Aleksei Udovenko hellman
🍊
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ''' | |
| The idea is to reach a state consisting of 00 and FF bytes. | |
| Because of the independence of shifts values, if the message block is the same 32-byte part repeated 2 times, | |
| the state is preserved. We then can change the 32 byte part arbitrarily and keep the hash value unchanged. | |
| To do this we first craft a 32x2 message block that lands on such state after 2nd round (1st round does nothing). | |
| We have 32 bytes of freedom (-charset constraints), so this is reasonable and can be done with 1 byte guess and propagation. | |
| One caveat is that the initial state is rather symmetric and and it's not always easy to land on a desired state, | |
| so we prepend random block first to randomize the state. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| prepare: | |
| mkfifo p1 p2 | |
| precomp: | |
| ./stage1_precomp | |
| du -hs dump* | |
| # 17G dump0 | |
| # 17G dump1 | |
| # 17G dump2 | |
| # 17G dump3 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from sage.all import * | |
| from crccheck.crc import * | |
| def tobin(v, n): | |
| assert 0 <= v < 2**n | |
| return tuple(ZZ(v).digits(2, padto=n))[::-1] | |
| def frombin(v): | |
| return sum(int(c)*2**i for i, c in enumerate(v[::-1])) |
hellman
/ FibHash.ipynb
Last active
March 25, 2021 07:28
CONFidence 2020 CTF Finals - FibHash (Crypto 421)
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from sage.all import * | |
| import ast, sys, subprocess | |
| import hashlib | |
| from random import shuffle | |
| from time import time | |
| while True: | |
| data = subprocess.check_output("nc 124.156.133.6 22298 </dev/null", shell=True).splitlines() | |
| p = int(data[0]) | |
| nums = ast.literal_eval(data[1].decode()) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from sage.all import * | |
| ma, mb, mc, md = 0x505a1, 0x40f3f, 0x1f02, 0x31 | |
| maxa = maxb = 1 << 19 | |
| maxc = (1 << 13) | |
| maxd = (1 << 6) | |
| def hw(a): | |
| res = 0 | |
| while a > 0: |