diff options
| -rw-r--r-- | lib/lib5.c | 84 | ||||
| -rw-r--r-- | lib/lib5.h | 5 | ||||
| -rw-r--r-- | set5/task38.c | 35 |
3 files changed, 123 insertions, 1 deletions
@@ -215,7 +215,7 @@ void srp_compute_x(BIGNUM *salt, unsigned char *password, char *sha1_hash) memcpy(&to_hash[BN_num_bytes(salt)-1], password, strlen(password)); SHA1Reset(&sha1); - SHA1Input(&sha1, to_hash, strlen(to_hash)); + SHA1Input(&sha1, to_hash, strlen(password)+BN_num_bytes(salt)); SHA1Result(&sha1); memcpy(sha1_hash, &(sha1.Message_Digest), 20); } @@ -248,6 +248,17 @@ void srp_server_send1(struct srp_context *srpc) BN_mod_add(srpc->B, t, t2, srpc->N, ctx); } +void ssrp_server_send1(struct srp_context *srpc) +{ + BN_pseudo_rand(srpc->b, 1024, -1, -1); + BN_mod_exp(srpc->B, srpc->g, srpc->b, srpc->N, ctx); +} + +void ssrp_compute_uH(struct srp_context *srpc) +{ + BN_pseudo_rand(srpc->u, 1024, -1, -1); +} + void srp_compute_uH(struct srp_context *srpc) { SHA1Context sha1; @@ -309,6 +320,31 @@ void srp_client_prepare_k(struct srp_context *srpc, char *password) memcpy(srpc->client_K, &(sha1.Message_Digest), 20); } +void ssrp_client_prepare_k(struct srp_context *srpc, char *password) +{ + SHA1Context sha1; + BIGNUM *x = BN_new(); + char K[20]; + char sha1_hash[20]; + + srp_compute_x(srpc->salt, password, sha1_hash); + BN_bin2bn(sha1_hash, 20, x); + + BIGNUM *S = BN_new(); + BIGNUM *tmp = BN_new(); + + BN_mod_mul(tmp, srpc->u, x, srpc->N, ctx); + BN_mod_add(tmp, tmp, srpc->a, srpc->N, ctx); + BN_mod_exp(S, srpc->B, tmp, srpc->N, ctx); + + char *s_str = malloc(BN_num_bytes(S)); + BN_bn2bin(S, s_str); + SHA1Reset(&sha1); + SHA1Input(&sha1, s_str, BN_num_bytes(S)); + SHA1Result(&sha1); + memcpy(srpc->client_K, &(sha1.Message_Digest), 20); +} + void srp_server_prepare_k(struct srp_context *srpc) { BIGNUM *S = BN_new(); @@ -684,3 +720,49 @@ double nth_root_wr(double x, int n) return r; } + +void ssrp_dictionary_attack(struct srp_context *srpc) +{ + + // in srpc.client_K is the hash given by the client + // attack with all passwords in task38.dictionary + size_t line_len = 1024; + char *line = NULL; + FILE *fp = fopen("task38.dictionary", "r"); + int read = 0; + char sha1_hash[20]; + char cK[40]; + SHA1Context sha1; + BIGNUM *x = BN_new(); + BIGNUM *S= BN_new(); + + while((read = getline(&line, &line_len, fp)) != -1) { + BN_zero(x); + BN_zero(S); + memset(sha1_hash, 0, 20); + line[read-1] = 0; + printf("try password: %s\n", line); + srp_compute_x(srpc->salt, line, sha1_hash); + BN_bin2bn(sha1_hash, 20, x); + BN_mod_exp(S, srpc->g, x, srpc->N, ctx); + BN_mod_exp(S, S, srpc->u, srpc->N, ctx); + BN_mod_mul(S, S, srpc->A, srpc->N, ctx); + BN_mod_exp(S, S, srpc->b, srpc->N, ctx); + + char *s_str = malloc(BN_num_bytes(S)); + memset(s_str, 0, BN_num_bytes(S)); + BN_bn2bin(S, s_str); + SHA1Reset(&sha1); + SHA1Input(&sha1, s_str, BN_num_bytes(S)); + SHA1Result(&sha1); + memcpy(sha1_hash, &(sha1.Message_Digest), 20); + if(strncmp(sha1_hash, srpc->client_K, 20) == 0) { + printf("found password: %s\n", line); + hex_binary_to_string(sha1_hash, cK, 20); + printf("hash is: %s\n", cK); + free(s_str); + break; + } + free(s_str); + } +} @@ -117,4 +117,9 @@ void srp_client_prepare_k(struct srp_context *srpc, char *password); void srp_server_prepare_k(struct srp_context *srpc); void srp_context_init(struct srp_context *s); void srp_client_s_0_prepare_k(struct srp_context *srpc); +void ssrp_compute_uH(struct srp_context *srpc); +void ssrp_server_send1(struct srp_context *srpc); +void ssrp_client_prepare_k(struct srp_context *srpc, char *password); +void srp_server_prepare_k(struct srp_context *srpc); +void ssrp_dictionary_attack(struct srp_context *srpc); #endif diff --git a/set5/task38.c b/set5/task38.c new file mode 100644 index 0000000..889fe11 --- /dev/null +++ b/set5/task38.c @@ -0,0 +1,35 @@ +#include "../lib/lib.h" +#include "../lib/lib2.h" +#include "../lib/lib3.h" +#include "../lib/lib4.h" +#include "../lib/lib5.h" +#include <time.h> + +int main() +{ + struct srp_context srpc; + char *email = "test@example.com"; + char *password = "12345"; + //char *password = passwords[index]; + char sK[41]; + char cK[41]; + out = BIO_new(BIO_s_file()); + BIO_set_fp(out, stdout, BIO_NOCLOSE); + + ctx = BN_CTX_new(); + printf("using password: %s\n", password); + srp_context_init(&srpc); + srp_server_init(email, password, &srpc); + srp_client_send1(email, &srpc); + ssrp_server_send1(&srpc); + // inject some new MITM params here + BN_pseudo_rand(srpc.b, 1024, -1, -1); + BN_mod_exp(srpc.B, srpc.g, srpc.b, srpc.N, ctx); + BN_pseudo_rand(srpc.u, 1024, -1, -1); + ssrp_compute_uH(&srpc); + ssrp_client_prepare_k(&srpc, password); + hex_binary_to_string(srpc.client_K, cK, 20); + printf("hash sended from client: %s\n", cK); + ssrp_dictionary_attack(&srpc); + // set client session key also to 0 +} |