20.03.2014 23:17, by Dor1s
Category:
Event:
Classic Hash Length Extension Attack.
Is is doing like wrote here and here.
The easiest way to perfofm hash-length-extension attack is using HashPump.
Download it, build it and then write a little script to bruteforce secret's length and find the flag:
#!/usr/bin/python
from subprocess import *
import commands
import socket
def horosho(s):
i = s.find('\\x')
res = s[0:i]
while i != -1:
n = int(s[i+2:i+4], 16)
res += chr(n)
s = s[i + 4:]
i = s.find('\\x')
res += s
return res
digest = 'b34c39b9e83f0e965cf392831b3d71b8'
data = '\'do test connection\''
addData = 'give'
length = 5
for length in xrange(1, 257, 1):
print length
args = '-s ' + digest + ' --data ' + data + ' -a ' + addData + ' -k ' + str(length) + ' > file'
output = commands.getstatusoutput('./hashpump ' + args)
payload = open('file', 'rb').read()
payload = payload[:-1]
payload = payload[0:32] + ' ' + payload[33:]
payload = horosho(payload)
s = socket.create_connection(('python27.quals.ructf.org', 12337))
s.send(payload)
answer = s.recv(1000)
print answer
if answer.find('Wrong signature') == -1:
breakAnd when right length of the secret is found we get this:
spy offers | Nike SB15
Message accepted! The answer is RUCTF_CryptoIsFunAndEasy