-
-
Save Svenito/dbad0e83f0d637a5701c to your computer and use it in GitHub Desktop.
Get that egg
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import java.awt.Graphics; | |
import java.util.Arrays; | |
import java.awt.image.BufferedImage; | |
import java.nio.file.Files; | |
import java.nio.file.Paths; | |
import java.io.ByteArrayInputStream; | |
import java.security.*; //MessageDigest; | |
import javax.crypto.*; | |
import javax.crypto.spec.*; | |
import javax.imageio.ImageIO; | |
import javax.swing.JFrame; | |
import javax.swing.JPanel; | |
import java.io.File; | |
import org.apache.commons.codec.binary.Base64; | |
class GetIt { | |
public static boolean checkMD5(String src, String target) throws NoSuchAlgorithmException { | |
MessageDigest digest = MessageDigest.getInstance("MD5"); | |
byte t[] = Base64.decodeBase64(target); | |
byte b1[] = src.getBytes(); | |
for (int i = 0; i <= 9999; i++) { | |
digest.update(b1); | |
b1 = digest.digest(b1); | |
if (Arrays.equals(b1, t)) { | |
System.out.printf("%s %d\n", src, i); | |
return true; | |
} | |
} | |
return false; | |
} | |
public static void checkSHA1(String src, String target) throws NoSuchAlgorithmException { | |
MessageDigest digest = MessageDigest.getInstance("SHA1"); | |
byte t[] = Base64.decodeBase64(target); | |
byte b2[] = src.getBytes(); | |
for (int i = 0; i <= 9999; i++) { | |
digest.update(b2); | |
b2 = digest.digest(b2); | |
b2[0] = 99; | |
b2 = digest.digest(b2); | |
if (Arrays.equals(b2, t)) { | |
System.out.printf("%d\n", i+1); | |
} | |
} | |
} | |
public static void checkAES(String src, String target) throws Exception { | |
byte t[] = Base64.decodeBase64(target); | |
byte b3[] = src.getBytes(); | |
for (int i = 0; i <= 9999; i++) { | |
byte iv[] = new byte[16]; | |
IvParameterSpec ips = new IvParameterSpec(iv); | |
Cipher c = Cipher.getInstance("AES/CBC/PKCS5Padding"); | |
String test = String.format("%04d", i); | |
SecretKeySpec k = new SecretKeySpec((new StringBuilder(String.valueOf(test))).append(test).append(test).append(test).toString().getBytes(), "AES"); | |
c.init(1, k, ips); | |
byte out[] = c.doFinal(b3); | |
if (Arrays.equals(out, t)) { | |
System.out.printf("Found %d\n", i); | |
break; | |
} | |
} | |
} | |
private static byte[] decrypt(String pass, String file) | |
throws Exception { | |
byte data[] = Files.readAllBytes(Paths.get(file, new String[0])); | |
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1"); | |
java.security.spec.KeySpec spec = new PBEKeySpec(pass.toCharArray(), SALT, 0x10000, 128); | |
SecretKey tmp = factory.generateSecret(spec); | |
SecretKey secret = new SecretKeySpec(tmp.getEncoded(), "AES"); | |
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); | |
cipher.init(Cipher.DECRYPT_MODE, secret, ips); | |
return cipher.doFinal(data); | |
} | |
private static String PATTERN = "([0-9]{4}-){3}[0-9]{4}"; | |
private static byte SALT[] = { | |
4, 115, 33, -116, 126, -56, -114, -103 | |
}; | |
private static final byte iv[]; | |
private static final IvParameterSpec ips; | |
private static final String f = "1453-9373-4587-8030"; | |
static { | |
iv = new byte[16]; | |
ips = new IvParameterSpec(iv); | |
} | |
public static void main(String[] args) throws Exception { | |
System.out.println("Getting parts 1 and 2"); | |
for (int i = 0; i <= 9999; i++) { | |
String num = String.format("%04d", i); | |
if (checkMD5(num, "Q4jgwADL0QO0H7CNPMhxJw==")) { | |
break; | |
} | |
} | |
System.out.println("Getting part 3"); | |
checkSHA1("8122", "KMZ9wInjZg0C4R0EkZSjKYsonN8="); | |
System.out.println("Getting part 4"); | |
checkAES("8122","zG+hH0zVgJvd0aaUsoUXlg=="); | |
byte imageData[] = decrypt("8122-4901-6001-2311", "1.png"); | |
final BufferedImage image = ImageIO.read(new ByteArrayInputStream(imageData)); | |
File outputfile = new File("image.jpg"); | |
ImageIO.write(image, "png", outputfile); | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment