Created
November 12, 2013 20:02
-
-
Save Macil/7437672 to your computer and use it in GitHub Desktop.
Experimenting with exploiting KusabaX's encryption algorithms.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| function get_rnd_iv($iv_len) { | |
| $iv = ''; | |
| while ($iv_len-- > 0) { | |
| $iv .= chr(mt_rand() & 0xff); | |
| } | |
| return $iv; | |
| } | |
| function md5_encrypt($plain_text, $password, $iv_len = 16, $iv_init = false) { | |
| $plain_text .= "\x13"; | |
| $n = strlen($plain_text); | |
| if ($n % 16) $plain_text .= str_repeat("\0", 16 - ($n % 16)); | |
| $i = 0; | |
| $enc_text = $iv_init ? $iv_init : get_rnd_iv($iv_len); | |
| $iv = substr($password ^ $enc_text, 0, 512); | |
| while ($i < $n) { | |
| $block = substr($plain_text, $i, 16) ^ pack('H*', md5($iv)); | |
| $enc_text .= $block; | |
| $iv = substr($block . $iv, 0, 512) ^ $password; | |
| $i += 16; | |
| } | |
| return base64_encode($enc_text); | |
| } | |
| function md5_decrypt($enc_text, $password, $iv_len = 16) { | |
| $enc_text = base64_decode($enc_text); | |
| $n = strlen($enc_text); | |
| $i = $iv_len; | |
| $plain_text = ''; | |
| $iv = substr($password ^ substr($enc_text, 0, $iv_len), 0, 512); | |
| while ($i < $n) { | |
| $block = substr($enc_text, $i, 16); | |
| $plain_text .= $block ^ pack('H*', md5($iv)); | |
| $iv = substr($block . $iv, 0, 512) ^ $password; | |
| $i += 16; | |
| } | |
| return preg_replace('/\\x13\\x00*$/', '', $plain_text); | |
| } | |
| function l($t) { | |
| fwrite(STDERR, "$t\n"); | |
| } | |
| $secret = 'OyTjpsxnE2282p4RitIT'; | |
| $iv_force = 'iv345678901234iv'; | |
| function e($t) { | |
| global $secret, $iv_force; | |
| return md5_encrypt($t, $secret, 16, $iv_force); | |
| } | |
| function d($t) { | |
| global $secret; | |
| return md5_decrypt($t, $secret); | |
| } | |
| function pad_string($plain_text) { | |
| $plain_text .= "\x13"; | |
| $n = strlen($plain_text); | |
| if ($n % 16) $plain_text .= str_repeat("\0", 16 - ($n % 16)); | |
| return $plain_text; | |
| } | |
| // Change a ciphertext to get a new ciphertext | |
| function main_example1() { | |
| $enc = '6402b4gGUa1ALK2j1YxoUNR5WVt8QZWNMsBO6P4KC04='; | |
| $encd = base64_decode($enc); | |
| $msg = pad_string("bob"); | |
| $tgt = pad_string("admin"); | |
| $xdf = $msg ^ $tgt; | |
| $encd = substr($encd, 0, 16) . (substr($encd, 16) ^ $xdf); | |
| print base64_encode($encd) . "\n"; | |
| } | |
| // Example showing how changing one byte affect decryption of subsequent 16-byte sections | |
| function main_changer() { | |
| $msg = 'Some text here! Really really long message! More message! 1234567890 ABCDEFGHIJKLMNOPQRSTUVWXYZ'; | |
| $tgt = 'Some text here! Really really 1ong message! More message! 1234567890 ABCDEFGHIJKLMNOPQRSTUVWXYZ'; | |
| $xdf = $msg ^ $tgt; | |
| $encd = base64_decode(e($msg)); | |
| $encd = substr($encd, 0, 16) . (substr($encd, 16) ^ $xdf); | |
| echo d( base64_encode($encd) ); | |
| // You may want to view this output in a hex viewer, such as by piping PHP to xxd. | |
| } | |
| // Example of changing one byte combined with a playback attack | |
| function main_changeplayback() { | |
| $msg = 'Some text here! Really really long message! More message! 1234567890 ABCDEFGHIJKLMNOPQRSTUVWXYZ'; | |
| $tgt = 'Some text here! Really really 1ong message! More message! 1234567890 ABCDEFGHIJKLMNOPQRSTUVWXYZ'; | |
| $xdf = $msg ^ $tgt; | |
| $encd = base64_decode(e($msg)); | |
| $encd = substr($encd, 0, 16) . (substr($encd, 16, 32) ^ $xdf) . substr($encd, 16); | |
| echo d( base64_encode($encd) ); | |
| } | |
| main_example1(); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment