mirror of https://github.com/dirtbags/moth.git
Start moving pwnables to new token encryption
This commit is contained in:
parent
5dbf9e8adb
commit
c90e24f955
|
@ -5,7 +5,6 @@ ctfbase-install: ctfbase-build
|
|||
|
||||
$(call COPYTREE, packages/ctfbase/service, $(CTFBASE_PKGDIR)/service)
|
||||
|
||||
cp packages/ctfbase/src/tokencli $(CTFBASE_PKGDIR)/bin/
|
||||
cp packages/ctfbase/src/arc4 $(CTFBASE_PKGDIR)/bin/
|
||||
|
||||
ctfbase-clean:
|
||||
|
|
|
@ -1,9 +1,7 @@
|
|||
build: tokencli arc4
|
||||
build: arc4
|
||||
|
||||
arc4: arc4.c
|
||||
$(CC) $(CFLAGS) $(LDFLAGS) -DARC4_MAIN -o $@ $<
|
||||
|
||||
tokencli: tokencli.o arc4.o
|
||||
arc4: CFLAGS += -DARC4_MAIN
|
||||
|
||||
clean:
|
||||
rm -f *.o tokencli arc4
|
||||
rm -f *.o arc4
|
||||
|
|
|
@ -1 +1 @@
|
|||
../../../include/arc4.c
|
||||
../../../src/arc4.c
|
|
@ -1 +1 @@
|
|||
../../../include/arc4.h
|
||||
../../../src/arc4.h
|
|
@ -5,11 +5,11 @@ all: build
|
|||
|
||||
build: $(TARGETS)
|
||||
|
||||
gimmie: gimmie.o token.o
|
||||
octopus: octopus.o token.o
|
||||
ltraceme: ltraceme.o token.o
|
||||
straceme: straceme.o token.o
|
||||
killme: killme.o token.o
|
||||
gimmie: gimmie.o token.o arc4.o
|
||||
octopus: octopus.o token.o arc4.o
|
||||
ltraceme: ltraceme.o token.o arc4.o
|
||||
straceme: straceme.o token.o arc4.o
|
||||
killme: killme.o token.o arc4.o
|
||||
|
||||
install: $(TARGETS)
|
||||
install -m 0755 $(TARGETS) $(DESTDIR)/bin
|
||||
|
|
|
@ -0,0 +1 @@
|
|||
../../../src/arc4.c
|
|
@ -0,0 +1 @@
|
|||
../../../src/arc4.h
|
|
@ -1,4 +1,7 @@
|
|||
#include <stdio.h>
|
||||
#include <unistd.h>
|
||||
#include <stdlib.h>
|
||||
#include <sysexits.h>
|
||||
#include "token.h"
|
||||
|
||||
uint8_t const key[] = {0x5f, 0x64, 0x13, 0x29,
|
||||
|
@ -9,19 +12,10 @@ uint8_t const key[] = {0x5f, 0x64, 0x13, 0x29,
|
|||
int
|
||||
main(int argc, char *argv[])
|
||||
{
|
||||
char token[200];
|
||||
ssize_t tokenlen;
|
||||
|
||||
tokenlen = read_token("gimmie",
|
||||
key, sizeof(key),
|
||||
token, sizeof(token) - 1);
|
||||
if (-1 == tokenlen) {
|
||||
write(1, "Something is broken\nI can't read my token.\n", 43);
|
||||
return 69;
|
||||
if (-1 == print_token("gimmie", key, sizeof(key))) {
|
||||
fprintf(stderr, "Something is broken; I can't read my token.\n");
|
||||
return EX_UNAVAILABLE;
|
||||
}
|
||||
|
||||
token[tokenlen++] = '\n';
|
||||
write(1, token, tokenlen);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
|
|
@ -0,0 +1,42 @@
|
|||
#include <stdio.h>
|
||||
#include <stdint.h>
|
||||
#include <limits.h>
|
||||
#include "token.h"
|
||||
#include "arc4.h"
|
||||
|
||||
#ifndef CTF_BASE
|
||||
#define CTF_BASE "/var/lib/ctf"
|
||||
#endif
|
||||
|
||||
ssize_t
|
||||
write_token(FILE *out,
|
||||
const char *name,
|
||||
const uint8_t *key, size_t keylen)
|
||||
{
|
||||
char *base;
|
||||
char path[PATH_MAX];
|
||||
int pathlen;
|
||||
FILE *f;
|
||||
ssize_t ret;
|
||||
|
||||
base = getenv("CTF_BASE");
|
||||
if (! base) base = CTF_BASE;
|
||||
|
||||
pathlen = snprintf(path, sizeof(path) - 1,
|
||||
"%s/tokens/%s", base, name);
|
||||
path[pathlen] = '\0';
|
||||
|
||||
f = fopen(path, "r");
|
||||
if (NULL == f) return -1;
|
||||
ret = arc4_decrypt_stream(out, f, key, keylen);
|
||||
fclose(f);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
ssize_t
|
||||
print_token(const char *name,
|
||||
const uint8_t *key, size_t keylen)
|
||||
{
|
||||
return write_token(stdout, name, key, keylen);
|
||||
}
|
|
@ -0,0 +1,15 @@
|
|||
#ifndef __TOKEN_H__
|
||||
#define __TOKEN_H__
|
||||
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <stdint.h>
|
||||
|
||||
ssize_t write_token(FILE *out,
|
||||
const char *name,
|
||||
const uint8_t *key, size_t keylen);
|
||||
ssize_t print_token(const char *name,
|
||||
const uint8_t *key, size_t keylen);
|
||||
|
||||
|
||||
#endif
|
22
src/arc4.c
22
src/arc4.c
|
@ -159,11 +159,11 @@ arc4_decrypt_stream(FILE *out, FILE *in,
|
|||
char sig[4];
|
||||
int i;
|
||||
|
||||
fread(&sig, sizeof(sig), 1, stdin);
|
||||
fread(&sig, sizeof(sig), 1, in);
|
||||
if (memcmp(sig, "arc4", 4)) {
|
||||
return -1;
|
||||
}
|
||||
fread(&seed, sizeof(seed), 1, stdin);
|
||||
fread(&seed, sizeof(seed), 1, in);
|
||||
|
||||
arc4_nonce(nonce, sizeof(nonce), &seed, sizeof(seed));
|
||||
for (i = 0; i < keylen; i += 1) {
|
||||
|
@ -191,11 +191,8 @@ arc4_decrypt_stream(FILE *out, FILE *in,
|
|||
int
|
||||
main(int argc, char *argv[])
|
||||
{
|
||||
struct arc4_ctx ctx;
|
||||
uint8_t key[ARC4_KEYLEN] = {0};
|
||||
size_t keylen;
|
||||
uint8_t nonce[ARC4_KEYLEN];
|
||||
int i;
|
||||
uint8_t key[ARC4_KEYLEN] = {0};
|
||||
size_t keylen;
|
||||
|
||||
/* Read key and initialize context */
|
||||
{
|
||||
|
@ -206,19 +203,20 @@ main(int argc, char *argv[])
|
|||
memcpy(key, ekey, keylen);
|
||||
} else {
|
||||
keylen = read(3, key, sizeof(key));
|
||||
if (-1 == keylen) {
|
||||
fprintf(stderr, "error: must specify key.\n");
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (! argv[1]) {
|
||||
if (-1 == arc4_decrypt_stream(stdout, stdin, key, keylen)) {
|
||||
perror("decrypting");
|
||||
fprintf(stderr, "error: not an arc4 stream.\n");
|
||||
return 1;
|
||||
}
|
||||
} else if (0 == strcmp(argv[1], "-e")) {
|
||||
if (-1 == arc4_encrypt_stream(stdout, stdin, key, keylen)) {
|
||||
perror("encrypting");
|
||||
return 1;
|
||||
}
|
||||
arc4_encrypt_stream(stdout, stdin, key, keylen);
|
||||
} else {
|
||||
fprintf(stderr, "Usage: %s [-e] <PLAINTEXT\n", argv[0]);
|
||||
fprintf(stderr, "\n");
|
||||
|
|
Loading…
Reference in New Issue