forked from matthiasbock/OpenSkype
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathrc4.py
executable file
·84 lines (65 loc) · 2.04 KB
/
rc4.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
#!/usr/bin/python
from FluxCapacitor import Seed, Skype_RC4_Expand_IV, skype_crc, RC4_Context, RC4_crypt
from utils import *
class RC4_Engine:
def __init__(self, debug=False):
self.ExternalIP = '\x00\x00\x00\x00'
self.print_cipher = debug
self.print_seeding = debug
self.print_plaintext = debug
def updateIP(self, ip):
self.ExternalIP = ip
def decrypt(self, cipher, src, dst, objectid, iv, crc):
if self.print_cipher:
print '\tcipher:\n\t\t'+str2hex(cipher)
test_sources = [
src,
self.ExternalIP,
'\x00\x00\x00\x00',
]
# for j in range(2):
# for i in range(255):
# test_sources.append(chr(192)+chr(168)+chr(j+1)+chr(i+1))
test_dests = [
dst,
self.ExternalIP,
'\x00\x00\x00\x00',
]
# for j in range(2):
# for i in range(255):
# test_dests.append(chr(192)+chr(168)+chr(j+1)+chr(i+1))
correct = False
for src in test_sources:
for dst in test_dests:
if self.print_seeding:
print '\tsrc ip: '+print_address(src)+'\tdst ip: '+print_address(dst),
seed = Seed(src, dst, objectid)
if self.print_seeding:
print '\tseed: '+long2hex(seed),
seed = seed ^ str2long(iv) # XOR
if self.print_seeding:
print '\t\tseed ^ iv: '+long2hex(seed)
rc4context = RC4_Context()
Skype_RC4_Expand_IV(seed, rc4context)
plaintext = RC4_crypt(cipher, rc4context)
calc_crc = long2hex(skype_crc(plaintext)) # long
pkt_crc = str2hex(crc) # string
correct = calc_crc == pkt_crc
if correct:
if self.print_plaintext:
print '\tcrc correct'
break
if correct:
break
if self.print_plaintext and calc_crc == pkt_crc:
print '\tdecryption succeed with src='+print_address(src)+', dst='+print_address(dst)
# print '\tplaintext:\n\t\t'+str2hex(plaintext)
if not correct:
if self.print_plaintext:
print '\tdecryption failed'
return None
return plaintext
def bruteforce(self, cipher, crc, start):
from rc4bruteforce import Rambo
bruteforce = Rambo(cipher_hex = str2hex(cipher), crc = crc)
return bruteforce.crack(start = start)