Created
July 19, 2020 19:04
-
-
Save Flangvik/c3bac2a7626c88648c67730343f268d2 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Collections.Generic; | |
| using System.Diagnostics; | |
| using System.Linq; | |
| using System.Text; | |
| namespace XORBruteForce | |
| { | |
| class Program | |
| { | |
| //https://stackoverflow.com/questions/1344221/how-can-i-generate-random-alphanumeric-strings | |
| private static Random random = new Random(); | |
| public static string RandomKey(int length) | |
| { | |
| const string chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"; | |
| return new string(Enumerable.Repeat(chars, length) | |
| .Select(s => s[random.Next(s.Length)]).ToArray()); | |
| } | |
| private static byte[] xorEncDec(byte[] input, string theKeystring) | |
| { | |
| byte[] theKey = Encoding.UTF8.GetBytes(theKeystring); | |
| byte[] mixed = new byte[input.Length]; | |
| for (int i = 0; i < input.Length; i++) | |
| { | |
| mixed[i] = (byte)(input[i] ^ theKey[i % theKey.Length]); | |
| } | |
| return mixed; | |
| } | |
| //https://stackoverflow.com/questions/11454004/calculate-a-md5-hash-from-a-string | |
| public static string CreateMD5(string input) | |
| { | |
| // Use input string to calculate MD5 hash | |
| using (System.Security.Cryptography.MD5 md5 = System.Security.Cryptography.MD5.Create()) | |
| { | |
| byte[] inputBytes = System.Text.Encoding.ASCII.GetBytes(input); | |
| byte[] hashBytes = md5.ComputeHash(inputBytes); | |
| // Convert the byte array to hexadecimal string | |
| StringBuilder sb = new StringBuilder(); | |
| for (int i = 0; i < hashBytes.Length; i++) | |
| { | |
| sb.Append(hashBytes[i].ToString("X2")); | |
| } | |
| return sb.ToString(); | |
| } | |
| } | |
| static void Main(string[] args) | |
| { | |
| //How long do we want to key to be? This will ofc effect decrypt time / CPU usage over time | |
| int keyLength = 4; | |
| //Declare some data, this could be shellcode | |
| var orgData = DateTime.UtcNow.ToString(); | |
| //Create a hash of the org data | |
| var orgHash = CreateMD5(orgData); | |
| //Generate a key | |
| var orgKey = RandomKey(keyLength); | |
| //Encrypt the data | |
| var encryptedData = xorEncDec(Encoding.UTF8.GetBytes(orgData), orgKey); | |
| Console.WriteLine($"[+] Encrypted data with key {orgKey}, Hash -> {orgHash}"); | |
| // Create new stopwatch. | |
| Stopwatch stopwatch = new Stopwatch(); | |
| // Begin timing. | |
| stopwatch.Start(); | |
| int crackAttempts = 0; | |
| bool cracked = false; | |
| while (!cracked) | |
| { | |
| //Generate a random key | |
| var runKey = RandomKey(keyLength); | |
| //Attempt Decrypt | |
| var outPut = xorEncDec(encryptedData, runKey); | |
| //Compare the hashes, does it match? | |
| if (CreateMD5(Encoding.UTF8.GetString(outPut)).Equals(orgHash)) | |
| { | |
| //Of so, let's stop | |
| Console.WriteLine($"[+] Found it at attempt {crackAttempts} , key -> {runKey}, result-> {Encoding.UTF8.GetString(outPut)}"); | |
| cracked = true; | |
| } | |
| crackAttempts++; | |
| } | |
| // Stop timing. | |
| stopwatch.Stop(); | |
| // Write result. | |
| Console.WriteLine("[+] Time elapsed: {0} seconds", stopwatch.Elapsed.TotalSeconds); | |
| Console.ReadLine(); | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment