Last active
January 17, 2022 03:46
-
-
Save DavidBuchanan314/ad74af223423ded3bbba4628560c0fe2 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdint.h> | |
| #include <math.h> | |
| #include <string.h> | |
| // charset is [a-z0-9\n\-] | |
| // scancodes from https://stackoverflow.com/a/61192565 | |
| static const uint8_t CHARSET[] = {30, 48, 46, 32, 18, 33, 34, 35, 23, 36, 37, 38, 50, 49, 24, 25, 16, 19, 31, 20, 22, 47, 17, 45, 21, 44, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 28, 12}; | |
| // extracted from the floppy image | |
| static const uint8_t INPUT[] = {85, 101, 153, 197, 162, 16, 172, 23, 129, 102, 209, 22, 194, 33, 213, 100, 30, 76, 4, 147, 87, 103, 85, 41, 136, 88, 200, 115, 230, 13, 74, 173, 74, 78, 192, 247, 242, 202, 214, 170, 54, 229, 93, 174, 155, 93, 30, 128, 76, 128, 98, 247, 67, 226, 54, 115, 34, 135, 70, 194, 72, 223, 28, 41, 224, 138, 65, 176, 231, 126, 10, 165, 60, 104, 234, 160, 124, 158, 117, 100, 159, 46, 209, 113, 156, 236, 206, 109, 132, 202, 236, 179, 191, 155, 51, 193, 249, 8, 52, 135, 117, 121, 138, 197, 94, 73, 254, 231, 132, 72, 156, 215, 10, 174, 199, 31, 241, 36, 250, 70, 251, 152, 175, 254, 141, 184, 17, 95, 134, 203, 153, 91, 215, 153, 178, 150, 184, 106, 196, 158, 172, 60, 31, 189, 220, 120, 103, 115, 56, 172, 177, 242, 73, 245, 126, 121, 157, 144, 141, 179, 38, 65, 1, 81, 29, 22, 60, 133, 231, 182, 113, 173, 172, 115, 69, 244, 131, 20, 112, 56, 60, 17, 65, 237, 100, 128, 102, 197, 11, 109, 70, 96, 26, 253, 218, 82, 145, 30, 214, 244, 9, 127, 226, 102, 231, 167, 204, 255, 131, 215, 214, 109, 251, 208, 159, 140, 107, 63, 31, 242, 142, 215, 35, 155, 209, 76, 234, 161, 187, 50, 60, 133, 206, 205, 97, 235, 166, 253, 13, 66, 108, 209, 128, 252, 251, 132, 18, 197, 52, 156, 70, 236, 63, 193, 189, 116, 136, 231, 120, 92, 72, 104, 41, 46, 52, 76, 232, 208, 177, 207, 98, 154, 43, 168, 211, 250, 118, 41, 43, 225, 15, 49, 199, 76, 179, 172, 132, 69, 106, 244, 110, 21, 198, 201, 91, 130, 210, 165, 224, 156, 128, 10, 219, 133, 48, 140, 207, 48, 169, 57, 136, 179, 194, 222, 143, 157, 51, 22, 166, 44, 49, 103, 24, 199, 209, 22, 199, 83, 114, 78, 204, 44, 172, 27, 134, 249, 16, 161, 182, 89, 154, 182, 182, 174, 251, 123, 21, 5, 46, 228, 237, 157, 238, 204, 183, 93, 241, 60, 41, 199, 140, 31, 114, 86, 184, 59, 247, 115, 139, 202, 235, 9, 125, 50, 17, 35, 36, 244, 95, 123, 160, 48, 255, 238, 59, 132, 196, 232, 24, 238, 198, 149, 51, 60, 217, 68, 207, 162, 182, 37, 32, 165, 58, 61, 146, 139, 90, 102, 199, 254, 12, 90, 28, 187, 175, 201, 34, 192, 6, 44, 47, 128, 167, 89, 33, 89, 108, 246, 108, 226, 22, 151, 177, 93, 182, 55, 111, 180, 141, 194, 23, 34, 249, 4, 116, 142, 47, 10, 110, 130, 188, 7, 218, 24, 230, 91, 233, 40, 84, 195, 48, 166, 129, 98, 233, 175, 25, 56, 91, 218, 17, 126, 180, 166, 42, 92, 243, 180, 104, 188, 81, 103, 21, 185, 26, 123, 15, 155, 99, 162, 61, 27, 156, 191, 100, 183, 33, 49, 213, 62, 159, 159, 41, 65, 116, 50, 65, 226, 96, 235, 14, 181, 178, 140, 42, 97, 214, 76, 227, 222, 204, 55, 96, 137, 129, 85, 208, 62, 196, 145, 205, 198, 98, 61, 92, 7, 14, 83, 135, 232, 222, 90, 89, 236, 160, 175, 1, 66, 108, 240, 226, 233, 227, 149, 4, 213, 179, 26, 135, 92, 57, 174, 10, 58, 93, 100, 54, 156, 190, 4, 228, 126, 244, 175, 251, 63, 212, 252, 82, 232, 223, 44, 125, 56, 255, 75, 141, 171, 14, 87, 68, 36, 132, 158, 147, 200, 216, 212, 233, 126, 43, 162, 133, 129, 124, 201, 98, 162, 202, 185, 133, 250, 239, 128, 153, 137, 30, 107, 138, 112, 235, 155, 63, 137, 15, 6, 104, 145, 57, 207, 210, 206, 193, 207, 113, 249, 179, 137, 135, 85, 0, 43, 155, 248, 76, 54, 236, 248, 180, 157, 9, 172, 152, 229, 127, 79, 54, 204, 133, 255, 94, 155, 188, 32, 162, 148, 245, 216, 62, 126, 215, 165, 247, 167, 195, 255, 207, 171, 234, 63, 66, 189, 187, 214, 5, 25, 151, 218, 119, 191, 51, 142, 16, 45, 27, 227, 54, 180, 140, 141, 98, 105, 247, 223, 10, 3, 31, 129, 163, 157, 14, 87, 148, 106, 219, 95, 100, 141, 136, 166, 45, 119, 111, 214, 137, 229, 122, 209, 97, 175, 78, 79, 107, 67, 216, 188, 161, 86, 74, 101, 41, 250, 111, 128, 220, 162, 19, 9, 62, 16, 35, 27, 16, 154, 11, 144, 235, 60, 75, 74, 232, 126, 249, 3, 109, 7, 2, 170, 97, 106, 101, 122, 210, 95, 93, 252, 138, 40, 22, 222, 243, 89, 10, 42, 166, 236, 251, 84, 249, 84, 22, 135, 88, 220, 249, 62, 174, 87, 21, 42, 214, 233, 250, 54, 116, 173, 79, 156, 249, 160, 72, 91, 44, 191, 231, 218, 227, 243, 207, 45, 104, 188, 174, 105, 213, 37, 153, 234, 0, 248, 249, 199, 23, 21, 77, 253, 112, 48, 108, 182, 46, 155, 187, 53, 228, 105, 97, 35, 76, 74, 250, 41, 58, 42, 36, 204, 204, 130, 45, 48, 32, 55, 107, 145, 143, 139, 84, 112, 51, 252, 240, 40, 136, 239, 243, 252, 42, 209, 169, 91, 114, 186, 9, 140, 96, 118, 6, 166, 154, 241, 199, 152, 242, 75, 17, 89, 82, 247, 85, 93, 61, 134, 21, 192, 57, 213, 125, 234, 6, 150, 112, 106, 85, 222, 10, 24, 52, 174, 64, 164, 58, 165, 189, 28, 52, 253, 17, 254, 188, 176, 101, 121, 84, 51, 171, 185, 216, 48, 100, 190, 36, 46, 119, 228, 215, 192, 35, 120, 119, 135, 190, 53, 195, 95, 54, 41, 148, 96, 57, 219, 118, 236, 94, 151, 37, 93, 165, 140, 131, 59, 181, 178, 221, 106, 221, 2, 109, 99, 114, 205, 41, 169, 251, 62, 172, 73, 25, 58, 23, 240, 139, 145, 155, 24, 202, 212, 52, 166, 253, 155, 225, 208, 206, 241, 57, 194, 209, 242, 17, 29, 143, 174, 246, 191, 188, 138, 154, 59, 131, 165, 37, 206, 118, 164, 68, 32, 237, 165, 135, 51, 149, 50, 22, 51, 53, 58, 110, 179, 134, 228, 18, 174, 201, 179, 99, 133, 115, 154, 146, 116, 38, 204, 73, 245, 38, 254, 83, 189, 68, 84, 43, 45, 222, 236, 8, 152, 62, 13, 24, 80, 202, 156, 58, 97, 253, 57, 249, 74, 60, 199, 99, 92, 98, 77, 123, 12, 52, 146, 249, 178, 144, 191, 146, 114, 2, 107, 89, 83, 235, 121, 139, 43, 184, 45, 212, 47, 92, 223, 197, 141, 156, 128, 16, 173, 202, 91, 24, 106, 192, 196, 29, 233, 149, 105, 240, 5, 131, 116, 2, 78, 39, 9, 232, 81, 236, 190, 190, 193, 61, 37, 217, 1, 177, 155, 86, 225, 178, 240, 223, 3, 199, 46, 115, 180, 82, 72, 17, 115, 239, 142, 94, 18, 23, 226, 202, 191, 225, 48, 98, 253, 42, 201, 144, 145, 13, 128, 134, 61, 230, 102, 119, 187, 35, 232, 230, 184, 240, 6, 21, 209, 133, 231, 108, 206, 152, 210, 99, 247, 169, 225, 209, 39, 251, 174, 148, 204, 62, 82, 47, 239, 224, 177, 152, 115, 255, 97, 29, 53, 34, 139, 162, 47, 160, 79, 49, 246, 83, 225, 112, 105, 90, 94, 191, 113, 180, 196, 226, 241, 131, 87, 198, 32, 167, 43, 135, 232, 0, 164, 31, 41, 19, 26, 230, 119, 175, 169, 153, 160, 244, 62, 202, 159, 164, 172, 157, 137, 181, 242, 11, 102, 94, 76, 89, 51, 209, 224, 146, 121, 183, 228, 243, 17, 124, 124, 231, 236, 205, 74, 181, 159, 214, 26, 227, 169, 66, 156, 167, 102, 205, 88, 188, 46, 54, 140, 78, 57, 138, 54, 138, 95, 237, 192, 153, 234, 132, 31, 221, 185, 243, 232, 166, 115, 42, 14, 241, 14, 69, 197, 40, 132, 145, 186, 67, 125, 78, 250, 50, 154, 230, 86, 151, 238, 55, 90, 40, 151, 236, 4, 194, 30, 102, 38, 223, 192, 38, 9, 246, 155, 69, 213, 45, 226, 143, 226, 42, 183, 209, 155, 46, 179, 9, 85, 47, 108, 28, 226, 53, 6, 144, 99, 56, 156, 50, 40, 60, 137, 81, 192, 249, 147, 162, 113, 21, 128, 7, 156, 29, 152, 215, 203, 128, 8, 143, 233, 77, 175, 64, 228, 49, 97, 207, 118, 57, 27, 56, 116, 80, 228, 51, 125, 82, 212, 168, 36, 122, 151, 103, 1, 76, 234, 138, 217, 74, 232, 98, 149, 253, 210, 64, 93, 185, 23, 145, 252, 91, 29, 201, 101, 144, 129, 103, 3, 204, 73, 175, 14, 190, 180, 200, 90, 199, 177, 72, 37, 67, 32, 178, 13, 12, 34, 20, 177, 49, 214, 157, 216, 112, 248, 13, 185, 56, 91, 95, 66, 111, 90, 122, 54, 101, 115, 84, 81, 247, 216, 212, 248, 224, 139, 211, 76, 196, 22, 140, 84, 55, 127, 156, 88, 106, 64, 81, 180, 174, 233, 65, 70, 36, 42, 191, 103, 157, 106, 231, 118, 32, 89, 65, 111, 216, 44, 209, 219, 137, 64, 140, 83, 39, 98, 203, 82, 108, 173, 150, 222, 206, 203, 81, 174, 71, 51, 228, 227, 19, 184, 255, 100, 70, 31, 145, 214, 59, 93, 19, 109, 140, 237, 154, 18, 238, 198, 121, 206, 204, 243, 126, 83, 113, 249, 40, 39, 57, 68, 124, 236, 219, 71, 6, 237, 161, 187, 137, 202, 150, 71, 176, 91, 186, 8, 86, 81, 71, 177, 48, 131, 107, 221, 12, 214, 142, 119, 248, 22, 152, 115, 180, 232, 99, 34, 103, 33, 32, 63, 112, 67, 69, 36, 82, 100, 247, 21, 8, 132, 83, 127, 51, 135, 93, 253, 201, 102, 93, 199, 75, 204, 69, 225, 249, 175, 79, 178, 237, 74, 205, 217, 188, 196, 74, 7, 101, 22, 150, 71, 64, 250, 182, 0, 215, 164, 166, 8, 30, 84, 7, 215, 193, 183, 175, 221, 12, 60, 74, 57, 241, 137, 153, 80, 142, 4, 158, 171, 139, 71, 47, 117, 191, 204, 214, 155, 222, 211, 12, 239, 229, 118, 55, 176, 158, 92, 27, 100, 164, 31, 13, 202, 255, 63, 28, 153, 150, 31, 119, 140, 116, 225, 66, 102, 118, 128, 253, 153, 82, 41, 84, 8, 69, 211, 32, 17, 61, 222, 91, 168, 195, 170, 156, 59, 144, 8, 132, 165, 187, 52, 3, 230, 143, 228, 105, 67, 145, 90, 100, 50, 241, 231, 9, 216, 58, 207, 251, 36, 49, 226, 183, 228, 221, 209, 203, 195, 68, 54, 89, 107, 110, 155, 0, 239, 93, 107, 151, 194, 150, 83}; | |
| static uint8_t OUTPUT[sizeof(INPUT)]; | |
| static uint8_t rc4_state[0x100]; | |
| static inline void rc4_swap(i, j) | |
| { | |
| uint8_t tmp = rc4_state[j]; | |
| rc4_state[j] = rc4_state[i]; | |
| rc4_state[i] = tmp; | |
| } | |
| static void rc4_init(uint8_t key[6]) | |
| { | |
| for (int i=0; i<0x100; i++) { | |
| rc4_state[i] = i; | |
| } | |
| uint8_t j = 0; | |
| for (int i=0; i<0x100; i++) { | |
| j += rc4_state[i] + key[i%6]; | |
| rc4_swap(i, j); | |
| } | |
| } | |
| #define CHECK_LEN 0x600 | |
| static void rc4_crypt() { | |
| uint8_t i = 0; | |
| uint8_t j = 0; | |
| for (int n=0; n<CHECK_LEN; n++) { | |
| i += 1; | |
| j += rc4_state[i]; | |
| rc4_swap(i, j); | |
| OUTPUT[n] = INPUT[n] ^ rc4_state[(rc4_state[i] + rc4_state[j]) & 0xff]; | |
| } | |
| } | |
| // check entropy of bytes 0x300-0x600 of the decrypted data | |
| // (i.e. skipping the palette, because I thought that might have high entropy anyway) | |
| static float checkentropy() { | |
| int counts[0x100]; | |
| memset(counts, 0, sizeof(counts)); | |
| for (int i=0x300; i<CHECK_LEN; i++) { | |
| counts[OUTPUT[i]]++; | |
| } | |
| float entropy = 0.0; | |
| for (int i=0; i<0x100; i++) { | |
| if (counts[i] == 0) continue; | |
| float p = (float)counts[i] / (float)0x300; | |
| entropy -= p * (logf(p)/logf(256.0)); | |
| } | |
| return entropy; | |
| } | |
| int main(int argc, char *argv[]) | |
| { | |
| printf("Hello\n"); | |
| uint8_t buf[6]; | |
| // do a test decrypt with key "abcdef", to double-check that my implementation works | |
| rc4_init((uint8_t[6]){30, 48, 46, 32, 18, 33}); | |
| rc4_crypt(); | |
| for (int i=0; i<0x10; i++) { | |
| printf("%02x", OUTPUT[i]); | |
| } | |
| printf("\n"); | |
| // CTF-quality code | |
| for (int i=0; i<sizeof(CHARSET); i++) { | |
| buf[0] = CHARSET[i]; | |
| for (int j=0; j<sizeof(CHARSET); j++) { | |
| printf("%u %u\n", i, j); | |
| buf[1] = CHARSET[j]; | |
| for (int k=0; k<sizeof(CHARSET); k++) { | |
| buf[2] = CHARSET[k]; | |
| for (int l=0; l<sizeof(CHARSET); l++) { | |
| buf[3] = CHARSET[l]; | |
| for (int m=0; m<sizeof(CHARSET); m++) { | |
| buf[4] = CHARSET[m]; | |
| for (int n=0; n<sizeof(CHARSET); n++) { | |
| buf[5] = CHARSET[n]; | |
| rc4_init(buf); | |
| rc4_crypt(); | |
| float e = checkentropy(); | |
| if (e < 0.9) { | |
| // this output needs to be converted back to ascii chars! | |
| printf("w00t! %f [%u %u %u %u %u %u]\n", e, i, j, k, l, m, n); | |
| } | |
| } | |
| } | |
| } | |
| } | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment