Skip to content

Instantly share code, notes, and snippets.

@HoLyVieR
Created Mar 1, 2016
Embed
What would you like to do?
#!/usr/bin/env python
from hashlib import md5
import SocketServer,threading,os
msg = """/------------------------------------------------------------------------------\\
| Welcome to the betting parlor! |
| |
| We implement State of the Art cryptography to give you the fairest and most |
| exciting betting experience! |
| |
| Here's how it works: we both pick a nonce, you tell us odds, and you give us |
| some money. |
| If md5(our number + your number) % odds == 0, you win bet amount*odds. |
| Otherwise, we get your money! We're even so nice, we gave you $1000 to start.|
| |
| If you don't trust us, we will generate a new nonce, and reveal the old nonce|
| to you, so you can verify all of our results! |
| |
| (Oh, and if you win a billion dollars, we'll give you a flag.) |
\______________________________________________________________________________/
"""
options = """
====================
1) set your odds
2) set your bet
3) play a round
4) get balance
5) reveal nonce
6) quit
====================
"""
FLAG = open("flag", "rb").read()
def getn(s):
try:
return int(s.recv(1024))
except:
return 0
class threadedserver(SocketServer.ThreadingMixIn, SocketServer.TCPServer):
pass
class incoming(SocketServer.BaseRequestHandler):
def handle(self):
cur_thread = threading.current_thread()
self.nonce = os.urandom(16)
self.user_nonces = []
self.monies = 1000
self.bet = 1
self.odds = 1
self.request.send(msg)
while True:
if self.monies >= 100000000000:
self.request.send("Holy shit you have a lot of money. Here's a key: " + FLAG + "\n")
self.request.send(options)
m = getn(self.request)
if m == 1:
self.request.send("Please pick odds (as a power of 2 between 1 and 112): ")
self.odds = min(max(getn(self.request),1),112)
self.request.send("Odds set to 2^%d, good luck!"%self.odds)
elif m == 2:
self.request.send("Please pick your bet amount (between 0 and %d): "%self.monies)
self.bet = min(max(0,getn(self.request)),self.monies)
self.request.send("Alright, bet amount set to $%d, good luck!"%self.bet)
elif m == 3:
self.request.send("Okay, send us a nonce for this round!\n")
self.user_nonces.append(self.request.recv(1024))
if self.user_nonces[-1] in self.user_nonces[:-1]:
self.request.send("What part of NONCE don't you understand, asshole?\n")
return 0
self.bet = min(self.bet,self.monies)
self.monies -= self.bet
self.request.send("Betting $%d at odds of 2^%d"%(self.bet,self.odds))
result = int(md5(self.nonce + self.user_nonces[-1]).hexdigest(),16)&((2<<(self.odds-1))-1)
if result == 0:
self.request.send("\nWow! You won, congratulations!")
self.monies += self.bet*(2<<(self.odds-1))
else:
self.request.send("\nToo bad, we generated %d, not 0... better luck next time!"%result)
elif m == 4:
self.request.send("Your current balance is $%d"%self.monies)
elif m == 5:
self.request.send("What? You think we're cheaters? Fine, the nonce has been "+
self.nonce.encode("hex")+"\n")
self.request.send("Who is the cheater now, huh?")
self.nonce = os.urandom(16)
self.user_nonces = []
elif m == 6:
return 0
SocketServer.TCPServer.allow_reuse_address = True
server = threadedserver(("0.0.0.0", 4321), incoming)
server.timeout = 4
server_thread = threading.Thread(target=server.serve_forever)
server_thread.daemon = False
server_thread.start()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment