client.uuid,
'op': 'get_challenge'
})
print("CHALLENGE: ", a.text)
# generate response
res = client.sig_alg.sign(client.secret.encode('utf-8'),
a.text.encode('utf-8'))
ack = requests.get(client.endpoint,
params={
'uuid': client.uuid,
'op': 'verify',
'challenge': a.text,
'payload': be(res)
})
print("ACK: ", ack.text)
return ack
def get_helicorder(ch):
url = f'a=plot&o=png&tz=Pacific/Honolulu&w=900&h=636&n=1&x.0=75&y.0=20' \
f'&w.0=750&h.0=576&mh.0=900&chCnt.0=1' \
f'&src.0=hvo_seismic_winston_helicorders&st.0=-28800000&et.0=N' \
f'&chNames.0={ch}&dataTypes.0=275.000000&tc.0=15&barMult.0=3' \
f'&sc.0=T&plotSeparately.0=false'
encoded_img = be(open(get_valve_plot(url), 'rb').read())
return f"data:image/jpg;base64,{encoded_img.decode('utf8')}"
def _py_encrypt(payload, enc) -> str:
if enc == "BASE85":
payload = be(payload.encode("UTF-8")).decode("UTF-8")
DECODE_STUB = PYTHON_DECODE_STUB_BASE85
else:
payload = ''.join(chr((ord(w) + 42)for w in payload))
DECODE_STUB = PYTHON_DECODE_STUB_ROT42
return DECODE_STUB
def _rb_encrypt(payload, enc) -> str:
if enc_type == "BASE85":
# i know , i know base85 is not the same with base64
# but in ruby . if its going to be undetectable
# we have to use built-ins
payload = be(payload.encode("UTF-8")).decode("UTF-8")
DECODE_STUB = RUBY_DECODE_STUB_BASE64
else:
payload = ''.join(chr((ord(w) + 42)for w in payload))
DECODE_STUB = RUBY_DECODE_STUB_ROT42
return DECODE_STUB
def _k(a):
k = be(a)
d = {
b'746D6462':
('GE4DIMLFMVRGCOLCMEZDMMZTG5TGEZBUGJSDANRQME3DONBRMZRQ====',
'MY3GEZBWHA3WMZTBGYZWGZBSHAZGENTGMYZGGNRYG43WMMRWGY4Q===='),
b'796F7574756265':
('IFEXUYKTPFBU65JVJNUGCUZZK5RVIZSOOZXFES32PJFE2ZRWPIWTMTSHMIZDQTI=',
),
b'7472616B74':
('GZQWMNZQGU3WMYLBMNSTANRQGJQWENDEMI4TKZDGHBSDINDDMVSTIMBVMZSWCM3GGE4GCZRWMU3DQOJWGAYDGYRVME4DGOBTMQZDQYQ=',
)
}
return bd(rc(d[k])).decode('ascii') # looooooooooooooooool
def CHAP_Butler(query_args):
#currently only HMAC
op = query_args['op'][0]
if op == 'get_challenge':
return str(random.randint(0, 99999999))
if op == 'verify':
check = query_args['payload'][0]
tmp = be(
HMAC('sha256').sign(b'secret',
bytes(query_args['challenge'][0], 'utf-8')))
print("CHECK:", tmp, check)
if tmp.decode('utf-8') == check:
return 'Authenticated'
else:
return 'NA'
else:
return 'NULLBABA'
def get_tiltv(region):
chs = ''
if region == 'kism':
chs = '18,20'
elif region == 'merz':
chs = '15,16'
url = f'a=plot&o=png&tz=Pacific/Honolulu&w=900&h=1740&n=1&x.0=75&y.0=20' \
f'&w.0=750&h.0=240&mh.0=900&chCnt.0=7&src.0=hvo_def_tilt' \
f'&st.0=-28800000&et.0=N&lg.0=true&ch.0={chs}' \
f'&dataTypes.0=NaN&plotType.0=tv&rk.0=1&ds.0=None&dsInt.0=&sdt.0=' \
f'&az.0=n&azval.0=&linetype.0=l&ysLMin.0=&ysLMax.0=&ysRMin.0=' \
f'&ysRMax.0=&despike_period.0=&filter_arg1.0=&filter_arg2.0=' \
f'&despike.0=F&detrend.0=F&dmo_fl.0=0&filter_arg3.0=' \
f'&dmo_arithmetic.0=None&dmo_arithmetic_value.0=&dmo_db.0=0' \
f'&debias_period.0=&radial.0=T&tangential.0=T&xTilt.0=F&yTilt.0=F' \
f'&magnitude.0=F&azimuth.0=F&holeTemp.0=F&boxTemp.0=F&instVolt.0=F' \
f'&rainfall.0=F&vs.0=&plotSeparately.0=false'
encoded_img = be(open(get_valve_plot(url), 'rb').read())
return f"data:image/jpg;base64,{encoded_img.decode('utf8')}"
from base64 import b64decode as be
#msg and KEY are meaningful english sentences in l33t
#msg2 = msg.replace('_','')#
#KEY = KEY.replace('_','')
#assert (len(KEY)==7) and KEY.isalnum() and msg2.isalnum()
#assert 'n00bCTF' in msg2
decode = be("DRcGGQBfGw1QEA4XBUURCA0MDQdGBlFTCTo7MxwJUhgAXBQa")
def XOR(A, B):
return ''.join(chr(ord(A[i]) ^ ord(B[i % len(B)])) for i in range(len(A)))
def dencryption(msg):
return XOR(decode, msg)
def print_flag(msg):
print 'CTF{%s}' % msg
def getflag(msg, KEY):
return (XOR(msg, KEY))
if __name__ == '__main__':
msg2 = "n00bCTF"
print dencryption(msg2)
print print_flag(getflag(decode, "hackyou"))
def fsh(m):
global args
if args.base64:
return be(bytes(m, 'utf-8')).decode()
else:
return m
def main():
s = socket.socket()
print "Socket successfully created"
port = 8471
s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
s.bind(('', port))
print "socket binded to %s" % (port)
s.listen(5)
print "socket is listening"
while True:
c, addr = s.accept()
print 'Got connection from', addr
data = c.recv(2000)
# print(data)
data_split = data.split(' ')
# print(data_split)
fileserver = data_split[0]
TS1 = data_split[1]
Nonce_ = data_split[2]
ticket_tgs = data_split[3]
auth_c = data_split[4]
rndfile = Random.new()
hash = SHA256.new()
hash.update(password)
key = hash.digest()[:16]
iv = hash.digest()[16:]
server_key_file = 'TGS/key_fs_' + str(
getFileServerNo(fileserver)) + '.txt'
f = open(server_key_file, 'r')
server_key_encrypted = bd(f.readline())
server_key = aes_cbc_dec(key, iv, server_key_encrypted)
f.close()
f = open('TGS/key_tgs.txt', 'r')
key_tgs_encrypted = bd(f.readline())
key_tgs = aes_cbc_dec(key, iv, key_tgs_encrypted)
f.close()
print('key_tgs: ' + be(key_tgs))
print('server_key: ' + be(server_key))
key_c_v = be(rndfile.read(16))
print('key_c_v: ' + key_c_v)
ticket_tgs_msg = remove_padding(aes_ecb_dec(key_tgs, bd(ticket_tgs)))
print(ticket_tgs_msg)
ticket_tgs_msg_split = ticket_tgs_msg.split(' ')
key_c_tgs = bd(ticket_tgs_msg_split[0])
userid = ticket_tgs_msg_split[1]
useraddr = ticket_tgs_msg_split[2]
T = (ticket_tgs_msg_split[3])
auth_c_msg = remove_padding(aes_ecb_dec(key_c_tgs, bd(auth_c)))
print(auth_c_msg)
auth_c_msg_split = auth_c_msg.split(' ')
userid_ = auth_c_msg_split[0]
TS1_ = auth_c_msg_split[1]
if (TS1_ != TS1 or userid != userid_ or useraddr != str(addr[0])
or float(T) > float(TS1)):
c.send('ERROR')
else:
f = open('TGS/key_user_' + getUserNo(userid) + '_tgs.txt', 'w')
f.write(be(key_c_tgs))
f.close()
ticket_v_msg = key_c_v + ' ' + userid + ' ' + TS1
ticket_v = aes_ecb_enc(server_key, add_padding(ticket_v_msg))
k_c_tgs_msg = key_c_v + ' ' + TS1 + ' ' + Nonce_ + ' ' + fileserver
e_k_c_tgs = aes_ecb_enc(key_c_tgs, add_padding(k_c_tgs_msg))
print('k_c_tgs_msg: ' + k_c_tgs_msg)
msg = userid + ' ' + be(ticket_v) + ' ' + be(e_k_c_tgs)
print(remove_padding(aes_ecb_dec(key_c_tgs, e_k_c_tgs)))
c.send(msg)
c.close()
def encryption(msg, key): return be(XOR(msg, KEY))
def main():
s = socket.socket()
print "Socket successfully created"
port = 8680 + id
# print(port)
s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
s.bind(('', port))
print "socket binded to %s" % (port)
s.listen(5)
print "socket is listening"
while True:
c, addr = s.accept()
print 'Got connection from', addr
data = c.recv(3000)
# print(data)
data_split = data.split(' ')
# print(data_split)
option = data_split[0]
fileserver = 'FS' + str(id)
if (option == 'AUTH'):
ticket_v = data_split[1]
auth_v = data_split[2]
server_key_file = fileserver + '/key.txt'
f = open(server_key_file, 'r')
server_key = bd(f.readline())
f.close()
print('server_key: ' + be(server_key))
ticket_v_msg = remove_padding(aes_ecb_dec(server_key,
bd(ticket_v)))
ticket_v_msg_split = ticket_v_msg.split()
key_c_v = bd(ticket_v_msg_split[0])
userid = ticket_v_msg_split[1]
TS1 = ticket_v_msg_split[2]
auth_v_msg = remove_padding(aes_ecb_dec(key_c_v, bd(auth_v)))
auth_v_msg_split = auth_v_msg.split()
userid_ = auth_v_msg_split[0]
fileserver_ = auth_v_msg_split[1]
TS2 = auth_v_msg_split[2]
if (userid != userid_ or fileserver_ != fileserver
or float(TS1) > float(TS2)):
c.send('ERROR')
else:
f = open(
fileserver + '/key_user_' + str(getUserNo(userid)) +
'_fs_' + str(getFileServerNo(fileserver)) + '.txt', 'w')
f.write(ticket_v_msg_split[0])
f.close()
msg = be(aes_ecb_enc(key_c_v, add_padding(TS2)))
c.send(msg)
else:
userid = data_split[1]
filename = data_split[2]
f = open(
fileserver + '/key_user_' + str(getUserNo(userid)) + '_fs_' +
str(getFileServerNo(fileserver)) + '.txt', 'r')
key_c_v = bd(f.readline())
f.close()
if (option == 'PUT'):
filetext_encoded = data_split[3]
filetext = remove_padding(
aes_ecb_dec(key_c_v, bd(filetext_encoded)))
# print(filetext)
filename_enc = filename + '.enc'
f = open(fileserver + '/' + userid + '/' + filename_enc, 'w')
f.write(filetext_encoded)
f.close()
f = open(fileserver + '/' + userid + '/' + filename, 'w')
f.write(filetext)
f.close()
elif (option == 'GET'):
filepath = fileserver + '/' + userid + '/' + filename
if (os.path.exists(filepath)):
f = open(filepath, 'r')
filetext = ''
for ln in f.readlines():
filetext += ln
filetext_encoded = be(
aes_ecb_enc(key_c_v, add_padding(filetext)))
c.send(filetext_encoded)
else:
c.send('NONE')
c.close()
def main():
while True:
comm = raw_input("ker5>")
if(comm == 'exit'):
os.system("ps > temp.txt")
process = getPythonProcesses()
# print(process)
process.remove(currProcID)
# print(process)
for id in process:
os.system("kill " + str(id))
os.system("rm temp.txt")
os.system("rm dump.txt")
exit()
else:
comm_split = comm.split()
# print(comm_split)
rndfile = Random.new()
if(len(comm_split) < 4):
print('Error in command!\nChoose again....')
continue
user = comm_split[1]
fileserver = comm_split[2]
filename = comm_split[3]
if(comm_split[0] == 'get' or comm_split[0] == 'put'):
flag = 0
flag_ = 0
# print('get/put')
if(int(getFileServerNo(fileserver)) not in fs_list):
print('File server not specified in command line! Try again..')
continue
fname = 'key_user_' + str(getUserNo(user)) + '_fs_' + str(getFileServerNo(fileserver)) + '.txt'
fpath = user + '/' + fname
if(os.path.exists(fpath)):
flag = 1
t1=(time.time())
t2=(os.path.getmtime(fpath))
# print('file exists')
# print(t1-t2)
if(t1-t2 > 180):
# print('Kc,v Expired')
flag = 0
fname_ = 'key_user_' + str(getUserNo(user)) + '_tgs.txt'
fpath_ = user + '/' + fname_
if(os.path.exists(fpath_)):
flag_ = 1
t1_ = (time.time())
t2_ = (os.path.getmtime(fpath_))
if(t1_ - t2_ > 180):
# print('Kc,tgs Expired')
flag_ = 0
if(flag == 0 and flag_ == 0):
# Establish Kc,tgs
s = socket.socket()
port = getASPort()
s.connect(('127.0.0.1', port))
T = str(time.time())
Nonce = be(rndfile.read(16))
s.send(user + ' ' + T + ' ' + Nonce)
# print s.recv(1024)
f = open(user + '/key.txt')
kc = bd(f.readline())
f.close()
as_msg = s.recv(1024)
as_msg_split = as_msg.split(' ')
userid = as_msg_split[0]
ticket_tgs = as_msg_split[1]
ekc_enc = bd(as_msg_split[2])
ekc_msg = remove_padding(aes_ecb_dec(kc,ekc_enc))
ekc_msg_split = ekc_msg.split(' ')
# print(ekc_msg_split[0])
if(userid == user and T == ekc_msg_split[1] and Nonce == ekc_msg_split[2]):
f = open(user + '/key_user_' + str(getUserNo(user)) + '_tgs.txt','w')
f.write(ekc_msg_split[0] + ' ' + ticket_tgs)
f.close()
else:
print('Error in AS')
s.close()
continue
s.close()
if(flag == 0):
# Establish Kc,v
f = open(user + '/key_user_' + str(getUserNo(user)) + '_tgs.txt','r')
tmp = f.readline().split(' ')
key_c_tgs = bd(tmp[0])
ticket_tgs = tmp[1]
f.close()
s = socket.socket()
port = getTGSPort()
s.connect(('127.0.0.1', port))
Nonce_ = be(rndfile.read(16))
TS1 = str(time.time())
auth_msg = user + ' ' + TS1
auth_c = aes_ecb_enc(key_c_tgs,add_padding(auth_msg))
tgs_msg = fileserver + ' ' + TS1 + ' ' + Nonce_ + ' ' + ticket_tgs + ' ' + be(auth_c)
s.send(tgs_msg)
tgs_recv_msg = s.recv(2000)
# print(tgs_recv_msg)
if(tgs_recv_msg == 'ERROR'):
print('TGS Authentication failed.. Try again')
s.close()
continue
tgs_recv_msg_split = tgs_recv_msg.split(' ')
userid = tgs_recv_msg_split[0]
ticket_v = tgs_recv_msg_split[1]
e_k_c_tgs_enc = bd(tgs_recv_msg_split[2])
e_k_c_tgs_msg = remove_padding(aes_ecb_dec(key_c_tgs,e_k_c_tgs_enc))
e_k_c_tgs_split = e_k_c_tgs_msg.split(' ')
key_c_v = e_k_c_tgs_split[0]
TS1_ = e_k_c_tgs_split[1]
Nonce_tgs = e_k_c_tgs_split[2]
fileserver_ = e_k_c_tgs_split[3]
if(userid == user and TS1 == TS1_ and Nonce_ == Nonce_tgs and fileserver == fileserver_):
f = open(user + '/key_user_' + str(getUserNo(user)) + '_fs_' + str(getFileServerNo(fileserver)) + '.txt','w')
f.write(key_c_v)
f.close()
else:
print('Error in TGS')
s.close()
continue
s.close()
# Now need to exchange Kc,v with server
s = socket.socket()
port = getFSPort(fileserver)
s.connect(('127.0.0.1', port))
TS2 = str(time.time())
auth_msg = user + ' ' + fileserver + ' ' + TS2
auth_v = aes_ecb_enc(bd(key_c_v),add_padding(auth_msg))
tgs_msg = 'AUTH ' + ticket_v + ' ' + be(auth_v)
s.send(tgs_msg)
server_recv_msg = s.recv(1024)
if(server_recv_msg == 'ERROR'):
print('FS Authentication Failed.. Try again')
s.close()
continue
TS2_ = remove_padding(aes_ecb_dec(bd(key_c_v),bd(server_recv_msg)))
# print(TS2, TS2_)
if(TS2 != str(TS2_)):
print('Error in FS')
s.close()
continue
s.close()
# Now we can exchange the file
f = open(user + '/key_user_' + str(getUserNo(user)) + '_fs_' + str(getFileServerNo(fileserver)) +'.txt','r')
key_c_v = bd(f.readline())
f.close()
if(comm_split[0] == 'put'):
filepath = user + '/' + filename
if(os.path.exists(filepath)):
f = open(filepath,'r')
filetext = ''
for ln in f.readlines():
filetext += ln
f.close()
filetext_encoded = be(aes_ecb_enc(key_c_v,add_padding(filetext)))
s = socket.socket()
port = getFSPort(fileserver)
s.connect(('127.0.0.1', port))
s.send('PUT ' + user + ' ' + filename + ' ' + filetext_encoded)
s.close()
else:
print('Specified file does not exist.. Try again')
continue
else:
s = socket.socket()
port = getFSPort(fileserver)
s.connect(('127.0.0.1', port))
s.send('GET ' + user + ' ' + filename)
filetext_encoded = str(s.recv(3000))
if(filetext_encoded == 'NONE'):
print('Specified file does not exist.. Try again')
s.close()
continue
filepath = user + '/' + filename
filetext = remove_padding(aes_ecb_dec(key_c_v,bd(filetext_encoded)))
f = open(filepath, 'w')
f.write(filetext)
f.close()
f = open(filepath + '.enc', 'w')
f.write(filetext_encoded)
f.close()
s.close()
else:
print('Error in command!\nChoose again....')
continue
def encrypt_it(payload) -> str:
notify("notify", "Encrypting Data Before Writing On File...", "")
payload = be(payload.encode("UTF-8")).decode("UTF-8")
notify("report",
"Encrypting Data Before Writing On File...Done", "\n", True)
return DECODE_STUB.format(payload)
