Serphentas

## CVE-2018-0101.rules
# IDS signatures for https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180129-asa1:
alert udp any any -> any 500 (msg:"FOX-SRT - Suspicious - Possible Fragmented Cisco IKE/isakmp Packet HeapSpray (CVE-2018-0101)"; flow:to_server; content:"|84|"; offset:16; depth:1; content:"|02 08 |"; distance:1; within:2; fast_pattern; byte_test:4,>,5000,4,relative; byte_test:2,>,5000,10,relative; byte_extract:4,36,fragment_match; byte_test:4,=,fragment_match,52,relative; byte_test:4,=,fragment_match,136,relative; byte_test:4,=,fragment_match,236,relative; threshold:type limit, track by_dst, count 1, seconds 600;  classtype:attempted-admin; sid:21002339; rev:4;)
alert udp any any -> any 500 (msg:"FOX-SRT - Exploit - Possible Shellcode in Cisco IKE/isakmp - tcp/CONNECT/"; content:"tcp/CONNECT/"; fast_pattern:only; threshold:type limit, track by_src, count 1, seconds 600; priority:1; classtype:attempted-admin; sid:21002340; rev:2;)

## scryptcollision.java
int period = (int) 1e4, size = (int) 1e5, period2int = (int) 1e7;
String[] arr = new String[size];

long tmp = System.nanoTime(), start = System.nanoTime(), gen
        = System.nanoTime();
for (int i = 0; i < arr.length; i++) {
    arr[i]
            = Hex.toHexString(SCrypt.generate("asd".getBytes("UTF-8"),
                    GPCrypto.randomGen(256), (int) Math.pow(2, 1), 1, 1, 32));
    if (i

## parallelscrypt.java
for (int i = 0; i < 2; i++) {
    new Thread(new ParallelScrypt(i)).start();
}

static class ParallelScrypt implements Runnable {

    private final int iter;

    public ParallelScrypt(int i) {
        this.iter = i;

## bc.java
Security.addProvider(new BouncyCastleProvider());
Cipher c = Cipher.getInstance("AES/CTR/NoPadding",new BouncyCastleProvider());
System.out.println(c.getProvider());
KeyGenerator kg = KeyGenerator.getInstance("AES");
c.init(Cipher.ENCRYPT_MODE, kg.generateKey());
System.out.println(c.update(new byte[20]).length); // output: 16
System.out.println(c.update(new byte[1]).length);  // null pointer exception

## saltcollision.java
int maxSalts = 1234567,
        saltBytes = 4;
long cnt1 = 0L,
        step0 = 1000000L,
        step1 = 1000000L;

System.out.println("Assigning array");
long time = System.nanoTime();
byte[][] test = new byte[maxSalts][saltBytes];
System.out.println("Done in " + (System.nanoTime() - time) / 1e9);

## recursivelisting.java
private static void print(File input) {
    System.out.println(input.getPath() + "/");
    for (File f : input.listFiles(File::isDirectory)) {
        print(f);
    }
    for (File f : input.listFiles(File::isFile)) {
        System.out.println(f.getPath());
    }
}

## scrypt.php
<?php

/**
 * This file contains an example helper classes for the php-scrypt extension.
 *
 * As with all cryptographic code; it is recommended that you use a tried and
 * tested library which uses this library; rather than rolling your own.
 *
 * PHP version 5
 *
	# IDS signatures for https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180129-asa1:
	alert udp any any -> any 500 (msg:"FOX-SRT - Suspicious - Possible Fragmented Cisco IKE/isakmp Packet HeapSpray (CVE-2018-0101)"; flow:to_server; content:"\|84\|"; offset:16; depth:1; content:"\|02 08 \|"; distance:1; within:2; fast_pattern; byte_test:4,>,5000,4,relative; byte_test:2,>,5000,10,relative; byte_extract:4,36,fragment_match; byte_test:4,=,fragment_match,52,relative; byte_test:4,=,fragment_match,136,relative; byte_test:4,=,fragment_match,236,relative; threshold:type limit, track by_dst, count 1, seconds 600; classtype:attempted-admin; sid:21002339; rev:4;)
	alert udp any any -> any 500 (msg:"FOX-SRT - Exploit - Possible Shellcode in Cisco IKE/isakmp - tcp/CONNECT/"; content:"tcp/CONNECT/"; fast_pattern:only; threshold:type limit, track by_src, count 1, seconds 600; priority:1; classtype:attempted-admin; sid:21002340; rev:2;)
	int period = (int) 1e4, size = (int) 1e5, period2int = (int) 1e7;
	String[] arr = new String[size];

	long tmp = System.nanoTime(), start = System.nanoTime(), gen
	= System.nanoTime();
	for (int i = 0; i < arr.length; i++) {
	arr[i]
	= Hex.toHexString(SCrypt.generate("asd".getBytes("UTF-8"),
	GPCrypto.randomGen(256), (int) Math.pow(2, 1), 1, 1, 32));
	if (i
	for (int i = 0; i < 2; i++) {
	new Thread(new ParallelScrypt(i)).start();
	}

	static class ParallelScrypt implements Runnable {

	private final int iter;

	public ParallelScrypt(int i) {
	this.iter = i;
	Security.addProvider(new BouncyCastleProvider());
	Cipher c = Cipher.getInstance("AES/CTR/NoPadding",new BouncyCastleProvider());
	System.out.println(c.getProvider());
	KeyGenerator kg = KeyGenerator.getInstance("AES");
	c.init(Cipher.ENCRYPT_MODE, kg.generateKey());
	System.out.println(c.update(new byte[20]).length); // output: 16
	System.out.println(c.update(new byte[1]).length); // null pointer exception
	int maxSalts = 1234567,
	saltBytes = 4;
	long cnt1 = 0L,
	step0 = 1000000L,
	step1 = 1000000L;

	System.out.println("Assigning array");
	long time = System.nanoTime();
	byte[][] test = new byte[maxSalts][saltBytes];
	System.out.println("Done in " + (System.nanoTime() - time) / 1e9);
	private static void print(File input) {
	System.out.println(input.getPath() + "/");
	for (File f : input.listFiles(File::isDirectory)) {
	print(f);
	}
	for (File f : input.listFiles(File::isFile)) {
	System.out.println(f.getPath());
	}
	}
	<?php

	/**
	* This file contains an example helper classes for the php-scrypt extension.
	*
	* As with all cryptographic code; it is recommended that you use a tried and
	* tested library which uses this library; rather than rolling your own.
	*
	* PHP version 5
	*