Created
October 3, 2016 00:29
-
-
Save CreateRemoteThread/6edd5d9779ec0d4269faf1972537cf82 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
import os, binascii, struct | |
import socket | |
from Crypto.Cipher import AES | |
import sys | |
s = socket.socket(socket.AF_INET,socket.SOCK_STREAM) | |
s.connect( ("104.198.243.170",2501) ) | |
target = binascii.unhexlify(s.recv(33).rstrip().decode()) | |
# sys.exit(0) | |
pad = lambda m: m + bytes([16 - len(m) % 16] * (16 - len(m) % 16)) | |
def haggis(m): | |
crypt0r = AES.new(bytes(0x10), AES.MODE_CBC, bytes(0x10)) | |
# print(len(m).to_bytes(0x10, 'big') + pad(m)) | |
return crypt0r.encrypt(len(m).to_bytes(0x10, 'big') + pad(m))[-0x10:] | |
def haggis_without_padding(m,missing_len): | |
crypt0r = AES.new(bytes(0x10), AES.MODE_CBC, bytes(0x10)) | |
return crypt0r.encrypt(int(len(m) + missing_len).to_bytes(0x10, 'big') + m)[-0x10:] | |
def dehaggis(mc): | |
crypt0r = AES.new(bytes(0x10), AES.MODE_CBC, bytes([0] * 16)) | |
return crypt0r.decrypt(mc) | |
# target = os.urandom(0x10) | |
print("TARGET:" + binascii.hexlify(target).decode()) | |
# okay, next block is 'ours' | |
msg = b'I solemnly swear that I am up to no good.\0' + (b'\x00' * 6) | |
pbase = haggis_without_padding(msg,16) | |
print("PBASE :" + binascii.hexlify(pbase).decode() + " (static text - no choice here)") | |
# [ PADDING ] | |
# [ MESSAGE ] | |
# [PREVCHUNK] | |
# [LASTCHUNK] | |
test_lastchunk_iv = bytes(dehaggis(target)) | |
test_lastchunk_dt = b'' | |
while len(test_lastchunk_iv) != 0x10: | |
test_lastchunk_iv += bytes([0]) | |
for i in range(0,0x10): | |
test_lastchunk_dt += bytes([test_lastchunk_iv[i] ^ 0x10]) | |
print("LASTCHUNK : " + binascii.hexlify(test_lastchunk_dt).decode() + " (second last chunk... almost there!)") | |
test_prevchunk_iv = bytes(dehaggis(test_lastchunk_dt)) | |
test_prevchunk_dt = b'' | |
while len(test_prevchunk_iv) != 0x10: | |
test_prevchunk_iv += bytes([0]) | |
for i in range(0,0x10): | |
test_prevchunk_dt += bytes([test_prevchunk_iv[i] ^ pbase[i]]) | |
print("GO! :" + binascii.hexlify(haggis(msg + test_prevchunk_dt)).decode()) | |
s.send(binascii.hexlify(msg + test_prevchunk_dt) + b'\n') | |
print(s.recv(100)) | |
sys.exit(0) | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment