Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #include <stdio.h>
- #include <string.h>
- #include <stdlib.h>
- #include <sys/types.h>
- #include <sys/stat.h>
- #include <fcntl.h>
- unsigned char text[] =
- "\x8b\x12\xe8\x19\xa3\xcd\x91\x17\x76\xed\xf7\xc3\xcd\x5c\x5e\x0f"
- "\x1c\xc1\x07\x42\xf2\xdc\x99\x8a\x35\x38\xe5\xa3\xb0\xb6\xaf\x3c"
- "\x84\x12\xc3\xb2\xa8\xcd\xf7\x89\xfa\xe2\xe4\xf2\x44\x50\x40\x11"
- "\xfd\xc4\x67\x02\x8a\xee\x51\x63\x2c\xd0\x47\x68\x27\xa7\xbb\x8b"
- "\xcc\x2d\x0c\x41\xb6\x2b\x12\x13\x5f\x3c\xc2\x63\x06\x21\x6d\x11"
- "\x84\xba\x1c\x97\x55\x3f\x79\x24\xdd\x15\x3a\xda\x3b\xc3\xc6\x9b"
- "\xa8\xa2\x1c\x77\x93\x1f\xe9\x67\x7d\xbc\xb9\x16\x62\x5d\x58\xb5"
- "\xee\x9a\xe9\x61\x5b\x01\xf7\x38\x11\x17\x8b\xfd\x8a\xb5\xb6\x9a";
- unsigned char cipher[] =
- "\x70\xca\xef\x5c\x0b\x09\x6c\x6d\x2e\x0b\xbe\xd6\xb1\xc5\x10\xfd\x25"
- "\x36\xbd\x6d\xbb\x76\x5d\x27\x7e\x47\x1e\x9b\x0e\x89\x29\x88\x03\x8b"
- "\xf6\x2b\x26\x6f\x3f\xbb\x09\x35\xf0\x50\xc7\xae\xc0\x46\xce\xdc\xce"
- "\xa8\x52\x07\x3b\xca\x42\xb3\xb9\x71\xca\x68\x98\xc8\xec\x84\x5d\x24"
- "\xb0\x9b\x71\x2b\x2b\x4f\x09\x1a\xbb\x43\xbc\xa4\x56\x28\x15\xd6\x85"
- "\xe4\xc6\x00\x70\x7f\x13\xb8\xf2\xca\xa2\xc3\x3e\xf0\x7f\x78\x5e\xe1"
- "\x2a\xc4\xa0\x6c\xd8\x8d\xc0\xd1\xc8\xbf\x15\xa7\x55\x18\xc3\xdb\x59"
- "\x3d\x2b\x28\x69\xab\x6c\x86\xa5\xe8\x96\x4d\x6d\x1b\x1f\x67\xe4\x1c";
- unsigned char iv[]="\x3a\x6f\x63";
- unsigned char *find_ks(void);
- unsigned char *wep(unsigned char *pass);
- unsigned char *rc4(unsigned char *password);
- int main(int argc, char *argv[])
- {
- unsigned char *keystream;
- unsigned char *new_ks;
- unsigned char pass[6];
- FILE *fs;
- register int i;
- if ( argc == 1 )
- {
- fprintf(stderr, "Usage: %s passlist.txt\n", argv[0]);
- return -1;
- }
- keystream = find_ks();
- if (( fs = fopen(argv[1], "rb")) == NULL )
- {
- fprintf(stderr, "fopen()\n");
- return -1;
- }
- for (;;)
- {
- memset(pass, '\0', 6);
- if ( fgets(pass, 6, fs) == NULL )
- break;
- printf("trying \"%s\"\n", pass);
- new_ks = wep(pass);
- if ( strncmp(new_ks, keystream, 128) == 0 )
- {
- printf("pass: %s\n", pass);
- free(new_ks);
- break;
- }
- free(new_ks);
- }
- fclose(fs);
- free(keystream);
- return 0;
- }
- unsigned char *find_ks(void)
- {
- register int i;
- unsigned char *keystream = (unsigned char *)malloc(129 * sizeof(char));
- for ( i = 0; i < 128; i++ )
- {
- keystream[i] = text[i] ^ cipher[i];
- }
- return keystream;
- }
- unsigned char *wep(unsigned char *pass)
- {
- //unsigned char *password = "\x3a\x6f\x63\x74\x75\x64\x65\x73";
- unsigned char *password;
- unsigned char *new_ks;
- password = (unsigned char *)malloc(9 * sizeof(char));
- memset(password, '\0', 9);
- memcpy(password, iv, 3);
- memcpy(password+3, pass, 5);
- new_ks = rc4(password);
- free(password);
- return new_ks;
- }
- unsigned char *rc4(unsigned char *password)
- {
- register int i, j, k;
- unsigned char s[256];
- unsigned char *new_ks;
- unsigned char temp;
- new_ks = (unsigned char *)malloc(129*sizeof(char));
- memset(new_ks, '\0', 129);
- printf("keystream: ");
- //KSA
- j = 0;
- for ( i = 0; i < 256; i++ )
- {
- s[i] = i;
- }
- for ( i = 0; i < 256; i++ )
- {
- j = (j + s[i] + password[ i % 8])%256;
- temp = s[i];
- s[i] = s[j];
- s[j] = temp;
- }
- //PRGA
- i = 0;
- j = 0;
- for ( k = 0; k < 128; k++ )
- {
- i = (i + 1)%256;
- j = (j+s[i])%256;
- temp = s[i];
- s[i] = s[j];
- s[j] = temp;
- new_ks[k] = s[(s[i]+s[j])%256];
- }
- return new_ks;
- }
Add Comment
Please, Sign In to add comment