ghost423543

sage_service

Nov 28th, 2020 (edited)
1,041
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/usr/bin/env sage
  2. ## sage -python /path/to/my/script.py
  3. ## Service sage
  4. from sage.all_cmdline import *
  5. from sage.all import *
  6. import socket
  7. from telnetlib import Telnet
  8. import concurrent.futures
  9.  
  10. HOST,PORT = '127.0.0.1',65535
  11.  
  12. def bytes_to_polynomial(block, a):
  13.     bin_block = bin(int.from_bytes(block,'big'))[2:].zfill(128)
  14.     return sum(a**i * int(bin_block[i]) for i in range(len(bin_block)))
  15.  
  16. def polynomial_to_bytes(poly):
  17.     tmp = int(bin(poly.integer_representation())[2:].zfill(128)[::-1], 2)
  18.     return tmp.to_bytes((tmp.bit_length()+7)//8,'big')
  19.  
  20. def convert_to_blocks(ciphertext):
  21.     return [ciphertext[i:i + 16] for i in range(0 , len(ciphertext), 16)]
  22.  
  23. def handle_client(sock):
  24.     global x
  25.     try:   
  26.         ## https://github.com/ashutosh1206/Crypton/tree/master/Authenticated-Encryption/AES-GCM/Attack-Forbidden
  27.         ## https://meowmeowxw.gitlab.io/ctf/utctf-2020-crypto/
  28.  
  29.         t = Telnet()
  30.         t.sock=sock
  31.         ## forbindden attack
  32.         F, a = GF(2 ** 128 , name="a", modulus=x**128  + x**7  + x**2  + x + 1 ).objgen()
  33.         R, x = PolynomialRing(F, name="x").objgen()
  34.  
  35.         resp = t.read_until(b'\n');print(resp)
  36.         resp = bytes.fromhex(resp[:-1].decode())
  37.         C1,T1 = convert_to_blocks(resp[12:-16]),resp[-16:]
  38.        
  39.         resp = t.read_until(b'\n');print(resp)
  40.         resp = bytes.fromhex(resp[:-1].decode())
  41.         C2,T2 = convert_to_blocks(resp[12:-16]),resp[-16:]
  42.        
  43.         resp = t.read_until(b'\n');print(resp)
  44.         resp = bytes.fromhex(resp[:-1].decode())
  45.         C3 = convert_to_blocks(resp)
  46.        
  47.         L = (len(C1) * 8).to_bytes(16,'big')
  48.         C1_p = [bytes_to_polynomial(C1[i], a) for i in range(len(C1))]
  49.         C2_p = [bytes_to_polynomial(C2[i], a) for i in range(len(C2))]
  50.         C3_p = [bytes_to_polynomial(C3[i], a) for i in range(len(C3))]
  51.         T1_p = bytes_to_polynomial(T1, a)
  52.         T2_p = bytes_to_polynomial(T2, a)
  53.         L_p = bytes_to_polynomial(L, a)
  54.        
  55.         G_1 = (C1_p[0] * x**3) + (C1_p[1] * x**2) + (L_p * x) + T1_p
  56.         G_2 = (C2_p[0] * x**3) + (C2_p[1] * x**2) + (L_p * x) + T2_p
  57.         G_3 = (C3_p[0] * x**3) + (C3_p[1] * x**2) + (L_p * x)
  58.         P = G_1 + G_2
  59.         auth_keys = [r for r, _ in P.roots()]
  60.         for H, _ in P.roots():
  61.             EJ = G_1(H)
  62.             T3 = G_3(H) + EJ
  63.             t.write(f"{polynomial_to_bytes(T3).hex()}\n".encode())
  64.        
  65.     except Exception as E:
  66.         print(E)
  67.         sock.send(f"{E}\n".encode())
  68.         pass
  69.     sock.close()
  70.  
  71. if __name__=='__main__':
  72.     executor = concurrent.futures.ThreadPoolExecutor(max_workers=10)
  73.     with socket.socket(socket.AF_INET,socket.SOCK_STREAM) as s:
  74.         print(f"START server {HOST}:{PORT}")
  75.         s.bind((HOST,PORT))
  76.         s.listen()
  77.         while True:
  78.             conn,addr = s.accept()
  79.             print('Connected from',addr)
  80.             try:
  81.                 set_future = executor.submit(handle_client,(conn))
  82.             except Exception as E:
  83.                 print(f"[-]Error: {E}")
  84.                 pass
  85.  
RAW Paste Data