Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #include <stdio.h>
- #include <string.h>
- #include <stdlib.h>
- //Proable holes can't work any out thought
- //GPL_3 3.142 linece
- main() {
- unsigned char bankpubkey[16] = {0x41,0x42,0x43,0x44,0x45,0x46,0x47,0x48,0x49,0x4a,0x4b};
- unsigned char clientpubkey[16] = {0x4b,0x4a,0x49,0x48,0x47,0x46,0x45,0x44,0x43,0x42,0x41};
- unsigned char mitmpubkey[16] = {0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c,0x0c};
- unsigned char bankrandkey[16] = {"EEEEEEEEEEE"};
- unsigned char clientrandkey[16] = {"FFFFFFFFF"}; //hidden
- unsigned char banknum=0;
- unsigned char clientnum=0;
- unsigned char bankoffset=0;
- unsigned char clientoffset=0;
- unsigned char banknum1=0;
- unsigned char clientnum1=0;
- unsigned char bankoffset1=0;
- unsigned char clientoffset1=0;
- unsigned int p=0,l=0,k=0,i=0;
- unsigned char bankhello[100] = {"Welecome enter transaction data"};
- unsigned char clienthello[100] = {"random stuff heloogsdfgjksfsdd"}; //need to be random strong
- unsigned char bankinv[100];
- unsigned char clientinv[100];
- memset(bankinv,0x00,sizeof(bankinv));
- memset(clientinv,0x00,sizeof(clientinv));
- unsigned char start=0x00;
- //work out hidden data
- //banks side
- //////////////////////////////////This is open later
- start=clientpubkey[0]; //multistring search....TODO[0]
- for(i=0;i<=0xff;i++) {
- start = (unsigned char)(start^i);
- if(start == bankrandkey[0]) { //multistring search....
- banknum = (unsigned char)(i);
- goto leave;
- }
- }
- leave:
- bankoffset = banknum^bankpubkey[0];
- printf("%2X:%2X\n",banknum^bankpubkey[0],clientpubkey[0]);
- printf("Bank send to client :%s:\n",bankhello);
- /////////////////////////////////////////////////////////////////////////////
- /////////////////////////////////////////Hidden, steps reversed for bank to check us
- //client side
- start=bankhello[0]; //multistring search....TODO[0]
- for(i=0;i<=0xff;i++) {
- start = (unsigned char)(start^i);
- if(start == clientrandkey[0]) { //multistring search....
- clientnum = (unsigned char)(i);
- goto leave1;
- }
- }
- leave1:
- clientoffset = clientnum^clientpubkey[0];
- for(p=0;p<strlen(bankhello);p++) {
- clienthello[p] = clienthello[p]^clientoffset; //need to be random
- }
- printf("Client sends with a hiddeen data :%s:\n",clienthello);
- ///////////////////////////////////////////////////////////////////////////////////////////
- printf("Data that is hidden and can decode string (C)%2X..(B)%2X\n",clientoffset,bankoffset);
- //////////////////////////////////thoery stuff
- for(p=0;p<strlen(clienthello);p++) {
- printf("%2X",(clienthello[p]^clientpubkey[p]));
- }
- printf("\n");
- for(p=0;p<strlen(clienthello);p++) {
- printf("%2X",(clienthello[p]^bankpubkey[p]));
- }
- printf("\n");
- for(p=0;p<strlen(clienthello);p++) {
- printf("%2X",clienthello[p]);
- }
- printf("\n");
- /////////////////////////////////////////////////////////////////////////////////////
- printf("One side takes the first step say bank\n");
- printf("Client your refence number is ref:%s: and this is what we recvied from you\n",bankrandkey);
- printf(":%s:\n",clienthello);
- printf("Client does what the bank did to find there hidden(saying) number\n");
- /*
- start=clientpubkey[0]; //multistring search....TODO[0]
- for(i=0;i<=0xff;i++) {
- start = (unsigned char)(start^i);
- if(start == bankrandkey[0]) { //multistring search....
- banknum = (unsigned char)(i);
- goto leave;
- }
- }
- leave:
- bankoffset = banknum^bankpubkey[0];
- */
- //////////////////////////////////This is open for anyone to see and workout
- start=clienthello[0]; //multistring search....TODO[0]
- for(i=0;i<=0xff;i++) {
- start = (unsigned char)(start^i);
- if(start == bankoffset) { //multistring search....
- clientnum1 = (unsigned char)(i);
- goto leave2;
- }
- }
- leave2:
- clientoffset1 = bankoffset^clientnum1;
- ///////////////////////////////////////////////////////////////////
- //hidden down on client
- printf("Data :%2X,%2X::%2X,%2X:\n",clientnum,clientoffset,clientnum1,clientoffset1);
- printf("Client works out match :%2X^%2X = %2X\n",(bankoffset^clientoffset),clientoffset,clientoffset^(bankoffset^clientoffset));
- printf("Client works out to see if mitm changed data to bank, it should fall if\n");
- printf("banks randomkey is different or they tryed to modify clienthello string\n");
- printf("or if the public keys (B)&(C) don't match\n");
- for(p=0;p<strlen(clienthello);p++) {
- clienthello[p] = clienthello[p]^clientoffset;
- }
- ///Hidden
- printf("Data :%s:\n",clienthello);
- ///
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement