Git-Mirrors/sec-pentesting-toolkit
1
0
Fork 0
mirror of https://github.com/autistic-symposium/sec-pentesting-toolkit.git synced 2025-05-04 15:55:12 -04:00
Code Issues Projects Releases Packages Wiki Activity

crypto modules

Browse source
This commit is contained in:
Mari Wahl 2015-01-03 20:47:39 -05:00
parent f211c1cbab
commit 5fcb5a5cb9
28 changed files with 122 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

11
Cryptography/Hash_Functions/SHA/sha-256-bruteforce.py Normal file
View file

@ -0,0 +1,11 @@
'''
from asis 2013: The last crypto (binary numbers) was very puzzling. We couldnt decipher it. But a few minutes before the CTF ending, we noticed we could brute-force the 6 missing characters offline, because in each task, there was a client-side verification with a sha-256 hash. For this task, the hash of the flag was 6307c5441ebac07051e3b90d53c3106230dd9aa128601dcd5f63efcf824ce1ba. A quick brute-force in Python revealed us the missing chars, and therefore, the final flag to submit!
'''
import hashlib, itertools
hash = '6307c5441ebac07051e3b90d53c3106230dd9aa128601dcd5f63efcf824ce1ba'
ch = 'abcdef0123456789'
for a, b, c, d, e, f in itertools.product(ch, ch, ch, ch, ch, ch):
if hashlib.sha256('ASIS_a9%s00f497f2eaa4372a7fc21f0d' % (a + b + c + d + e + f)).hexdigest() == hash:
print 'ASIS_a9%s00f497f2eaa4372a7fc21f0d' % (a + b + c + d + e + f)