From 914fd08d3b9011e77cbaa4dc2f1621f9adfde861 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Torma=20Krist=C3=B3f?= Date: Fri, 1 May 2020 20:56:02 +0200 Subject: [PATCH] got the flag --- __pycache__/hashcash.cpython-38.pyc | Bin 0 -> 2429 bytes hashcash.py | 69 ++++++++++------------------ netsec.py | 14 ++++-- 3 files changed, 36 insertions(+), 47 deletions(-) create mode 100644 __pycache__/hashcash.cpython-38.pyc diff --git a/__pycache__/hashcash.cpython-38.pyc b/__pycache__/hashcash.cpython-38.pyc new file mode 100644 index 0000000000000000000000000000000000000000..7c2f45b765fee4982f8a85cb7cac77c6e30651c9 GIT binary patch literal 2429 zcmcIl-EZ7P5Z|@;e7?&iP0}=9Enq&<^k|yo($W?b+M*Uz9vYA;Dq#dCpJ$UhVxN<> zuMMgFLL%Nk;=K=-$4dM~`^r-ud5y%!%w7}PQX%ocT05Sd8GC1Eelz>U@Nkvkh@xM< z8F3l=l@`yBFwZ^7H}&XZBUCWqzF9`{GU@=w8>KMLplF*z z_!F=q&!CK?7oP}NfJ^%&e-bV~la9k8N|#_6rBl$j&+1opSE~0C=ta`Y5^qCxr3y0X z1zqqS22lrSaW_cYw{d!D7Q|cWV%2xIR4+|s6dh8e>s*Vp9W?Om(g#^5mdKYC{-x8+ zNFB;f6k_~OhJ~EKc^hXsfn#jWpjbv5dwS(wCIH->35+SOqeQ?$}N z(0up5dp7W+OwLq@oVcZGw4`5;;5^w(^N%$5|CfDEy|@oX>HQ;q@rYkK;!D0*#$jlK zXv6Rg;u}WZST?+oHyRBsP>eQ6QI1N(lYPV3BQ?B{qkVl;jpO#3H#A?-{Icd(G=ER? ztD0Za{JJ`gN=1Rtyrp@lIcP35Uq9@l?2tUKTe@Umr5z=+p6b33BSK6Gr$NayG8xNw z&iWSc1FYd0tiPP?S%_nM?TCMHNcMGGyT{PgHsTLA*ory`Lp6`;mr|wOPTDl)7g3oK zEE!jeNRLXrZ2i*py3nO=tCOYXYwgNzm>{Y*)CIH&ZL)thu=)HA>7Q_sqr02fcksiFHf_Z18adg3Q=iocjfay1+h184m9t@y)^S$ z((80Rtkn(aeYL#cHLfn#7ra(4^E#>bxKI?+Lpqy!7fIdKZrtfMDI&-PI|HuzAc%VM zW2F+Mopmb7OfAqi6j1G$ph@jOXG5l0-Brt^GwEoM0q^KimSjPs`I_%g^-9ncCF7ve z1*u-jnW9uJ;Y??dFh0shEWrh@@o~#VT1D#e3Cq~kh1pEIN~TFqg;LRu|IFSHN~wws z)D$wn3(OVfhxPdZK@PK0l)x?=u=|(+DDAUMfCJ^hMS$8eIE4$WsN@x3o384D+sBON z?txWQGbd+xHMgMhqpcvX7M1O8?gGb5y4$OH1v6A#Gcn$+&3!o+&%xZ?xqEZ>HG82X zD4^tLO4CDvZF8F1X2yXL!ltnxX4nJ9**5x2rD0NN{=A08QKh!r4BLT9748jA;+oaRgB?Ccq6>SEI8ycYGLlPL2*bk-Bf{^E%d!~th(6-#k zw4gKTa+vhG8QNegNqbTD>Uux++$8!O{+t=`j39t!xj-HvWYNm9s+PKk`ZYWO!R`1p zt;@|OBw@3utIcN6%i4)TzD&4{IxU0wXJ;k9l6Vkjfkn|))Xvl=NVJ_OP&bkDUCKr? z4z{#SiMT~3mx){2{ll`|-$lvd|N8vqjJXyCN!X)ea^f#yx)aa< literal 0 HcmV?d00001 diff --git a/hashcash.py b/hashcash.py index 73b8c18..b0af2eb 100644 --- a/hashcash.py +++ b/hashcash.py @@ -15,24 +15,22 @@ rand_chars = ([chr(x) for x in range(ord('a'), ord('z'))] + [chr(x) for x in range(ord('0'), ord('9'))] + ['+', '-', '/']) - -char_map = {'0' : '0000', - '1' : '0001', - '2' : '0010', - '3' : '0011', - '4' : '0100', - '5' : '0101', - '6' : '0110', - '7' : '0111', - '8' : '1000', - '9' : '1001', - 'a' : '1010', - 'b' : '1011', - 'c' : '1100', - 'd' : '1101', - 'e' : '1110', - 'f' : '1111'} - +char_map = {'0': '0000', + '1': '0001', + '2': '0010', + '3': '0011', + '4': '0100', + '5': '0101', + '6': '0110', + '7': '0111', + '8': '1000', + '9': '1001', + 'a': '1010', + 'b': '1011', + 'c': '1100', + 'd': '1101', + 'e': '1110', + 'f': '1111'} rc_len = len(rand_chars) @@ -41,16 +39,18 @@ min_bits = 0 max_bits = 160 default_bits = 15 -def is_valid(stamp : str) -> bool: + +def is_valid(stamp: str) -> bool: return validate(int(stamp.split(':')[1]), stamp) -def validate(nbits : int, stamp : str, encoding : str ='utf-8') -> bool: + +def validate(nbits: int, stamp: str, encoding: str = 'utf-8') -> bool: if nbits < min_bits or nbits > max_bits: raise ValueError("Param 'nbits' must be in range [0, 160), but is {}".format(nbits)) i = 0 total = 0 - N = int(nbits/8) + N = int(nbits / 8) hashed = sha1(stamp.encode(encoding)).digest() while i < N: @@ -63,19 +63,19 @@ def validate(nbits : int, stamp : str, encoding : str ='utf-8') -> bool: return total == 0 -def generate(nbits : int, resource : str, encoding : str ='utf-8') -> str: + +def generate(nbits: int, resource: str, encoding: str = 'utf-8') -> str: # ver:bits:date:resource:[ext]:rand:counter ver = 1 bits = nbits date_str = datetime.utcnow().strftime("%Y%m%d%H%M%S") ext = '' - rand = ''.join(rand_chars[randint(0, rc_len-1)] for x in range(0, 10)) + rand = ''.join(rand_chars[randint(0, rc_len - 1)] for x in range(0, 10)) counter = 0 result = None while result is None: - #stamp = ":".join(str(elem) for elem in [ver, bits, date_str, resource, ext, rand, counter]) - stamp = "{}{}".format(resource,counter) + stamp = "{}{}".format(resource, counter) if validate(nbits, stamp, encoding=encoding): result = stamp @@ -84,22 +84,3 @@ def generate(nbits : int, resource : str, encoding : str ='utf-8') -> str: counter += 1 return result - - -if __name__ == "__main__": - - from argparse import ArgumentParser - parser = ArgumentParser() - - parser.add_argument("NBITS", type=int, default=default_bits, help="Number of leading zeroes in a stamp", choices=range(max_bits+1)) - parser.add_argument("RESOURCE", help="The resource string to use in the stamp. Ex: email address, ip address, etc") - parser.add_argument('-v', '--validate', action='store_true', help="Validate RESOURCE as a HashCash stamp") - - args = parser.parse_args() - - func = generate - - if args.validate: - func = validate - - print(func(args.NBITS, args.RESOURCE)) \ No newline at end of file diff --git a/netsec.py b/netsec.py index f809fbd..6f111de 100644 --- a/netsec.py +++ b/netsec.py @@ -6,6 +6,7 @@ import socket import hashlib import requests import sympy +import hashcash """ requirements: sympy @@ -54,6 +55,11 @@ def sha1_magic(s, last_solution): print(digest) s.send(digest.encode()) print(s.recv(1024).decode()) + newstring = hashcash.generate(16, 'Y8O353{}'.format(last_solution)) + print(s.recv(1024).decode()) + print(newstring) + s.send(newstring.encode()) + print(s.recv(1024).decode()) def http_comm(): @@ -69,7 +75,7 @@ def http_comm(): def https_comm(): sess = requests.Session() url = "https://152.66.249.144/" - flag = sess.get(url, cert=("/tmp/clientcert.pem", "/tmp/clientkey.pem"), verify=False) + flag = sess.get(url, cert=("/tmp/clientcert.pem", "/tmp/clientkey.pem"), verify=False, headers={'User-Agent': 'CrySyS'}) print(flag.content) @@ -90,7 +96,7 @@ def numbre_crunch(s): solution = sympy.sympify(problem_statement_for.split('.')[1].split('=')[0]) print(solution) s.send(str(solution).encode()) - last_solution=solution + last_solution = solution return last_solution @@ -99,4 +105,6 @@ if __name__ == '__main__': knock() server_communicate() http_comm() - #https_comm() + https_comm() + +# FLAG: YouCanHandleNetworking-Y8O353-1d66de