cryptopals

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs
commit fdb2467913f6592b8f2f3d3030d7f8fd33a3d9c6
parent eb92fc91386a72e731b91f5b7a640c8c7f70b2f0
Author: mpizzzle <michael.770211@gmail.com>
Date:   Mon, 18 Feb 2019 22:44:26 +0000

attack outline finished (but not working)

Diffstat:

Aset4/break_sha1_keyed_mac.go | 46++++++++++++++++++++++++++++++++++++++++++++++


Mset4/sha1_keyed_mac.go | 5++---


Mset4/sha_1/sha1.go | 17+++++++++++++++++


3 files changed, 65 insertions(+), 3 deletions(-)

diff --git a/set4/break_sha1_keyed_mac.go b/set4/break_sha1_keyed_mac.go
@@ -0,0 +1,46 @@
+package main
+
+import (
+	"encoding/binary"
+	"fmt"
+	"math/rand"
+	"io/ioutil"
+	"./sha_1"
+	"strings"
+	"time"
+)
+
+func padding(msg []byte) []byte {
+	length := len(msg)
+
+	// Padding.  Add a 1 bit and 0 bits until 56 bytes mod 64.
+	var tmp [64]byte
+	tmp[0] = 0x80
+	if length % 64 < 56 {
+		return tmp[0 : 56-length%64]
+	} else {
+		return tmp[0 : 64+56-length%64]
+	}
+}
+
+func main() {
+	rand.Seed(time.Now().UTC().UnixNano())
+	file, _ := ioutil.ReadFile("/usr/share/dict/cracklib-small")
+	lines := strings.Split(string(file), "\n")
+	key := lines[rand.Intn(len(lines))]
+	msg := "comment1=cooking%20MCs;userdata=foo;comment2=%20like%20a%20pound%20of%20bacon"
+
+	hash := sha_1.Sum([]byte(key + msg))
+
+	var registers [5]uint32
+
+	for i := 0; i < 5; i++ {
+		registers[i] = binary.BigEndian.Uint32(hash[i * 4 : (i * 4) + 4])
+	}
+
+	injected := ";admin=true"
+	forged := append(append(hash[:], []byte(injected)...), padding([]byte(msg + key))...)
+
+	fmt.Printf("%x\n", sha_1.SumForged(forged, registers))
+	fmt.Printf("%x\n", sha_1.Sum([]byte(key + msg + injected)))
+}
diff --git a/set4/sha1_keyed_mac.go b/set4/sha1_keyed_mac.go
@@ -4,7 +4,7 @@ import (
 	"bufio"
 	"fmt"
         "os"
-	"sha_1"
+	"./sha_1"
 )
 
 func main() {
@@ -17,8 +17,7 @@ func main() {
 		fmt.Printf("%x\n", sha_1.Sum(msg))
 		//af 06 49 23 bb f2 30 15 96 aa c4 c2 73 ba 32 17 8e bc 4a 96
 	} else {
-		reader := bufio.NewReader(os.Stdin)
-		msg, _ := reader.ReadString('\n')
+		msg, _ := bufio.NewReader(os.Stdin).ReadString('\n')
 		m := []byte(msg[:len(msg) - 1])
 		fmt.Printf("%x\n", sha_1.Sum(m))
 	}
diff --git a/set4/sha_1/sha1.go b/set4/sha_1/sha1.go
@@ -114,6 +114,23 @@ func Sum(data []byte) [Size]byte {
 	return d.checkSum()
 }
 
+func (d *digest) ResetForged(registers [5]uint32) {
+	d.h[0] = registers[0]
+	d.h[1] = registers[1]
+	d.h[2] = registers[2]
+	d.h[3] = registers[3]
+	d.h[4] = registers[4]
+	d.nx = 0
+	d.len = 0
+}
+
+func SumForged(data []byte, registers [5]uint32) [Size]byte {
+	var d digest
+	d.ResetForged(registers)
+	d.Write(data)
+	return d.checkSum()
+}
+
 func putUint64(x []byte, s uint64) {
 	_ = x[7]
 	x[0] = byte(s >> 56)