Created
August 30, 2022 11:50
-
-
Save hedger/4ca58681dfa5db021d0231f8af02c6b5 to your computer and use it in GitHub Desktop.
offzone 2022 badge id bruteforce
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from Crypto.Hash import SHA1 | |
# "1B 00 14 00 18 43 50 55 39 36 35 20" -> e684ce4874f494bdbbfc5bd6 0a01eff0c4a625a7 | |
# "24 00 23 00 19 43 50 55 39 36 35 20" -> 77d7b65a625d8286b840b16d f4501f95d72e703d | |
# "10 00 01 00 0A 43 50 55 39 36 37 20" -> b8d46c6f3ddb1cb23f865d47 2755b061a991a423 | |
# 1d 00 03 00 19 43 50 55 39 36 35 20 -> 78b202e32d49a41bed5a8548 ? # Neketah | |
# 1b 00 2a 00 19 43 50 55 39 36 35 20 -> 753f48eaba32baf22f040165 ? # Orga | |
# 0d 00 06 00 19 43 50 55 39 36 35 20 -> 0398bca47389cc845d3265f4 ? # Orga2 | |
# patching address @ 7460-746c | |
def get_board_id(num): | |
orig_buffer = [ | |
0xFF, # Placeholder | |
0x00, | |
0xFF, # Placeholder | |
0x00, | |
0xFF, # Placeholder | |
0x43, | |
0x50, | |
0x55, | |
0x39, | |
0x36, | |
0xFF, # Placeholder | |
0x20, | |
] | |
orig_buffer[0] = num & 0xFF | |
orig_buffer[2] = (num >> 8) & 0xFF | |
orig_buffer[4] = (num >> 16) & 0xFF | |
orig_buffer[10] = (num >> 24) & 0xFF | |
return orig_buffer | |
def get_board_prefix(orig_buffer): | |
h = SHA1.new() | |
h.update(bytes(orig_buffer)) | |
return h.hexdigest()[:24] | |
def main(): | |
start, end = 0x35000000, 0x37FFFFFF | |
for val in range(start, end): | |
if val % 100000 == 0: | |
print(f"{(val-start)*100/(end-start)}% done") | |
board_id = get_board_id(val) | |
board_prefix = get_board_prefix(board_id) | |
# print(f"{val:x} -> {board_id}") | |
if board_prefix == "0398bca47389cc845d3265f4": | |
print( | |
f"board_id={' '.join(format(b, '02x') for b in board_id)}, {board_prefix=}" | |
) | |
break | |
if __name__ == "__main__": | |
main() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment