jamslater/stage7.py

## stage7.py
import hashlib
import time

derivation_key = 'LETSBUILDAVERYWEAKDERIVATIONKEY!'

def msvcrt_rand(seed):
    seed *= 0x343FD
    seed &= 0xFFFFFFFF
    seed += 0x269EC3
    return (seed, (seed >> 0x10) & 0x7FFF)

# Seed LCG with current epoch time, then use it to construct a 32-bit starting value
def get_initial_value(seed):
    (seed, r) = msvcrt_rand(seed)
    initial_value = (r & 0xFF) << 24

    (seed, r) = msvcrt_rand(seed)
    initial_value += (r & 0xFF) << 16

    (seed, r) = msvcrt_rand(seed)
    initial_value += (r & 0xFF) << 8

    (seed, r) = msvcrt_rand(seed)
    initial_value += (r & 0xFF)

    return initial_value

def derive_key_part(initial_value, i):
    r = i * 7 * ord(derivation_key[i])
    r &= 0xFF
    r *= 0x1010101
    r ^= initial_value
    r ^= i * 7 * 0x1010101
    r -= 0x5A827999
    r *= 0x6ED9EBA1
    r &= 0xFFFFFFFF
    r -= 0x3B4704FA
    r &= 0xFFFFFFFF

    byte_sum = (r >> 24) + (r >> 16) + (r >> 8) + (r & 0xFF)
    byte_sum &= 0xFF

    r = 0x806BAE2D * byte_sum
    r &= 0xFFFFFFFF
    r += 0x740124A9
    r &= 0xFFFFFFFF

    return r

def derive_key(initial_value):
    r = ''

    for i in xrange(0, 32):
        c = derive_key_part(initial_value, i) & 0xFF
        c = c * 0xA5 + 0x13
        c &= 0xFF

        r += chr(c)

    return r

# Get challenge from user, with no validation ;)
challenge = raw_input('Challenge? ')

# Step backwards in time, deriving keys until we find a matching challenge
utcnow = int(time.time())
seed = utcnow
while True:

    initial_value = get_initial_value(seed)
    key = derive_key(initial_value)

    try_challenge = hashlib.md5(key).hexdigest()
    if try_challenge == challenge:
        break

    seed -= 1

# Challenge matches, output access token
access_token = hashlib.sha1(key + 'HEREISASECURESALT!').hexdigest()
print "Challenge found from %d seconds ago :)" % (utcnow - seed)
print "Access token: %s" % (access_token)
	import hashlib
	import time

	derivation_key = 'LETSBUILDAVERYWEAKDERIVATIONKEY!'

	def msvcrt_rand(seed):
	seed *= 0x343FD
	seed &= 0xFFFFFFFF
	seed += 0x269EC3
	return (seed, (seed >> 0x10) & 0x7FFF)

	# Seed LCG with current epoch time, then use it to construct a 32-bit starting value
	def get_initial_value(seed):
	(seed, r) = msvcrt_rand(seed)
	initial_value = (r & 0xFF) << 24

	(seed, r) = msvcrt_rand(seed)
	initial_value += (r & 0xFF) << 16

	(seed, r) = msvcrt_rand(seed)
	initial_value += (r & 0xFF) << 8

	(seed, r) = msvcrt_rand(seed)
	initial_value += (r & 0xFF)

	return initial_value

	def derive_key_part(initial_value, i):
	r = i * 7 * ord(derivation_key[i])
	r &= 0xFF
	r *= 0x1010101
	r ^= initial_value
	r ^= i * 7 * 0x1010101
	r -= 0x5A827999
	r *= 0x6ED9EBA1
	r &= 0xFFFFFFFF
	r -= 0x3B4704FA
	r &= 0xFFFFFFFF

	byte_sum = (r >> 24) + (r >> 16) + (r >> 8) + (r & 0xFF)
	byte_sum &= 0xFF

	r = 0x806BAE2D * byte_sum
	r &= 0xFFFFFFFF
	r += 0x740124A9
	r &= 0xFFFFFFFF

	return r

	def derive_key(initial_value):
	r = ''

	for i in xrange(0, 32):
	c = derive_key_part(initial_value, i) & 0xFF
	c = c * 0xA5 + 0x13
	c &= 0xFF

	r += chr(c)

	return r

	# Get challenge from user, with no validation ;)
	challenge = raw_input('Challenge? ')

	# Step backwards in time, deriving keys until we find a matching challenge
	utcnow = int(time.time())
	seed = utcnow
	while True:

	initial_value = get_initial_value(seed)
	key = derive_key(initial_value)

	try_challenge = hashlib.md5(key).hexdigest()
	if try_challenge == challenge:
	break

	seed -= 1

	# Challenge matches, output access token
	access_token = hashlib.sha1(key + 'HEREISASECURESALT!').hexdigest()
	print "Challenge found from %d seconds ago :)" % (utcnow - seed)
	print "Access token: %s" % (access_token)