Day 23
This commit is contained in:
parent
45862b6590
commit
18c8bd9075
BIN
Day 23/Santa-data.zip
Normal file
BIN
Day 23/Santa-data.zip
Normal file
Binary file not shown.
62
Day 23/decode.php
Normal file
62
Day 23/decode.php
Normal file
@ -0,0 +1,62 @@
|
|||||||
|
#!/usr/bin/php
|
||||||
|
<?php
|
||||||
|
|
||||||
|
if(count($argv) < 4) {
|
||||||
|
die("Wrong Usage: " . $argv[0] . " <proc num> <start> <end>");
|
||||||
|
}
|
||||||
|
|
||||||
|
$PROC_NUM = $argv[1];
|
||||||
|
|
||||||
|
if(!is_numeric($argv[2])) {
|
||||||
|
die("NaN: start");
|
||||||
|
}
|
||||||
|
|
||||||
|
if(!is_numeric($argv[3])) {
|
||||||
|
die("NaN: end");
|
||||||
|
}
|
||||||
|
|
||||||
|
$start = intval($argv[2]);
|
||||||
|
$end = intval($argv[3]);
|
||||||
|
|
||||||
|
if($end < $start) {
|
||||||
|
die("Invalid interval: end < start");
|
||||||
|
}
|
||||||
|
|
||||||
|
$charset = 'abcdefghijkmpqrstuvwxyzABCDEFGHJKLMPQRSTUVWXYZ23456789';
|
||||||
|
$zip = new ZipArchive();
|
||||||
|
$zip_status = $zip->open("Santa-data.zip");
|
||||||
|
if ($zip_status !== true) {
|
||||||
|
die("Could not open zip file");
|
||||||
|
}
|
||||||
|
|
||||||
|
for($t = $start; $t <= $end; $t++) {
|
||||||
|
|
||||||
|
srand($t);
|
||||||
|
$rand_str = "";
|
||||||
|
|
||||||
|
// if(($t-$start) % 10000000 == 0) {
|
||||||
|
// $progress = (($t-$start) / ($end - $start)) * 100;
|
||||||
|
// print("[$PROC_NUM] Progress: $progress%\n");
|
||||||
|
// }
|
||||||
|
|
||||||
|
for($j = 0; $j < 12; $j++) {
|
||||||
|
$rand_key = rand(0, 54 - 1);
|
||||||
|
$rand_str .= $charset[$rand_key];
|
||||||
|
}
|
||||||
|
|
||||||
|
// stdout for john
|
||||||
|
// if(strcmp($rand_str, "Kwmq3Sqmc5sA") == 0) {
|
||||||
|
// die("Done: $t\n");
|
||||||
|
// }
|
||||||
|
|
||||||
|
// 4160000
|
||||||
|
// print("$rand_str\n");
|
||||||
|
//
|
||||||
|
if ($zip->setPassword($rand_str)) {
|
||||||
|
if ($zip->extractTo(__DIR__)) {
|
||||||
|
die("PASSWORD: $rand_str");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
?>
|
84
Day 23/decode.py
Normal file
84
Day 23/decode.py
Normal file
@ -0,0 +1,84 @@
|
|||||||
|
#!/usr/bin/python
|
||||||
|
|
||||||
|
import subprocess
|
||||||
|
import re
|
||||||
|
import datetime
|
||||||
|
import hashlib
|
||||||
|
import base64
|
||||||
|
import requests
|
||||||
|
import random
|
||||||
|
import time
|
||||||
|
|
||||||
|
# charset = [chr(ord("0")+x) for x in range(10)] + \
|
||||||
|
# [chr(ord("A")+x) for x in range(26)] + \
|
||||||
|
# [chr(ord("a")+x) for x in range(26)]
|
||||||
|
|
||||||
|
|
||||||
|
# import BeautifulSoup4 as bs4
|
||||||
|
|
||||||
|
# def encode(sec):
|
||||||
|
# md5 = hashlib.md5(sec.encode("UTF-8")).digest()
|
||||||
|
# b64 = base64.b64encode(md5).decode("UTF-8")
|
||||||
|
# return b64
|
||||||
|
#
|
||||||
|
# password = "cswpWQfUu8fL"
|
||||||
|
# timestamp = "2019-12-23 11:43"
|
||||||
|
#
|
||||||
|
# d = datetime.datetime.strptime(timestamp, "%Y-%m-%d %H:%M" )
|
||||||
|
# seconds = int(d.timestamp())
|
||||||
|
# print()
|
||||||
|
#
|
||||||
|
# charset = "abcdefghijkmpqrstuvwxyzABCDEFGHJKLMPQRSTUVWXYZ23456789";
|
||||||
|
# random.seed(0)
|
||||||
|
# print("".join([random.choice(charset) for i in range(12)])) # [charset[random.randint(0,len(charset) - 1)] for x in range(12)]))
|
||||||
|
|
||||||
|
# for s in range(60):
|
||||||
|
# for j in range(1000):
|
||||||
|
# random.seed(seconds + s)
|
||||||
|
# rand_indices = [random.randint(0,len(charset) - 1) for i in range(12)]
|
||||||
|
# rand_str = "".join([charset[i] for i in rand_indices])
|
||||||
|
# if rand_str == password or rand_str.lower() == password.lower():
|
||||||
|
# print(rand_str, rand_indices)
|
||||||
|
|
||||||
|
# for i in range(60):
|
||||||
|
# for j in range(100):
|
||||||
|
# b64 = encode("%d.%02d" % (seconds + i, j))
|
||||||
|
# if password in b64:
|
||||||
|
# print(b64)
|
||||||
|
|
||||||
|
# def getPassword():
|
||||||
|
# pass
|
||||||
|
|
||||||
|
# charset = []
|
||||||
|
# pattern = re.compile("<strong>(.*)<\/strong>")
|
||||||
|
# #
|
||||||
|
# for i in range(100):
|
||||||
|
# res = requests.post("http://whale.hacking-lab.com:23023/archive.php", data={"req[]":"blindball", "username":"test"})
|
||||||
|
# if res.status_code == 200:
|
||||||
|
# pw = pattern.search(res.text).group(1)
|
||||||
|
# print(time.time(), pw)
|
||||||
|
# for x in pw:
|
||||||
|
# if x not in charset:
|
||||||
|
# charset.append(x)
|
||||||
|
#
|
||||||
|
# print("".join(sorted(charset)))
|
||||||
|
|
||||||
|
min = 0
|
||||||
|
max = 2**32 - 1
|
||||||
|
num_processes = 4
|
||||||
|
steps = (max-min+1) // num_processes
|
||||||
|
start = min
|
||||||
|
|
||||||
|
procs = []
|
||||||
|
|
||||||
|
for i in range(num_processes):
|
||||||
|
end = start + steps
|
||||||
|
args = ["php", "decode.php", str(i+1), str(start), str(end)]
|
||||||
|
print("Starting subprocess:", " ".join(args))
|
||||||
|
procs.append(subprocess.Popen(args))
|
||||||
|
start = end + 1
|
||||||
|
break
|
||||||
|
# break
|
||||||
|
|
||||||
|
for proc in procs:
|
||||||
|
proc.wait()
|
BIN
Day 23/flag.txt
Normal file
BIN
Day 23/flag.txt
Normal file
Binary file not shown.
2
Day 23/hash
Normal file
2
Day 23/hash
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
Santa-data.zip/flag.txt:$zip2$*0*1*0*d75ebd89add5cf76*75ca*25*8249d36387bf723d66085cb4334858bc69989550a643c4a614645d505889e91bdbd269787a*fe232081a44c398eeab9*$/zip2$:flag.txt:Santa-data.zip:Santa-data.zip
|
||||||
|
Santa-data.zip:$pkzip2$3*1*1*0*63*24*5e20*7c67*69e5d5637af3005ba4c1061964f8037c23d4d912fd8dd6bc59e65eadfc791a5c163461bc*1*0*63*24*8994*4eaf*99dc5ea6d837c104740f6d9e883d8b4c44028b2c0eed3f575925352e966cbe3c96c49176*2*0*39*25*b31e19ff*0*31*63*39*b31e*83ea*d75ebd89add5cf7675ca8249d36387bf723d66085cb4334858bc69989550a643c4a614645d505889e91bdbd269787afe232081a44c398eeab9*$/pkzip2$::Santa-data.zip:flag.txt, ball15.png, pearl.png:Santa-data.zip
|
2
Day 23/machine
Normal file
2
Day 23/machine
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
seed=4333287
|
||||||
|
pw=Kwmq3Sqmc5sA
|
18
Day 23/test.php
Normal file
18
Day 23/test.php
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
// for($i = 0; $i < 1000; $i++)
|
||||||
|
// print(microtime(true) . "\n");
|
||||||
|
|
||||||
|
srand(1);
|
||||||
|
$alphabet = 'abcdefghijkmpqrstuvwxyzABCDEFGHJKLMPQRSTUVWXYZ23456789';
|
||||||
|
$out = "";
|
||||||
|
|
||||||
|
for($j = 0; $j < 12; $j++) {
|
||||||
|
$rand_key = rand(0, 54 - 1);
|
||||||
|
// var_dump($rand_key);
|
||||||
|
$out .= $alphabet[$rand_key];
|
||||||
|
}
|
||||||
|
|
||||||
|
var_dump($out);
|
||||||
|
|
||||||
|
?>
|
Loading…
Reference in New Issue
Block a user