Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #include <stdio.h>
- #include <string.h>
- #include <stdlib.h>
- #include <sys/types.h>
- #include <sys/stat.h>
- #include <fcntl.h>
- unsigned char iv[]="\xc9\xb1\x5f";
- unsigned int old_icv;
- unsigned int new_icv;
- unsigned char encrypted_packet[]=
- "\x85\x8a\x22\x52\x02\xfb\x44\xf2\xbf\x6d\x16\xf0\x15\x69\x05\x88\xac"
- "\xc8\xe5\xa9\x89\x2c\x28\x71\xa0\xd3\x10\x31\x2a\xbd\x83\x09\x04\xce"
- "\xaa\xa4\x3e\x01\xc9\x8a\xd4\xf7\xd4\x1a\xe2\xf8\x52\xc9\x28\x1b\x60"
- "\xd5\x94\xe1\xd5\x15\x1a\x8b\x93\xa6\x9c\x55\xbf\x09\x27\x3a\xb9\x16"
- "\xae\x94\xc9\xc0\x97\xed\xf0\xed\xe5\xd8\x87\x4a\x7e\xf9\x29\xac\x71"
- "\x05\x4c\xa1\xbc\x16\x4d\x74\xb2\x2f\x33\x6f\x13\x4c\x50\x7a\x32\x34"
- "\x8c\x90\xa2\x0e\x37\x7d\x90\x67\xd8\x56\x3a\x40\xb0\xbb\x3b\x8f\xf7"
- "\x47\x01\xfd\xd9\x74\xa8\xaf\xf7\x41\x2c\x50\x5e\x03\x05\xaa\x28\x82"
- "\xbb\x9b\x6a\x70\x27\xf2\xd9\x09\x36\xe0\x9d\x87\xe4\x02\x5d\x12\xb3"
- "\x43\xb0\xf5\x94\x77\x81\xcf\x72\x43\x15\x89\xf6\x79\x4d\xad\x68\x84"
- "\xcd\xae\x45\xb3\xb7\x5c\x4f\x6d\xa0\x40\xa1\xa3\x60\xdc\xfe\xd2\xb1"
- "\xdc\xbb\xfb\x23\x8d\x1a\xcf\x4a\xf9\x78\x39\x51\xbd\xd9\x50\xe7\x9b"
- "\x26\xd9\x58\xba\x8a\x74\x1d\xae\x14\xc9\x2f\x2c\x1e\x95\xea\x42\xa2"
- "\xc5\x2b\x11\x41\x50\x34\x97\xf7\x59\xf0\xeb\x44\x03\x35\xdc\x59\x01"
- "\xfc\x52\x2f\x80\x58\xb6\xab\xf3\x14\x30\xd3\x24\x43\xa5\x44\xf9\x8b"
- "\x27\x04\xd2\x67\x6a\xe4\x16\xc0\xa8\xe1\x1a\xa3\x29\xce\x20\x2c\x2e"
- "\xcc\x73\xc9\x1e\xe2\xb2\x91\x10\x9d\xb6\x20\x2b\xdb\x00\xa5\xcd\x7a"
- "\x82\x36\x85\x26\x8c\xcc\x97\x61\xd7\x57\x25\x88\x66\xcc\x50\x94\x97"
- "\x47\x56\xcd\x1b\x46\xe1\xe5\x80\x57\xd7\xf2\xff\xbc\x7c\x45\x75\xf5"
- "\xd7\x70\x3b\x2b\x02\xc5\xb6\x90\xd8\x94\xf1\x40\x67";
- unsigned char *decrypted_packet;
- unsigned int decrypt(unsigned char *keystream);
- unsigned char *create_keystream(unsigned char *pass);
- unsigned char *rc4(unsigned char *password);
- unsigned int crc32(unsigned char *packet, unsigned int len);
- unsigned int chksum_crc32 (unsigned char *block, unsigned int length);
- void chksum_crc32gentab ();
- unsigned int crc_tab[256];
- int main(int argc, char *argv[])
- {
- unsigned char *keystream;
- char pass[6];
- FILE *fs;
- if ( argc == 1 )
- {
- fprintf(stderr, "Usage: %s passlist.txt\n", argv[0]);
- return -1;
- }
- if (( fs = fopen(argv[1], "rb")) == NULL )
- return -1;
- for ( ; ; )
- {
- memset(pass, '\0', 6);
- if (fgets(pass, 6, fs) == NULL )
- break;
- printf("trying\"%s\"\n", pass);
- keystream = create_keystream(pass);
- old_icv = decrypt(keystream);
- new_icv = crc32(decrypted_packet, 336);
- free(decrypted_packet);
- if ( old_icv == new_icv )
- printf("password: %s\n", pass);
- }
- fclose(fs);
- return 0;
- }
- unsigned int decrypt(unsigned char *keystream)
- {
- unsigned int icv;
- register int i;
- decrypted_packet = malloc(337 * sizeof(char));
- memset(decrypted_packet, '\0', 337);
- for ( i = 0; i < 336; i++ )
- {
- decrypted_packet[i] = encrypted_packet[i] ^ keystream[i];
- }
- memcpy((char *)&icv, &decrypted_packet+332, 4);
- return icv;
- }
- unsigned char *create_keystream(unsigned char *pass)
- {
- unsigned char *password = "\xc9\xb1\x5f\x74\x75\x64\x65\x73";
- unsigned char *new_ks;
- /*
- password = (unsigned char *)malloc(9 * sizeof(char));
- memset(password, '\0', 9);
- memcpy(password, iv, 3);
- memcpy(password+3, pass, 5);
- */
- new_ks = rc4(password);
- // free(password);
- return new_ks;
- }
- unsigned char *rc4(unsigned char *password)
- {
- register int i, j, k;
- unsigned char s[256];
- unsigned char *new_ks;
- unsigned char temp;
- new_ks = (unsigned char *)malloc(337*sizeof(char));
- memset(new_ks, '\0', 337);
- //KSA
- j = 0;
- for ( i = 0; i < 256; i++ )
- {
- s[i] = i;
- }
- for ( i = 0; i < 256; i++ )
- {
- j = (j + s[i] + password[ i % 8])%256;
- temp = s[i];
- s[i] = s[j];
- s[j] = temp;
- }
- //PRGA
- i = 0;
- j = 0;
- for ( k = 0; k < 336; k++ )
- {
- i = (i + 1)%256;
- j = (j+s[i])%256;
- temp = s[i];
- s[i] = s[j];
- s[j] = temp;
- new_ks[k] = s[(s[i]+s[j])%256];
- }
- return new_ks;
- }
- unsigned int crc32(unsigned char *packet, unsigned int len)
- {
- chksum_crc32gentab();
- return chksum_crc32(packet, len);
- }
- unsigned int chksum_crc32 (unsigned char *block, unsigned int length)
- {
- register unsigned long crc;
- unsigned long i;
- crc = 0xFFFFFFFF;
- for (i = 0; i < length; i++)
- {
- crc = ((crc >> 8) & 0x00FFFFFF) ^ crc_tab[(crc ^ *block++) & 0xFF];
- }
- return (crc ^ 0xFFFFFFFF);
- }
- void chksum_crc32gentab ()
- {
- unsigned long crc, poly;
- int i, j;
- poly = 0xEDB88320L;
- for (i = 0; i < 256; i++)
- {
- crc = i;
- for (j = 8; j > 0; j--)
- {
- if (crc & 1)
- {
- crc = (crc >> 1) ^ poly;
- }
- else
- {
- crc >>= 1;
- }
- }
- crc_tab[i] = crc;
- }
- }
Add Comment
Please, Sign In to add comment