Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/env sage
- ## sage -python /path/to/my/script.py
- ## Service sage
- from sage.all_cmdline import *
- from sage.all import *
- import socket
- from telnetlib import Telnet
- import concurrent.futures
- HOST,PORT = '127.0.0.1',65535
- def bytes_to_polynomial(block, a):
- bin_block = bin(int.from_bytes(block,'big'))[2:].zfill(128)
- return sum(a**i * int(bin_block[i]) for i in range(len(bin_block)))
- def polynomial_to_bytes(poly):
- tmp = int(bin(poly.integer_representation())[2:].zfill(128)[::-1], 2)
- return tmp.to_bytes((tmp.bit_length()+7)//8,'big')
- def convert_to_blocks(ciphertext):
- return [ciphertext[i:i + 16] for i in range(0 , len(ciphertext), 16)]
- def handle_client(sock):
- global x
- try:
- ## https://github.com/ashutosh1206/Crypton/tree/master/Authenticated-Encryption/AES-GCM/Attack-Forbidden
- ## https://meowmeowxw.gitlab.io/ctf/utctf-2020-crypto/
- t = Telnet()
- t.sock=sock
- ## forbindden attack
- F, a = GF(2 ** 128 , name="a", modulus=x**128 + x**7 + x**2 + x + 1 ).objgen()
- R, x = PolynomialRing(F, name="x").objgen()
- resp = t.read_until(b'\n');print(resp)
- resp = bytes.fromhex(resp[:-1].decode())
- C1,T1 = convert_to_blocks(resp[12:-16]),resp[-16:]
- resp = t.read_until(b'\n');print(resp)
- resp = bytes.fromhex(resp[:-1].decode())
- C2,T2 = convert_to_blocks(resp[12:-16]),resp[-16:]
- resp = t.read_until(b'\n');print(resp)
- resp = bytes.fromhex(resp[:-1].decode())
- C3 = convert_to_blocks(resp)
- L = (len(C1) * 8).to_bytes(16,'big')
- C1_p = [bytes_to_polynomial(C1[i], a) for i in range(len(C1))]
- C2_p = [bytes_to_polynomial(C2[i], a) for i in range(len(C2))]
- C3_p = [bytes_to_polynomial(C3[i], a) for i in range(len(C3))]
- T1_p = bytes_to_polynomial(T1, a)
- T2_p = bytes_to_polynomial(T2, a)
- L_p = bytes_to_polynomial(L, a)
- G_1 = (C1_p[0] * x**3) + (C1_p[1] * x**2) + (L_p * x) + T1_p
- G_2 = (C2_p[0] * x**3) + (C2_p[1] * x**2) + (L_p * x) + T2_p
- G_3 = (C3_p[0] * x**3) + (C3_p[1] * x**2) + (L_p * x)
- P = G_1 + G_2
- auth_keys = [r for r, _ in P.roots()]
- for H, _ in P.roots():
- EJ = G_1(H)
- T3 = G_3(H) + EJ
- t.write(f"{polynomial_to_bytes(T3).hex()}\n".encode())
- except Exception as E:
- print(E)
- sock.send(f"{E}\n".encode())
- pass
- sock.close()
- if __name__=='__main__':
- executor = concurrent.futures.ThreadPoolExecutor(max_workers=10)
- with socket.socket(socket.AF_INET,socket.SOCK_STREAM) as s:
- print(f"START server {HOST}:{PORT}")
- s.bind((HOST,PORT))
- s.listen()
- while True:
- conn,addr = s.accept()
- print('Connected from',addr)
- try:
- set_future = executor.submit(handle_client,(conn))
- except Exception as E:
- print(f"[-]Error: {E}")
- pass
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement