Last active
August 29, 2015 13:56
-
-
Save rohit89/8813124 to your computer and use it in GitHub Desktop.
Generate git sha1 commit hash collision (used for Stripe CTF 3.0 level1 - gitcoin miner)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include<stdio.h> | |
| #include<openssl/sha.h> | |
| #include<time.h> | |
| #include<stdlib.h> | |
| #include<string.h> | |
| static void compute_stream_hash(char *a, char *b, char *c) | |
| { | |
| unsigned char sha1[20]; | |
| unsigned char hash[(20 * 2) + 1]; | |
| int i; | |
| SHA_CTX ctx; | |
| SHA1_Init(&ctx); | |
| SHA1_Update(&ctx, a, strlen(a) + 1); | |
| SHA1_Update(&ctx, b, strlen(b)); | |
| SHA1_Update(&ctx, c, strlen(c)); | |
| SHA1_Final(sha1, &ctx); | |
| for (i = 0; i < 20; i++) | |
| sprintf((char *)&(hash[i * 2]), "%02x", (unsigned int)sha1[i]); | |
| if (strcmp((char *)hash, "000001") < 0) | |
| { | |
| printf("%s %s", hash, c); | |
| exit(EXIT_SUCCESS); | |
| } | |
| } | |
| static void do_setup(char *t, char *p, char *ti, char *m) | |
| { | |
| char *tree_line = malloc(5 + strlen(t) + 1); | |
| char *parent_line = malloc(7 + strlen(p) + 1); | |
| char *author_line = malloc(100); | |
| char *committer_line = malloc(100); | |
| char *commit_msg = malloc(200); | |
| snprintf(tree_line, 10 + strlen(t), "tree %s\n", t); | |
| snprintf(parent_line, 10 + strlen(p), "parent %s\n", p); | |
| snprintf(author_line, 70 + strlen(ti), \ | |
| "author CTF user <[email protected]> %s +0000\n", ti); | |
| snprintf(committer_line, 70 + strlen(ti), \ | |
| "committer CTF user <[email protected]> %s +0000\n\n", ti); | |
| snprintf(commit_msg, 90, "Mined a Gitcoin\nnonce"); | |
| int length = strlen(tree_line) + strlen(parent_line) + strlen(author_line) + \ | |
| strlen(committer_line) + strlen(commit_msg); | |
| snprintf(m, length + 1, "%s%s%s%s%s", tree_line, parent_line,\ | |
| author_line, committer_line, commit_msg); | |
| } | |
| int main(int argc, char *argv[]) | |
| { | |
| const char *hexchars = "0123456789abcdef"; | |
| int j, index; | |
| char nonce[20]; | |
| int len = strlen(hexchars); | |
| srand(time(NULL)); | |
| char *message = malloc(1000); | |
| char *header = malloc(100); | |
| do_setup(argv[1], argv[2], argv[3], message); | |
| while (1) | |
| { | |
| int idx = 0; | |
| nonce[idx++] = ' '; | |
| for (j = 0; j < 8; j++) | |
| { | |
| index = rand() % len; | |
| nonce[idx++] = hexchars[index]; | |
| } | |
| nonce[idx++] = '\n'; | |
| nonce[idx] = '\0'; | |
| snprintf(header, 30, "commit %d", strlen(message) + strlen(nonce)); | |
| compute_stream_hash(header, message, nonce); | |
| /*printf("%s", header); | |
| printf("%s", message); | |
| printf("%s", nonce); | |
| fgetc(stdin);*/ | |
| } | |
| return 0; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment