API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 20th, 2011
284
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.37 KB | None | 0 0
raw download clone embed print report
  1. #include <stdio.h>
  2. #include <string.h>
  3. #include <stdlib.h>
  4.  
  5.  
  6. //Proable holes can't work any out thought
  7. //GPL_3 3.142 linece
  8.  
  9.  
  10. main() {
  11.  
  12. unsigned char bankpubkey[16] = {0x41,0x42,0x43,0x44,0x45,0x46,0x47,0x48,0x49,0x4a,0x4b};
  13. unsigned char clientpubkey[16] = {0x4b,0x4a,0x49,0x48,0x47,0x46,0x45,0x44,0x43,0x42,0x41};
  14. unsigned char mitmpubkey[16] = {0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c};
  15.  
  16. unsigned char bankrandkey[16] = {"EEEEEEEEEEE"};
  17. unsigned char clientrandkey[16] = {"FFFFFFFFF"}; //hidden
  18.  
  19. unsigned char banknum=0;
  20. unsigned char clientnum=0;
  21. unsigned char bankoffset=0;
  22. unsigned char clientoffset=0;
  23.  
  24. unsigned char banknum1=0;
  25. unsigned char clientnum1=0;
  26. unsigned char bankoffset1=0;
  27. unsigned char clientoffset1=0;
  28.  
  29.  
  30.  
  31. unsigned int p=0,l=0,k=0,i=0;
  32.  
  33. unsigned char bankhello[100] = {"Welecome enter transaction data"};
  34. unsigned char clienthello[100] = {"random stuff heloogsdfgjksfsdd"}; //need to be random strong
  35.  
  36. unsigned char bankinv[100];
  37. unsigned char clientinv[100];
  38.  
  39. memset(bankinv,0x00,sizeof(bankinv));
  40. memset(clientinv,0x00,sizeof(clientinv));
  41.  
  42.  
  43.  
  44. unsigned char start=0x00;
  45.  
  46. //work out hidden data
  47. //banks side
  48. //////////////////////////////////This is open later
  49. start=clientpubkey[0]; //multistring search....TODO[0]
  50. for(i=0;i<=0xff;i++) {
  51. start = (unsigned char)(start^i);
  52. if(start == bankrandkey[0]) { //multistring search....
  53. banknum = (unsigned char)(i);
  54. goto leave;
  55. }
  56. }
  57. leave:
  58. bankoffset = banknum^bankpubkey[0];
  59.  
  60.  
  61. printf("%2X:%2X\n",banknum^bankpubkey[0],clientpubkey[0]);
  62. printf("Bank send to client :%s:\n",bankhello);
  63. /////////////////////////////////////////////////////////////////////////////
  64.  
  65. /////////////////////////////////////////Hidden, steps reversed for bank to check us
  66. //client side
  67. start=bankhello[0]; //multistring search....TODO[0]
  68. for(i=0;i<=0xff;i++) {
  69. start = (unsigned char)(start^i);
  70. if(start == clientrandkey[0]) { //multistring search....
  71. clientnum = (unsigned char)(i);
  72. goto leave1;
  73. }
  74. }
  75. leave1:
  76. clientoffset = clientnum^clientpubkey[0];
  77. for(p=0;p<strlen(bankhello);p++) {
  78. clienthello[p] = clienthello[p]^clientoffset; //need to be random
  79. }
  80. printf("Client sends with a hiddeen data :%s:\n",clienthello);
  81. ///////////////////////////////////////////////////////////////////////////////////////////
  82.  
  83. printf("Data that is hidden and can decode string (C)%2X..(B)%2X\n",clientoffset,bankoffset);
  84.  
  85. //////////////////////////////////thoery stuff
  86. for(p=0;p<strlen(clienthello);p++) {
  87. printf("%2X",(clienthello[p]^clientpubkey[p]));
  88. }
  89. printf("\n");
  90. for(p=0;p<strlen(clienthello);p++) {
  91. printf("%2X",(clienthello[p]^bankpubkey[p]));
  92. }
  93. printf("\n");
  94. for(p=0;p<strlen(clienthello);p++) {
  95. printf("%2X",clienthello[p]);
  96. }
  97. printf("\n");
  98. /////////////////////////////////////////////////////////////////////////////////////
  99. printf("One side takes the first step say bank\n");
  100. printf("Client your refence number is ref:%s: and this is what we recvied from you\n",bankrandkey);
  101. printf(":%s:\n",clienthello);
  102. printf("Client does what the bank did to find there hidden(saying) number\n");
  103. /*
  104. start=clientpubkey[0]; //multistring search....TODO[0]
  105. for(i=0;i<=0xff;i++) {
  106. start = (unsigned char)(start^i);
  107. if(start == bankrandkey[0]) { //multistring search....
  108. banknum = (unsigned char)(i);
  109. goto leave;
  110. }
  111. }
  112. leave:
  113. bankoffset = banknum^bankpubkey[0];
  114. */
  115. //////////////////////////////////This is open for anyone to see and workout
  116. start=clienthello[0]; //multistring search....TODO[0]
  117. for(i=0;i<=0xff;i++) {
  118. start = (unsigned char)(start^i);
  119. if(start == bankoffset) { //multistring search....
  120. clientnum1 = (unsigned char)(i);
  121. goto leave2;
  122. }
  123. }
  124. leave2:
  125. clientoffset1 = bankoffset^clientnum1;
  126. ///////////////////////////////////////////////////////////////////
  127. //hidden down on client
  128. printf("Data :%2X,%2X::%2X,%2X:\n",clientnum,clientoffset,clientnum1,clientoffset1);
  129. printf("Client works out match :%2X^%2X = %2X\n",(bankoffset^clientoffset),clientoffset,clientoffset^(bankoffset^clientoffset));
  130.  
  131. printf("Client works out to see if mitm changed data to bank, it should fall if\n");
  132. printf("banks randomkey is different or they tryed to modify clienthello string\n");
  133. printf("or if the public keys (B)&(C) don't match\n");
  134.  
  135. for(p=0;p<strlen(clienthello);p++) {
  136. clienthello[p] = clienthello[p]^clientoffset;
  137. }
  138. ///Hidden
  139. printf("Data :%s:\n",clienthello);
  140. ///
  141.  
  142. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!