forked from akalin/cryptopals-python3
-
Notifications
You must be signed in to change notification settings - Fork 0
/
challenge35_attacker.py
117 lines (87 loc) · 3.17 KB
/
challenge35_attacker.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
import challenge34_util
import socket
import socketserver
import sys
targethost = ''
targetport = 0
targetg = 0
class AttackerTCPHandler(socketserver.StreamRequestHandler):
def handle(self):
global targethost
global targetport
global targetg
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
try:
sock.connect((targethost, targetport))
serverutil = challenge34_util.Util(sock)
clientutil = challenge34_util.Util(self)
print('C->A: reading p...')
p = clientutil.readnum()
print('C->A: reading g...')
g = clientutil.readnum()
print('A->S: writing p...')
serverutil.writenum(p)
if targetg > 0:
fakeg = 1
elif targetg < 0:
fakeg = p - 1
else:
fakeg = p
print('A->S: writing fake g...')
serverutil.writenum(fakeg)
print('S->A: reading p...')
serverutil.readnum()
print('S->A: reading g...')
serverutil.readnum()
print('A->C: writing p...')
clientutil.writenum(p)
print('A->C: writing fake g...')
clientutil.writenum(fakeg)
print('C->A: reading A...')
A = clientutil.readnum()
print('A->S: writing A...')
serverutil.writenum(A)
print('S->A: reading B...')
B = serverutil.readnum()
print('A->C: writing B...')
clientutil.writenum(B)
print('C->A: reading encrypted message...')
encryptedMessage = clientutil.readbytes()
print('A->S: writing encrypted message...')
serverutil.writebytes(encryptedMessage)
print('C->A: reading iv...')
iv = clientutil.readbytes()
print('A->S: writing iv...')
serverutil.writebytes(iv)
print('S->A: reading encrypted message...')
encryptedMessage2 = serverutil.readbytes()
print('A->C: writing encrypted message...')
clientutil.writebytes(encryptedMessage2)
print('S->A: reading iv...')
iv2 = serverutil.readbytes()
print('A->C: writing iv...')
clientutil.writebytes(iv2)
if targetg > 0:
s = 1
elif targetg < 0:
if A == p - 1 and B == p - 1:
s = p - 1
else:
s = 1
else:
s = 0
key = serverutil.derivekey(s)
message = serverutil.decrypt(key, iv, encryptedMessage)
print('A: message: ' + message)
finally:
sock.close()
if __name__ == "__main__":
host = sys.argv[1]
port = int(sys.argv[2])
targethost = sys.argv[3]
targetport = int(sys.argv[4])
targetg = int(sys.argv[5])
print('listening on ' + host + ':' + str(port) + ', attacking ' + targethost + ':' + str(targetport))
socketserver.TCPServer.allow_reuse_address = True
server = socketserver.TCPServer((host, port), AttackerTCPHandler)
server.serve_forever()