Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/env python2
- import socket
- import random
- import sys
- import os
- import signal
- import re
- import array
- # define of the local right shift function (>>>)
- def rshift(val, n): return (val % 0x100000000) >> n
- # define some magic XOR functions to be able to extract the state's number from the outputs server
- def unBitshiftLeftXor(value, shift, mask):
- i = 0
- result = 0
- while (i * shift < 32):
- partMask = (rshift(-1, (32 - shift))) << (shift * i)
- part = value & partMask
- value ^= (part << shift) & mask
- result |= part
- i+=1
- return result
- def unBitshiftRightXor(value, shift):
- i = 0;
- result = 0;
- while (i * shift < 32):
- partMask = rshift((-1 << (32 - shift)) , (shift * i))
- part = value & partMask
- value ^= rshift(part, shift)
- result |= part
- i+=1
- return result
- # this function give us long number of the MT internal state
- def back_state(out):
- value = unBitshiftRightXor(out, 18)
- value = unBitshiftLeftXor(value, 15, 4022730752)
- value = unBitshiftLeftXor(value, 7, 2636928640)
- return unBitshiftRightXor(value, 11)
- # state of the server
- state=[]
- # our random object
- ran = random.Random()
- # socket things..
- s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
- s.connect(("88.198.89.194", 8888))
- data = s.recv(1024)
- print(data)
- # take it!
- for i in range(0,312):
- print "at "+str(i)
- data = s.recv(1024)
- print(data)
- s.send("1000\n")
- data = s.recv(1024)
- print(data)
- rgx=re.search("Nope, that was wrong, correct would have been (.+)\.\.\.",data)
- nmb=int(rgx.groups()[0]) # since we get a 64bit number we have to split it into 32bit numbers
- f_nmb=nmb>>32
- s_nmb=nmb & 0xffffffff
- state.append(back_state(s_nmb)) # push them inside
- state.append(back_state(f_nmb))
- # good state ends with a 624L
- state.append(624L)
- print state
- print len(state)
- # now the fun begins starting with setting the state
- ran.setstate((3, tuple(state),None))
- data = s.recv(1024)
- print(data)
- # lets "guess" this numbers...
- for i in range(1,11):
- print i
- n=ran.getrandbits(64)
- print n
- s.send(str(n)+"\n")
- data = s.recv(1024)
- print(data)
- data = s.recv(1024)
- print(data)
- print "out"
- data = s.recv(1024)
- print(data)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement