Don't like ads? PRO users don't see any ads ;-)
Public Pastes
Guest

PHDay CTF keygen.exe solution

By: a guest on Jun 3rd, 2012  |  syntax: Python  |  size: 10.98 KB  |  hits: 381  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. ##########################################################################
  2. # SBoxes used by the crackme (dumped with IDA python)
  3. ##########################################################################
  4.  
  5. WBoxSboxes = [
  6.  [[2, 14, 10, 4, 11, 8, 15, 3, 5, 12, 6, 9, 13, 7, 1, 0],
  7.   [13, 3, 11, 4, 10, 9, 1, 14, 8, 12, 5, 2, 7, 6, 0, 15],
  8.   [4, 14, 8, 12, 6, 9, 11, 10, 2, 15, 5, 1, 3, 7, 0, 13],
  9.   [15, 6, 7, 11, 8, 2, 12, 4, 14, 10, 9, 5, 3, 0, 13, 1],
  10.   [4, 6, 3, 0, 12, 8, 1, 14, 10, 9, 7, 2, 15, 13, 5, 11],
  11.   [4, 5, 8, 11, 7, 10, 9, 6, 14, 12, 13, 2, 1, 3, 15, 0],
  12.   [7, 6, 1, 9, 11, 0, 12, 10, 3, 15, 2, 5, 8, 13, 14, 4],
  13.   [0, 3, 14, 1, 5, 10, 11, 13, 15, 2, 8, 12, 4, 7, 9, 6],
  14.   [2, 14, 10, 4, 11, 8, 15, 3, 5, 12, 6, 9, 13, 7, 1, 0],
  15.   [4, 11, 3, 13, 14, 1, 9, 10, 2, 5, 12, 8, 15, 0, 6, 7],
  16.   [12, 8, 14, 4, 10, 11, 9, 6, 1, 5, 15, 2, 13, 0, 7, 3],
  17.   [2, 8, 4, 12, 6, 15, 11, 7, 0, 3, 1, 13, 10, 14, 5, 9],
  18.   [13, 15, 11, 5, 9, 10, 2, 7, 8, 12, 14, 1, 6, 4, 0, 3],
  19.   [6, 9, 10, 7, 11, 8, 5, 4, 0, 15, 3, 1, 2, 13, 12, 14],
  20.   [5, 2, 15, 3, 4, 14, 13, 8, 9, 1, 6, 7, 10, 12, 0, 11],
  21.   [8, 12, 15, 2, 9, 6, 4, 7, 14, 1, 0, 3, 11, 13, 5, 10]],
  22.  [[2, 14, 10, 4, 11, 8, 15, 3, 5, 12, 6, 9, 13, 7, 1, 0],
  23.   [4, 11, 3, 13, 14, 1, 9, 10, 2, 5, 12, 8, 15, 0, 6, 7],
  24.   [12, 8, 14, 4, 10, 11, 9, 6, 1, 5, 15, 2, 13, 0, 7, 3],
  25.   [2, 8, 4, 12, 6, 15, 11, 7, 0, 3, 1, 13, 10, 14, 5, 9],
  26.   [13, 15, 11, 5, 9, 10, 2, 7, 8, 12, 14, 1, 6, 4, 0, 3],
  27.   [6, 9, 10, 7, 11, 8, 5, 4, 0, 15, 3, 1, 2, 13, 12, 14],
  28.   [5, 2, 15, 3, 4, 14, 13, 8, 9, 1, 6, 7, 10, 12, 0, 11],
  29.   [8, 12, 15, 2, 9, 6, 4, 7, 14, 1, 0, 3, 11, 13, 5, 10],
  30.   [2, 14, 10, 4, 11, 8, 15, 3, 5, 12, 6, 9, 13, 7, 1, 0],
  31.   [0, 15, 7, 6, 5, 2, 8, 12, 1, 14, 10, 9, 11, 4, 13, 3],
  32.   [9, 6, 10, 11, 14, 4, 12, 8, 7, 3, 13, 0, 15, 2, 1, 5],
  33.   [2, 8, 4, 12, 6, 15, 11, 7, 0, 3, 1, 13, 10, 14, 5, 9],
  34.   [13, 15, 11, 5, 9, 10, 2, 7, 8, 12, 14, 1, 6, 4, 0, 3],
  35.   [8, 11, 4, 5, 9, 6, 7, 10, 13, 2, 14, 12, 15, 0, 1, 3],
  36.   [11, 0, 12, 10, 7, 6, 1, 9, 8, 13, 14, 4, 3, 15, 2, 5],
  37.   [1, 14, 3, 0, 13, 11, 10, 5, 12, 8, 2, 15, 6, 9, 7, 4]],
  38.  [[2, 14, 10, 4, 11, 8, 15, 3, 5, 12, 6, 9, 13, 7, 1, 0],
  39.   [0, 15, 7, 6, 5, 2, 8, 12, 1, 14, 10, 9, 11, 4, 13, 3],
  40.   [9, 6, 10, 11, 14, 4, 12, 8, 7, 3, 13, 0, 15, 2, 1, 5],
  41.   [2, 8, 4, 12, 6, 15, 11, 7, 0, 3, 1, 13, 10, 14, 5, 9],
  42.   [13, 15, 11, 5, 9, 10, 2, 7, 8, 12, 14, 1, 6, 4, 0, 3],
  43.   [8, 11, 4, 5, 9, 6, 7, 10, 13, 2, 14, 12, 15, 0, 1, 3],
  44.   [11, 0, 12, 10, 7, 6, 1, 9, 8, 13, 14, 4, 3, 15, 2, 5],
  45.   [1, 14, 3, 0, 13, 11, 10, 5, 12, 8, 2, 15, 6, 9, 7, 4],
  46.   [7, 13, 0, 1, 12, 5, 9, 6, 8, 11, 3, 15, 14, 2, 4, 10],
  47.   [4, 11, 3, 13, 14, 1, 9, 10, 2, 5, 12, 8, 15, 0, 6, 7],
  48.   [14, 4, 12, 8, 9, 6, 10, 11, 15, 2, 1, 5, 7, 3, 13, 0],
  49.   [7, 11, 15, 6, 12, 4, 8, 2, 9, 5, 14, 10, 13, 1, 3, 0],
  50.   [13, 15, 11, 5, 9, 10, 2, 7, 8, 12, 14, 1, 6, 4, 0, 3],
  51.   [0, 15, 3, 1, 2, 13, 12, 14, 6, 9, 10, 7, 11, 8, 5, 4],
  52.   [13, 8, 4, 14, 15, 3, 5, 2, 0, 11, 10, 12, 6, 7, 9, 1],
  53.   [4, 7, 9, 6, 15, 2, 8, 12, 5, 10, 11, 13, 0, 3, 14, 1]],
  54.  [[7, 13, 0, 1, 12, 5, 9, 6, 8, 11, 3, 15, 14, 2, 4, 10],
  55.   [4, 11, 3, 13, 14, 1, 9, 10, 2, 5, 12, 8, 15, 0, 6, 7],
  56.   [14, 4, 12, 8, 9, 6, 10, 11, 15, 2, 1, 5, 7, 3, 13, 0],
  57.   [7, 11, 15, 6, 12, 4, 8, 2, 9, 5, 14, 10, 13, 1, 3, 0],
  58.   [13, 15, 11, 5, 9, 10, 2, 7, 8, 12, 14, 1, 6, 4, 0, 3],
  59.   [0, 15, 3, 1, 2, 13, 12, 14, 6, 9, 10, 7, 11, 8, 5, 4],
  60.   [13, 8, 4, 14, 15, 3, 5, 2, 0, 11, 10, 12, 6, 7, 9, 1],
  61.   [4, 7, 9, 6, 15, 2, 8, 12, 5, 10, 11, 13, 0, 3, 14, 1],
  62.   [12, 5, 9, 6, 7, 13, 0, 1, 14, 2, 4, 10, 8, 11, 3, 15],
  63.   [7, 6, 0, 15, 8, 12, 5, 2, 10, 9, 1, 14, 13, 3, 11, 4],
  64.   [7, 3, 13, 0, 15, 2, 1, 5, 9, 6, 10, 11, 14, 4, 12, 8],
  65.   [9, 5, 14, 10, 13, 1, 3, 0, 7, 11, 15, 6, 12, 4, 8, 2],
  66.   [8, 12, 14, 1, 6, 4, 0, 3, 13, 15, 11, 5, 9, 10, 2, 7],
  67.   [15, 0, 1, 3, 13, 2, 14, 12, 9, 6, 7, 10, 8, 11, 4, 5],
  68.   [7, 6, 1, 9, 11, 0, 12, 10, 3, 15, 2, 5, 8, 13, 14, 4],
  69.   [12, 8, 2, 15, 6, 9, 7, 4, 1, 14, 3, 0, 13, 11, 10, 5]],
  70.  [[12, 5, 9, 6, 7, 13, 0, 1, 14, 2, 4, 10, 8, 11, 3, 15],
  71.   [7, 6, 0, 15, 8, 12, 5, 2, 10, 9, 1, 14, 13, 3, 11, 4],
  72.   [7, 3, 13, 0, 15, 2, 1, 5, 9, 6, 10, 11, 14, 4, 12, 8],
  73.   [9, 5, 14, 10, 13, 1, 3, 0, 7, 11, 15, 6, 12, 4, 8, 2],
  74.   [8, 12, 14, 1, 6, 4, 0, 3, 13, 15, 11, 5, 9, 10, 2, 7],
  75.   [15, 0, 1, 3, 13, 2, 14, 12, 9, 6, 7, 10, 8, 11, 4, 5],
  76.   [7, 6, 1, 9, 11, 0, 12, 10, 3, 15, 2, 5, 8, 13, 14, 4],
  77.   [12, 8, 2, 15, 6, 9, 7, 4, 1, 14, 3, 0, 13, 11, 10, 5],
  78.   [7, 13, 0, 1, 12, 5, 9, 6, 8, 11, 3, 15, 14, 2, 4, 10],
  79.   [6, 7, 15, 0, 12, 8, 2, 5, 9, 10, 14, 1, 3, 13, 4, 11],
  80.   [10, 11, 9, 6, 12, 8, 14, 4, 13, 0, 7, 3, 1, 5, 15, 2],
  81.   [7, 11, 15, 6, 12, 4, 8, 2, 9, 5, 14, 10, 13, 1, 3, 0],
  82.   [4, 6, 3, 0, 12, 8, 1, 14, 10, 9, 7, 2, 15, 13, 5, 11],
  83.   [15, 0, 1, 3, 13, 2, 14, 12, 9, 6, 7, 10, 8, 11, 4, 5],
  84.   [9, 1, 6, 7, 10, 12, 0, 11, 5, 2, 15, 3, 4, 14, 13, 8],
  85.   [8, 12, 15, 2, 9, 6, 4, 7, 14, 1, 0, 3, 11, 13, 5, 10]],
  86.  [[7, 13, 0, 1, 12, 5, 9, 6, 8, 11, 3, 15, 14, 2, 4, 10],
  87.   [6, 7, 15, 0, 12, 8, 2, 5, 9, 10, 14, 1, 3, 13, 4, 11],
  88.   [10, 11, 9, 6, 12, 8, 14, 4, 13, 0, 7, 3, 1, 5, 15, 2],
  89.   [7, 11, 15, 6, 12, 4, 8, 2, 9, 5, 14, 10, 13, 1, 3, 0],
  90.   [4, 6, 3, 0, 12, 8, 1, 14, 10, 9, 7, 2, 15, 13, 5, 11],
  91.   [15, 0, 1, 3, 13, 2, 14, 12, 9, 6, 7, 10, 8, 11, 4, 5],
  92.   [9, 1, 6, 7, 10, 12, 0, 11, 5, 2, 15, 3, 4, 14, 13, 8],
  93.   [8, 12, 15, 2, 9, 6, 4, 7, 14, 1, 0, 3, 11, 13, 5, 10],
  94.   [7, 13, 0, 1, 12, 5, 9, 6, 8, 11, 3, 15, 14, 2, 4, 10],
  95.   [6, 7, 15, 0, 12, 8, 2, 5, 9, 10, 14, 1, 3, 13, 4, 11],
  96.   [11, 10, 6, 9, 8, 12, 4, 14, 0, 13, 3, 7, 5, 1, 2, 15],
  97.   [11, 7, 6, 15, 4, 12, 2, 8, 5, 9, 10, 14, 1, 13, 0, 3],
  98.   [4, 6, 3, 0, 12, 8, 1, 14, 10, 9, 7, 2, 15, 13, 5, 11],
  99.   [15, 0, 1, 3, 13, 2, 14, 12, 9, 6, 7, 10, 8, 11, 4, 5],
  100.   [12, 10, 11, 0, 1, 9, 7, 6, 14, 4, 8, 13, 2, 5, 3, 15],
  101.   [5, 10, 11, 13, 0, 3, 14, 1, 4, 7, 9, 6, 15, 2, 8, 12]],
  102.  [[7, 13, 0, 1, 12, 5, 9, 6, 8, 11, 3, 15, 14, 2, 4, 10],
  103.   [6, 7, 15, 0, 12, 8, 2, 5, 9, 10, 14, 1, 3, 13, 4, 11],
  104.   [11, 10, 6, 9, 8, 12, 4, 14, 0, 13, 3, 7, 5, 1, 2, 15],
  105.   [11, 7, 6, 15, 4, 12, 2, 8, 5, 9, 10, 14, 1, 13, 0, 3],
  106.   [4, 6, 3, 0, 12, 8, 1, 14, 10, 9, 7, 2, 15, 13, 5, 11],
  107.   [15, 0, 1, 3, 13, 2, 14, 12, 9, 6, 7, 10, 8, 11, 4, 5],
  108.   [12, 10, 11, 0, 1, 9, 7, 6, 14, 4, 8, 13, 2, 5, 3, 15],
  109.   [5, 10, 11, 13, 0, 3, 14, 1, 4, 7, 9, 6, 15, 2, 8, 12],
  110.   [12, 5, 9, 6, 7, 13, 0, 1, 14, 2, 4, 10, 8, 11, 3, 15],
  111.   [6, 7, 15, 0, 12, 8, 2, 5, 9, 10, 14, 1, 3, 13, 4, 11],
  112.   [11, 10, 6, 9, 8, 12, 4, 14, 0, 13, 3, 7, 5, 1, 2, 15],
  113.   [4, 12, 2, 8, 11, 7, 6, 15, 1, 13, 0, 3, 5, 9, 10, 14],
  114.   [4, 6, 3, 0, 12, 8, 1, 14, 10, 9, 7, 2, 15, 13, 5, 11],
  115.   [9, 6, 7, 10, 8, 11, 4, 5, 15, 0, 1, 3, 13, 2, 14, 12],
  116.   [9, 1, 6, 7, 10, 12, 0, 11, 5, 2, 15, 3, 4, 14, 13, 8],
  117.   [15, 2, 8, 12, 4, 7, 9, 6, 0, 3, 14, 1, 5, 10, 11, 13]],
  118.  [[12, 5, 9, 6, 7, 13, 0, 1, 14, 2, 4, 10, 8, 11, 3, 15],
  119.   [6, 7, 15, 0, 12, 8, 2, 5, 9, 10, 14, 1, 3, 13, 4, 11],
  120.   [11, 10, 6, 9, 8, 12, 4, 14, 0, 13, 3, 7, 5, 1, 2, 15],
  121.   [4, 12, 2, 8, 11, 7, 6, 15, 1, 13, 0, 3, 5, 9, 10, 14],
  122.   [4, 6, 3, 0, 12, 8, 1, 14, 10, 9, 7, 2, 15, 13, 5, 11],
  123.   [9, 6, 7, 10, 8, 11, 4, 5, 15, 0, 1, 3, 13, 2, 14, 12],
  124.   [9, 1, 6, 7, 10, 12, 0, 11, 5, 2, 15, 3, 4, 14, 13, 8],
  125.   [15, 2, 8, 12, 4, 7, 9, 6, 0, 3, 14, 1, 5, 10, 11, 13],
  126.   [68, 49, 64, 0, 68, 49, 64, 0, 12, 5, 9, 6, 7, 13, 0, 1],
  127.   [14, 2, 4, 10, 8, 11, 3, 15, 6, 7, 15, 0, 12, 8, 2, 5],
  128.   [9, 10, 14, 1, 3, 13, 4, 11, 10, 11, 9, 6, 12, 8, 14, 4],
  129.   [13, 0, 7, 3, 1, 5, 15, 2, 7, 11, 15, 6, 12, 4, 8, 2],
  130.   [9, 5, 14, 10, 13, 1, 3, 0, 12, 8, 1, 14, 4, 6, 3, 0],
  131.   [15, 13, 5, 11, 10, 9, 7, 2, 7, 10, 9, 6, 4, 5, 8, 11],
  132.   [1, 3, 15, 0, 14, 12, 13, 2, 2, 5, 3, 15, 14, 4, 8, 13],
  133.   [1, 9, 7, 6, 12, 10, 11, 0, 3, 0, 1, 14, 10, 5, 13, 11]]
  134. ]
  135.  
  136. CipherSboxes = [
  137.  [12, 5, 9, 6, 7, 13, 0, 1, 14, 2, 4, 10, 8, 11, 3, 15],
  138.  [6, 7, 15, 0, 12, 8, 2, 5, 9, 10, 14, 1, 3, 13, 4, 11],
  139.  [10, 11, 9, 6, 12, 8, 14, 4, 13, 0, 7, 3, 1, 5, 15, 2],
  140.  [7, 11, 15, 6, 12, 4, 8, 2, 9, 5, 14, 10, 13, 1, 3, 0],
  141.  [12, 8, 1, 14, 4, 6, 3, 0, 15, 13, 5, 11, 10, 9, 7, 2],
  142.  [7, 10, 9, 6, 4, 5, 8, 11, 1, 3, 15, 0, 14, 12, 13, 2],
  143.  [2, 5, 3, 15, 14, 4, 8, 13, 1, 9, 7, 6, 12, 10, 11, 0],
  144.  [3, 0, 1, 14, 10, 5, 13, 11, 2, 15, 12, 8, 7, 4, 6, 9]
  145. ]
  146.  
  147. ##########################################################################
  148. # code of keygen.exe translated in python
  149. ##########################################################################
  150.  
  151. # list of nibbles to DWORD
  152. def l2d(l) :
  153.     return reduce(lambda x, y: (x<<4)|y, l[::-1])
  154.  
  155. # DWORD to list of nibbles
  156. def d2l(d, size = 4) :
  157.     return [int(c, 16) for c in (("%%0%dX"%(2*size))%d)[::-1]]
  158.  
  159. def rol(l, n) :
  160.     d = l2d(l)
  161.     d = (d << n) | (d >> (32-n))
  162.     d &= 0xFFFFFFFF
  163.     return d2l(d)
  164.  
  165. # substitution
  166. def subs(l, sbox) :
  167.     return [sbox[v] for v in l]
  168.  
  169. # sbox inversion
  170. def invSbox(sbox) :
  171.     retval = ["??"]*len(sbox)
  172.     for i,j in enumerate(sbox) :
  173.         retval[j] = i
  174.     return retval
  175.  
  176. # White Box round
  177. def WBround(block, round) :
  178.     L = block[:8]
  179.     R = block[8:]    
  180.     return R + d2l(l2d(rol([WBoxSboxes[round][i][v] for i, v in enumerate(R)], 11)) ^ l2d(L))
  181.    
  182. # White Box cypher
  183. def WBCypher(block) :
  184.     for i in xrange(8) :
  185.         block = WBround(block, i)
  186.     for i in xrange(8) :
  187.         block = WBround(block, i)
  188.     for i in xrange(8) :
  189.         block = WBround(block, i)
  190.     for i in xrange(7, -1, -1) :
  191.         block = WBround(block, i)
  192.     return block[8:] + block[:8]
  193.    
  194. # decryption routine round
  195. def dec_round(block, round, k) :
  196.     L = block[:8]
  197.     R = block[8:]    
  198.     return R + d2l(l2d(rol([CipherSboxes[i][v] for i, v in enumerate(d2l(k[round] ^ l2d(R)))], 11)) ^ l2d(L))
  199.  
  200. # decryption routine, we have to find the k which correspond to the white box
  201. def uncypher(block, k) :
  202.     xk = [ord(k[i])**2 + ((ord(k[i+1])**2) << 16) for i in xrange(0, len(k), 2)]
  203.    
  204.     for i in xrange(8) :
  205.         block = dec_round(block, i, xk)
  206.     for i in xrange(7, -1, -1) :
  207.         block = dec_round(block, i, xk)
  208.     for i in xrange(7, -1, -1) :
  209.         block = dec_round(block, i, xk)
  210.     for i in xrange(7, -1, -1) :
  211.         block = dec_round(block, i, xk)
  212.     return block[8:] + block[:8]
  213.    
  214. #####################################    
  215. # code used to recover the key
  216. #####################################
  217.  
  218. recoveredK = ["???"]*8
  219.    
  220. def WBBreakround(block, round) :
  221.     L = block[:8]
  222.     R = block[8:]    
  223.     retval = R + d2l(l2d(rol([WBoxSboxes[round][i][v] for i, v in enumerate(R)], 11)) ^ l2d(L))
  224.     Ld = retval[8:]
  225.     Rd = retval[:8]
  226.     recoveredK[round] = l2d([invSbox(CipherSboxes[i])[v] for i, v in enumerate(rol(d2l(l2d(L) ^ l2d(Ld)), 32-11))]) ^ l2d(Rd)
  227.     return retval
  228.    
  229.    
  230. def WBBreak(block) :
  231.     for i in xrange(8) :
  232.         block = WBround(block, i)
  233.     for i in xrange(8) :
  234.         block = WBround(block, i)
  235.     for i in xrange(8) :
  236.         block = WBround(block, i)
  237.     for i in xrange(7, -1, -1) :
  238.         block = WBBreakround(block, i)
  239.     return block[8:] + block[:8]
  240.  
  241. WBBreak(d2l(0, 8))
  242.  
  243. k = "".join(chr((xk&0xFFFF)**0.5) + chr((xk >> 16)**0.5) for xk in recoveredK)
  244. print k.encode("hex")
create a new version of this paste RAW Paste Data