From 320d615bea31d46f4bdbfd9e686d792b8718ce89 Mon Sep 17 00:00:00 2001 From: Roman Hergenreder Date: Sat, 21 Dec 2019 15:50:47 +0100 Subject: [PATCH] Day 21 solved --- Day 21/decode.py | 60 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) create mode 100644 Day 21/decode.py diff --git a/Day 21/decode.py b/Day 21/decode.py new file mode 100644 index 0000000..94a51a9 --- /dev/null +++ b/Day 21/decode.py @@ -0,0 +1,60 @@ +#!/usr/bin/python + +import hashlib, binascii, base64 +from fastecdsa import keys, curve, point +from Crypto.Cipher import AES +import queue +import threading +import time +import sys + +x = 0xc58966d17da18c7f019c881e187c608fcb5010ef36fba4a199e7b382a088072f +y = 0xd91b949eaf992c464d3e0d09c45b173b121d53097a9d47c25220c0b4beb943c + +PUBLIC_KEY = point.Point(x, y, curve.P256) +PASSWORD_QUEUE = queue.Queue() + +def tryPassword(pw): + privKey = hashlib.sha256(pw).digest() + pubKey = keys.get_public_key(int.from_bytes(privKey, "big"), curve.P256) + if pubKey != PUBLIC_KEY: + return False + + print("Found possible password:", pw) + salt = b'TwoHundredFiftySix' + aesKey = hashlib.pbkdf2_hmac('sha256', pw, salt, 256*256*256) + cipher = AES.new(aesKey, AES.MODE_ECB) + encrypted = base64.b64decode(b"Hy97Xwv97vpwGn21finVvZj5pK/BvBjscf6vffm1po0=") + + try: + decrypted = cipher.decrypt(encrypted) + print(decrypted.decode('utf-8')) + return True + except Exception as e: + print(str(e)) + return False + +def doWork(): + while not PASSWORD_QUEUE.empty(): + pw = PASSWORD_QUEUE.get() + if tryPassword(pw): + print("Done?") + +with open("/usr/share/wordlists/SecLists/Passwords/Leaked-Databases/rockyou.txt", "rb") as f: + for pw in f.readlines(): + pw = pw.strip() + if len(pw) == 16: + PASSWORD_QUEUE.put(pw) + +initialSize = PASSWORD_QUEUE.qsize() +print("Read %d passwords, starting threads…" % initialSize) +threads = [] +for i in range(8): + t = threading.Thread(target=doWork) + t.start() + threads.append(t) + +while not PASSWORD_QUEUE.empty(): + sys.stdout.write("\rProgress: %04d/%04d" % (initialSize - PASSWORD_QUEUE.qsize(), initialSize)) + sys.stdout.flush() + time.sleep(0.5)