Skip to content

Instantly share code, notes, and snippets.

@baderj

baderj/find_seed.c

Last active May 26, 2017 12:42
Show Gist options
  • Save baderj/966dbeb301b163a75bfb to your computer and use it in GitHub Desktop.
Save baderj/966dbeb301b163a75bfb to your computer and use it in GitHub Desktop.
Download ZIP
find ramnit seed
Raw
find_seed.c
#include <stdio.h>
#include <string.h>
unsigned long int rand_int_modulus(unsigned long int *ix, unsigned long int modulus) {
unsigned long int k1;
k1 = *ix / 127773;
*ix = 16807 * (*ix - k1 * 127773) - k1 * 2836;
return *ix % modulus;
}
void next_domain(unsigned long int seed, char* url) {
unsigned long int domain_len = rand_int_modulus(&seed, 12) + 8;
unsigned long int i;
for(i = 0; i < domain_len; i++) {
url[i] = rand_int_modulus(&seed, 25) + 97;
}
url[domain_len] = 0;
}
long int find(char* wanted) {
char url[21];
printf("searching %s\n", wanted);
unsigned long int seed;
unsigned long int maximum = (unsigned long int)0xFFFFFFFF;
for(seed = 0; seed < maximum; seed++) {
next_domain(seed, url);
if(strcmp(url, wanted) == 0)
printf("\r-> found key %x\n", (unsigned int)seed);
if(seed % (2 << 22) == 0)
printf("\r%.3f %%", (seed)/(double)maximum);
}
printf("\n");
}
long int main (long int argc, char *argv[])
{
if ( argc != 2 )
printf( "usage: %s hostname (without tld)\n", argv[0] );
else
find(argv[1]);
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment