|
|
- #!/usr/bin/env python
- import socket
- from thread import start_new_thread
- from datetime import datetime
- from os import urandom
- from random import randrange as random
- import RSAvulnerableKeyGenerator as keygen
-
- FLAG = 'SlashRootCTF{W13nn3r_w1nn3r_RSA_d1nn3r}'
- HOST = '0.0.0.0'
- PORT = 6070
- BUFF = 1024
- BIT = 256
- MAX = 10
-
- def banner():
- return '''\
- _______________________________________________
- | ____ ____ ____ ___ ____ _ _ ____ _ _ |
- | |__/ [__ |__| | | | |_/ |___ |\ | |
- | | \ ___] | | | |__| | \_ |___ | \| |
- | ____ ____ _ _ ____ ____ ____ ___ ____ ____ |
- | | __ |___ |\ | |___ |__/ |__| | | | |__/ |
- | |__] |___ | \| |___ | \ | | | |__| | \ |
- |_____________________________________________|
- | [1] Generate RSA |
- | [2] Generate Token |
- | [3] Generate Flag |
- |_____________________________________________|
- >>> '''
-
- def log(message, address, filename='RSATG.log'):
- with open(filename, 'a') as log:
- timestamp = datetime.now().strftime('%d/%m/%Y %H:%M:%S')
- log.write('[%s][%s:%d] %s\n' % (timestamp, address[0], address[1], str(message)))
-
- def serve_client(client, address, receive=''):
- try:
- client.send(banner())
- token = []
-
- while True:
- data = ''
- receive = client.recv(BUFF).strip()
-
- if receive == '1':
- log('<<< Generating RSA', address)
- data = genRSA(client, address)
- elif receive == '2':
- log('<<< Generating Token', address)
- data, token = genToken(client, address)
- log('>>> Sending Token: %s' % format(token), address)
- elif receive == '3':
- log('<<< Generating flag', address)
-
- if token:
- client.send('Token : ')
-
- if format(token) == client.recv(BUFF).strip():
- ID = urandom(16).encode('hex')
- log('<-> RSA ID: %s[%s]' % (ID, format(token)), address)
- log('>>> Sending Flag: %s[%s]' % (ID, format(token)), address)
- client.send('''\
- RSA ID\t : %s
- FLAG\t : %s
- *Sertakan TOKEN dan RSA ID pada writeup agar poin dihitung!\n''' % (ID, FLAG))
- break
- else:
- log('>-< Wrong Token: %s|%s' % (receive, format(token)), address)
- data = 'Try Again!\nYour token is %s\n' % format(token)
- else:
- log('>-< Empty Token!', address)
- data = 'Generate your token!\n'
-
- token = []
-
- client.send(data + '[1|2|3]>>> ')
-
- log('Disconnected', address)
- except Exception as message:
- log(message, address, 'error.log')
- log('>-< Disconnected because error: %s' % message, address)
- finally:
- client.close()
- log('--- Disconnected', address)
-
- def format(token):
- return '-'.join(token)
-
- def RSA(bit):
- e, n, d = keygen.generateKeys(bit)
- p = random(1000, 9999)
- c = pow(p, e, n)
- return e, n, d, p, c
-
- def genRSA(client, address):
- e, n ,d, p, c = RSA(BIT)
- client.send('e = %s \nn = %s \nc = %s \np = ' % (e, n, c))
- r = client.recv(BUFF).strip()
-
- if r == str(p):
- log('<-> Correct %s{e:%s,n:%s,d:%s,p:%s,c:%s)' % (r, e, n, d, p, c), address)
- return '\n\m/ Correct \m/\n'
- else:
- log('>-< Wrong %s{e:%s,n:%s,d:%s,p:%s,c:%s)' % (r, e, n, d, p, c), address)
- return '\nWrong :P is %s\n' % p
-
- def genToken(client, address):
- token = []
- data = 'Token has been generated!\n'
-
- for i in range(1, 6):
- e, n ,d, p, c = RSA(BIT)
- client.send('Token #%i\ne = %s \nn = %s \nc = %s \np = ' % (i, e, n, c))
- r = client.recv(BUFF).strip()
-
- if r == str(p):
- log('<-> Correct #%d: %s{e:%s,n:%s,d:%s,p:%s,c:%s)' % (i, r, e, n, d, p, c), address)
- token.append(str(p))
- else:
- token = []
- data = '\nWrong :P is %s\n' % p
- log('>-< Wrong #%d: %s{e:%s,n:%s,d:%s,p:%s,c:%s)' % (i, r, e, n, d, p, c), address)
- break
-
- return data, token
-
- def main():
- server = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
- server.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
- server.bind((HOST, PORT))
- server.listen(MAX)
- log('(+) Power On Server', [HOST, PORT])
-
- while True:
- try:
- client, address = server.accept()
- log('<<< Client connected from IP %s with PORT %d' % (address), address)
- start_new_thread(serve_client, (client, address))
- except Exception as message:
- log(message, [HOST, PORT], 'error.log')
- except KeyboardInterrupt:
- log('(-) Power Off Server', [HOST, PORT])
- break
-
- server.close()
-
- if __name__ == '__main__':
- main()
|