Skip to content

Instantly share code, notes, and snippets.

@DavidBuchanan314

DavidBuchanan314/get_health.py

Last active June 15, 2024 18:56
Show Gist options
  • Save DavidBuchanan314/b6c9102c327f2ba42a3ed374e6ede90f to your computer and use it in GitHub Desktop.
Save DavidBuchanan314/b6c9102c327f2ba42a3ed374e6ede90f to your computer and use it in GitHub Desktop.
Download ZIP
Raw
get_health.py
import base64
import time
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import padding
import ctypes
libc = ctypes.CDLL("libc.so.6") # glibc needed
OS_VERSION = "rabbit_OS_v0.8.99_20240606175556"
HEALTH_PUBKEY = b"""-----BEGIN RSA PUBLIC KEY-----
MIIBigKCAYEAqLNRPcujKw1elkNJc+10o37YVbb7OjYa4Cv2pG2BzfSV3Ev7LMva
A2w0PAy25DhQU2NI7RU2a51OvTz0DsXM69oakuN0oSrKa9Eit2GPnX89H702MXGX
iRDZWEufAx67AaxK9d80Bajh2Abn06Bwaz9Z4D8vMxUOGsYkVKMW0LrmnW4984XI
UqT3+lOiEijBamodU/mORTeuxc5cdan00fq8qTOYuGFuKlPJSI3EExFHP3ONHD6z
44+PxXmhw532uAiNnT74yKXBoVYU19b8AAWLiSKyjf1eeus7dTobPKcpMemlJgxH
tVHtaSgnUugQ0a3XvmTVQpSeytPw8bL+/3c5KXfjGxPchoEZi7d71wv/AufDiSXr
gaew1KfJZBsr8Somr03b8xsHRJruPT61iPceh9bTWscwnK3WmDpAxnjdPQiflt/m
KkPEETtKGx0X5kUImHnr1jhUdYKmEOHfwkXBKVc66hpn85WGJ7MPVyixIOpzScAY
nKjVsP4ma6iFAgMBAAE=
-----END RSA PUBLIC KEY-----"""
pubkey = serialization.load_pem_public_key(HEALTH_PUBKEY)
RSA_PKCS1_OAEP_PADDING = padding.OAEP(
mgf=padding.MGF1(algorithm=hashes.SHA1()),
algorithm=hashes.SHA1(),
label=None
)
def getHealthRand(seed=None):
libc.srand(seed if seed is not None else libc.time(0))
while True:
x = libc.rand() % 100 # rand() is always positive so we don't need to worry about % operator discrepancies
if x >= 10:
return x &~1 # round down to nearest even int, for some reason
def getHealth():
now = time.time()
gmt = time.gmtime(now)
millis = int((now * 1_000_000) // 1000) % 1000
timestamp = f"{gmt.tm_year:04d}{gmt.tm_mon:02d}{gmt.tm_mday:02d}{gmt.tm_hour:02d}{gmt.tm_min:02d}{gmt.tm_sec:02d}{millis:03d}"
msg = f"{OS_VERSION},{timestamp},{getHealthRand(int(now))}"
print("Device-Health:", msg)
ciphertext = pubkey.encrypt(msg.encode(), RSA_PKCS1_OAEP_PADDING)
return base64.b64encode(ciphertext).decode()
if __name__ == "__main__":
print(getHealth())
@DavidBuchanan314
Copy link
Author

DavidBuchanan314 commented Jun 15, 2024
edited
Loading

pure-python glibc rand reimpl:

from typing import List

class GnuRand:
    r: List[int] # length 344
    n: int

    def __init__(self, seed: int) -> None: # srand() equivalent
        if seed == 0:
            seed = 1
        r = [seed]
        for i in range(1, 31):
            r.append((16807 * r[i - 1]) % 0x7fff_ffff)
        for i in range(31, 34):
            r.append(r[i - 31])
        for i in range(34, 344):
            r.append((r[i - 31] + r[i - 3]) & 0xffff_ffff)
        
        self.r = r
        self.n = 0
    
    def rand(self) -> int:
        x = (self.r[(self.n + 313) % 344] + self.r[(self.n + 341) % 344]) & 0xffff_ffff
        self.r[self.n % 344] = x
        self.n = (self.n + 1) % 344
        return x >> 1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment