Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #include <sys/socket.h>
- #include <sys/types.h>
- #include <netinet/in.h>
- #include <netdb.h>
- #include <stdio.h>
- #include <string.h>
- #include <stdlib.h>
- #include <unistd.h>
- #include <errno.h>
- #include <arpa/inet.h>
- #include <stdint.h>
- #include <inttypes.h>
- #include <chrono>
- #include <iostream>
- #include <sys/socket.h>
- #include <sys/types.h>
- #include <netinet/in.h>
- #include <netdb.h>
- #include <stdio.h>
- #include <string.h>
- #include <stdlib.h>
- #include <unistd.h>
- #include <errno.h>
- #include <arpa/inet.h>
- #include <stdint.h>
- #include <inttypes.h>
- #include <chrono>
- #include <iostream>
- #include <openssl/sha.h>
- void hexdump(uint8_t *p, int n) {
- while(n--){
- printf("0x%02x,",*p++);
- }
- printf("\n");
- }
- void timedump(int64_t *t, int n) {
- while(n--){
- printf("%ld,",*t++);
- }
- printf("\n");
- }
- class client {
- struct sockaddr_in serv_addr;
- int fd;
- public:
- client(char *host, int port, uint32_t indx) {
- memset(&serv_addr,'0',sizeof(serv_addr));
- fd = 0;
- struct hostent *he = gethostbyname(host);
- if(!he) {
- printf("err gethostbyname\n");
- return;
- }
- if((fd = socket(AF_INET, SOCK_STREAM, 0)) < 0){
- printf("err socket\n");
- return;
- }
- serv_addr.sin_family = AF_INET;
- serv_addr.sin_port = htons(port);
- memcpy(&serv_addr.sin_addr, he->h_addr_list[0], he->h_length);
- if(connect(fd, (struct sockaddr *)&serv_addr, sizeof(serv_addr)) < 0){
- printf("err connect\n");
- return;
- }
- write((uint8_t*)&indx, sizeof(indx));
- uint32_t clients = 0;
- read((uint8_t*)&clients, sizeof(clients));
- printf("connected clients: %d\n", clients);
- }
- ~client() {
- exit();
- }
- void exit() {
- close(fd);
- }
- void write(uint8_t *buf, unsigned size) {
- uint8_t *pos = buf;
- while(size>0) {
- int ret = ::write(fd,pos,size);
- if(ret<=0) {
- printf("err write\n");
- exit();
- return;
- }
- pos += ret;
- size -= ret;
- }
- }
- void read(uint8_t *buf, unsigned size) {
- uint8_t *pos = buf;
- while(size>0) {
- int ret = ::read(fd,pos,size);
- if(ret<=0) {
- printf("err read\n");
- exit();
- return;
- }
- pos += ret;
- size -= ret;
- }
- }
- void indx(uint32_t idx) {
- write((uint8_t*)&idx, sizeof(idx));
- }
- uint8_t test(uint8_t f, uint8_t *p, unsigned n) {
- //write(&f, sizeof(f));
- write(p, n);
- uint8_t b = 0;
- read (&b, sizeof(b));
- return b;
- }
- };
- #define CHCK(f) \
- do { \
- auto s = std::chrono::high_resolution_clock::now(); \
- uint8_t r = f; \
- auto e = std::chrono::high_resolution_clock::now(); \
- auto t = std::chrono::duration_cast<std::chrono::milliseconds>(e-s).count(); \
- printf("%s time: %ldms\n", ((r==1)?"pass":"fail"), t);\
- } while(0)
- #define CHCK_RT(f,t) \
- do { \
- auto s = std::chrono::high_resolution_clock::now(); \
- uint8_t r = f; \
- auto e = std::chrono::high_resolution_clock::now(); \
- t = std::chrono::duration_cast<std::chrono::milliseconds>(e-s).count(); \
- } while(0)
- void recurent_measure_time(client c,uint8_t *vector,int pos, int size, int64_t* result_time) {
- //int64_t result_time[256];
- uint8_t val = 0x00;
- int64_t time = 0;
- for(int i=0;i<256;i++,val++) {
- vector[pos] = val;
- CHCK_RT(c.test(0,vector,size),time);
- result_time[i] = time;
- }
- //return result_time;
- }
- uint8_t time_check(client &c, uint8_t *vector, int pos, int size, int64_t p_time, uint8_t init_val) {
- uint8_t result = 0;
- if(pos == size-1) {
- uint8_t val = 0x00;
- for(int i=0;i<256;i++,val++) {
- vector[pos] = val;
- result = c.test(1,vector,size);
- if(result) {
- printf("PASS: ");
- hexdump(vector,size);
- return result;
- }
- }
- vector[pos] = 0x00;
- } else {
- uint8_t val = 0x00;
- if(pos == 1) {
- val = init_val;
- }
- int64_t time = 0;
- int64_t max_time = p_time;
- uint8_t max_val = val;
- for(int i=0;i<256;i++,val++) {
- vector[pos] = val;
- CHCK_RT(c.test(1,vector,size),time);
- if(time > max_time) {
- max_val = val;
- max_time = time;
- }
- }
- vector[pos] = max_val;
- for(int k=0;k<pos-1;k++) {
- printf("\t");
- }
- printf("T: %ld ",max_time);
- hexdump(vector,size);
- result = time_check(c,vector,pos+1,size,max_time,0x00);
- if(result) {
- return result;
- }
- }
- return 0;
- }
- uint8_t time_check_increase(client &c, uint8_t *p, int pos, int size, int64_t mean) {
- uint8_t result = 0;
- if(pos == size-1) {
- uint8_t val = 0x00;
- for(int i=0;i<256;i++,val++) {
- p[pos] = val;
- result = c.test(3,p,size);
- if(result) {
- printf("PASS: ");hexdump(p,size);
- return result;
- }
- }
- p[pos] = 0x00;
- } else {
- if(mean == 0) {
- uint8_t val = 0x00;
- int64_t total_time = 0;
- for(int i=0;i<256;i++,val++){
- int64_t t;
- p[pos] = val;
- CHCK_RT(c.test(0,p,size),t);
- total_time += t;
- }
- mean = (int64_t)total_time/256;
- }
- p[pos] = 0x00;
- printf("%d m: %ld\n",pos,mean);
- int64_t mean_times[256];
- int64_t max_mean = 0;
- int max_pos = 0;
- uint8_t val0 = 0x00;
- for(int i=0;i<256;i++,val0++) {
- int64_t mean0 = 0;
- uint8_t val1 = 0x00;
- int64_t ttime0 = 0;
- p[pos] = val0;
- for(int j=0; j<256;j++,val1++) {
- p[pos+1] = val1;
- int64_t t1;
- CHCK_RT(c.test(0,p,size),t1);
- ttime0 += t1;
- }
- mean_times[i] = (int64_t)ttime0/256;
- if(mean_times[i] > max_mean) {
- max_mean = mean_times[i];
- max_pos = i;
- }
- p[pos+1] = 0x00;
- int k = pos-1;
- while(k--) {
- printf("\t");
- }
- printf("%d - done max_mean: %ld max_pos: 0x%02x\t",i,max_mean,max_pos);hexdump(p,size);
- if(max_mean >= mean) {
- p[pos+1] = 0x00;
- result = time_check_increase(c,p,pos+1,size,max_mean);
- if(result) {
- return result;
- }
- }
- }
- //int64_t max_mean = 0;
- //int max_pos = 0;
- //for(int i=0;i<256;i++){
- // printf("0x%02x: %ld %ld\n",i,mean,mean_times[i]);
- // if(mean_times[i] > max_mean) {
- // max_mean = mean_times[i];
- // max_pos = i;
- // }
- //}
- printf("MAX : 0x%02x %ld\n",max_pos,max_mean);
- return 0;
- }
- return 0;
- }
- uint8_t time_check_mean(client &c, uint8_t *p, int pos, int size, int64_t mean) {
- uint8_t result = 0;
- if(pos == size-1) {
- uint8_t val = 0x00;
- for(int i=0;i<256;i++,val++) {
- p[pos] = val;
- result = c.test(1,p,size);
- if(result) {
- printf("PASS: "); hexdump(p,size);
- return result;
- }
- }
- p[pos] = 0x00;
- } else {
- if(mean == 0) {
- uint8_t val = 0x00;
- int64_t total_time = 0;
- for(int i=0;i<256;i++,val++){
- int64_t t;
- p[pos] = val;
- CHCK_RT(c.test(0,p,size),t);
- total_time += t;
- }
- mean = (int64_t)total_time/256;
- }
- p[pos] = 0x00;
- printf("%d m: %ld\n",pos,mean);
- int64_t mean_times[256];
- int64_t max_mean = 0;
- int max_pos = 0;
- uint8_t val0 = 0x00;
- for(int i=0;i<256;i++,val0++) {
- int64_t mean0 = 0;
- uint8_t val1 = 0x00;
- int64_t ttime0 = 0;
- p[pos] = val0;
- for(int j=0; j<256;j++,val1++) {
- p[pos+1] = val1;
- int64_t t1;
- CHCK_RT(c.test(0,p,size),t1);
- ttime0 += t1;
- }
- mean_times[i] = (int64_t)ttime0/256;
- if(mean_times[i] > max_mean) {
- max_mean = mean_times[i];
- max_pos = i;
- }
- p[pos+1] = 0x00;
- int k = pos-1;
- while(k--) {
- printf("\t");
- }
- printf("%d - done max_mean: %ld max_pos: 0x%02x\t",i,max_mean,max_pos);hexdump(p,size);
- if(max_mean >= mean+4) {
- p[pos+1] = 0x00;
- result = time_check_mean(c,p,pos+1,size,max_mean);
- if(result) {
- return result;
- }
- }
- }
- //int64_t max_mean = 0;
- //int max_pos = 0;
- //for(int i=0;i<256;i++){
- // printf("0x%02x: %ld %ld\n",i,mean,mean_times[i]);
- // if(mean_times[i] > max_mean) {
- // max_mean = mean_times[i];
- // max_pos = i;
- // }
- //}
- printf("MAX : 0x%02x %ld\n",max_pos,max_mean);
- return 0;
- }
- }
- void harder_time_check(client &c, uint8_t *p, int pos, int size) {
- uint8_t val = 0x00;
- int n = 1;
- int64_t times[n];
- for(int i=0;i<256;i++,val++){
- p[pos] = val;
- CHCK(c.test(0,p,size));hexdump(p,size);
- //usleep(10000000);
- /*for(int j=0;j<n;j++) {
- CHCK_RT(c.test(0,p,size),times[j]);
- }
- printf("0x%02x:",val);timedump(times,n);
- */
- }
- }
- int main(int argc, char *argv[]) {
- char serv[] = "target.myrelabs.com";
- char *host = serv;
- int port = 7777;
- /*if(argc > 1) {
- host = argv[1];
- }
- if(argc > 2){
- port = atoi(argv[2]);
- }*/
- printf("host:%s\n",host);
- printf("port:%d\n",port);
- /* your index number goes here */
- //uint32_t indx = 0xffffffff;
- uint32_t indx = 0x00221449;
- client c(host,port,indx);
- uint8_t px0[] = {0x00,0x70,0x8b,0xa1,0x4f,0x6b,0x17,0x70,0xa6};
- uint8_t px1[] = {0x01,0x9c,0x47,0x6b,0xfb,0x25,0x37,0x1b,0x37};
- uint8_t px2[] = {0x02,0x70,0x8b,0xa1,0x4f,0x6b,0x17,0x70,0xa6};
- uint8_t px3[] = {0x03,0x04,0x41,0x79,0xe4,0xc4,0x05,0xba,0xe1};
- uint8_t p0[] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
- uint8_t p1[] = {0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
- uint8_t p2[] = {0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
- uint8_t p3[] = {0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
- unsigned n = sizeof(p1);
- /* Submit result of this as list solution: */
- printf("index:0x%08x{\n",indx);
- printf(" p0:");hexdump(px0,n);
- printf(" p1:");hexdump(px1,n);
- printf(" p2:");hexdump(px2,n);
- printf(" p3:");hexdump(px3,n);
- printf("}\n");
- CHCK(c.test(0,px0,n));
- CHCK(c.test(1,px1,n));
- CHCK(c.test(2,px2,n));
- CHCK(c.test(3,px3,n));
- //
- //
- //
- printf("\n");
- uint8_t init_val = 0x00;
- if(argc > 1) {
- printf("INIT VAL\n");
- for(int i=0; i < argc;i++) {
- printf("%s\n",argv[i]);
- }
- init_val = atoi(argv[1]);
- printf("VAL: 0x%02x\n",init_val);
- }
- uint8_t val = 0x00;
- for(int i=0;i<256;i++,val++) {
- int64_t times[4];
- p0[1] = val;
- p1[1] = val;
- p2[1] = val;
- p3[1] = val;
- CHCK_RT(c.test(0,p0,n),times[0]);
- CHCK_RT(c.test(1,p1,n),times[1]);
- CHCK_RT(c.test(2,p2,n),times[2]);
- CHCK_RT(c.test(3,p3,n),times[3]);
- printf("0x%02x: ",val); timedump(times,4);
- }
- char salt[] = "safesalt";
- SHA_CTX ctx;
- unsigned char ps3[SHA_DIGEST_LENGTH] = {'p','1'};
- SHA1_Init(&ctx);
- SHA1_Update(&ctx, (char *)&indx, sizeof(indx));
- SHA1_Update(&ctx, &ps3, sizeof(ps3));
- SHA1_Final(ps3,&ctx);
- hexdump(ps3,SHA_DIGEST_LENGTH);
- //int64_t time = 0;
- //CHCK_RT(c.test(0,p3,n),time);
- //time_check(c,p3,1,n,0,init_val);
- //time_check_mean(c,p2,5,n,0);
- //time_check_increase(c,p3,1,n,0);
- //harder_time_check(c,p1,1,n);
- /*int64_t times[256][8];
- uint8_t val = 0x00;
- for(int i=0;i<256;i++,val++) {
- for(int j = 1;j<9;j++) {
- p3[j] = val;
- int64_t time1 = 0;
- int r = 30;
- int64_t t =0;
- while(r--) {
- CHCK_RT(c.test(0,p3,n),t);
- times[i][j-1] += t;
- }
- p3[j] = 0x00;
- }
- printf("0x%02x :",val);timedump(times[i],8);
- }*/
- return 0;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement