break_sha1_keyed_mac.go (1633B)
1 package main 2 3 import ( 4 "encoding/binary" 5 "fmt" 6 "math/rand" 7 //"io/ioutil" 8 "./sha_1" 9 //"strings" 10 "time" 11 ) 12 13 func get_padding(msg []byte) []byte { 14 length := uint64(len(msg)) 15 16 // Padding. Add a 1 bit and 0 bits until 56 bytes mod 64. 17 var tmp [64]byte 18 tmp[0] = 0x80 19 //if length % 64 < 56 { 20 // return tmp[0 : 56-length%64] 21 // length = 56-length%64 22 //} else { 23 // return tmp[0 : 64+56-length%64] 24 // length = 64+56-length%64 25 //} 26 27 length <<= 3 28 sha_1.PutUint64(tmp[:], length) 29 return tmp[:] 30 //d.Write(tmp[0:8]) 31 } 32 33 func main() { 34 rand.Seed(time.Now().UTC().UnixNano()) 35 //file, _ := ioutil.ReadFile("/usr/share/dict/cracklib-small") 36 //lines := strings.Split(string(file), "n") 37 key := "a"//lines[rand.Intn(len(lines))] 38 msg := "comment1=cooking%20MCs;userdata=foo;comment2=%20like%20a%20pound%20of%20bacon" 39 40 secret_prefix_hash := sha_1.Sum([]byte(key + msg)) 41 42 var registers [5]uint32 43 44 for i := 0; i < 5; i++ { 45 registers[i] = binary.BigEndian.Uint32(secret_prefix_hash[i * 4 : (i * 4) + 4]) 46 } 47 48 injected := ";admin=true" 49 pad := get_padding([]byte(key + msg)) 50 forged := append(pad, []byte(injected)...)[1:] 51 //forged := []byte(injected) 52 forged_digest := sha_1.SumForged(forged, registers) 53 54 //fmt.Printf("%xn", sha_1.SumForged(forged, registers)) 55 fmt.Printf("%xn", sha_1.Sum([]byte(key + msg + string(pad) + injected))) 56 fmt.Printf("%xn", sha_1.Sum(append(forged, forged_digest[:]...))) 57 fmt.Printf("%xn", sha_1.Sum(append(forged_digest[:], forged...))) 58 fmt.Printf("%xn", sha_1.Sum(append([]byte(key), forged...))) 59 fmt.Printf("%xn", secret_prefix_hash) 60 fmt.Printf("%xn", sha_1.Sum([]byte(msg + key))) 61 }