Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
Add tools to crack victim identifiers
- Loading branch information
Showing
8 changed files
with
328 additions
and
7 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1,102 @@ | ||
#include <string.h> | ||
#include <stdio.h> | ||
#include <time.h> | ||
#include "crack.h" | ||
#include "stubs.h" | ||
|
||
|
||
int cid_matches(const char *ids[], int cid_count, const char *cid) { | ||
|
||
for (int i = 0; i < cid_count; i++) { | ||
if (strcmp(ids[i], cid) == 0) | ||
return 1; | ||
} | ||
return 0; | ||
} | ||
|
||
|
||
void gen_otp_val(char otpBuf[], int val) { | ||
snprintf(otpBuf, 7, "%d", val); | ||
} | ||
|
||
void gen_display_res(char *buf, unsigned char *src) { | ||
snprintf(buf, 60, "%d.%d.%d.%d", src[0], src[1], src[2], src[3]); | ||
} | ||
|
||
int cid_crack_attempt(const char *cid_ids[5], int cid_count, _BYTE src[4], int n_otp) { | ||
|
||
unsigned int localip = 0x12345678; | ||
_BYTE client_id_b[128]; | ||
char client_id_hx[128]; | ||
char otp[9]; | ||
|
||
bzero(client_id_b, sizeof(client_id_b)); | ||
bzero(client_id_hx, sizeof(client_id_hx)); | ||
bzero(otp, sizeof(otp)); | ||
|
||
gen_otp_val(otp, n_otp); | ||
set_loc_data(src, otp); | ||
|
||
int n = cid(&localip, client_id_b, otp); | ||
bcvh(client_id_b, 32, (_BYTE *) client_id_hx, 65); | ||
|
||
|
||
int rv = cid_matches(cid_ids, cid_count, client_id_hx); | ||
if (rv ) { | ||
puts(client_id_hx); | ||
} | ||
return rv; | ||
} | ||
|
||
int crk_slice_start(int slice) { | ||
return 32 * slice; | ||
} | ||
|
||
|
||
int crk_slice_end(int slice) { | ||
return 32 * slice + 31; | ||
} | ||
|
||
|
||
int cid_crack(const char *CIDs[5], int cid_count, | ||
_BYTE oct3_low, _BYTE oct3_hi, | ||
_BYTE oct4_low, _BYTE oct4_hi, | ||
int otplow, int otphi) { | ||
|
||
_BYTE src[4] = {10, 47, 0, 0}; | ||
time_t start = time(NULL); | ||
|
||
int rv = 0; | ||
|
||
printf("NET: %d.%d.%d.%d --> %d.%d.%d.%d\n", | ||
src[0], src[1], oct3_low, oct4_low , | ||
src[0], src[1], oct3_hi, oct4_hi | ||
); | ||
printf("OTP %06d --> %06d \n", otplow, otphi ); | ||
|
||
for (int otp = otplow; otp <= otphi; otp++) { | ||
if (otp % 50000 == 1 && otp > 1) { | ||
time_t elapsed = time(NULL) - start; | ||
printf("Try: %06d %.2f/sec\n", otp, (otp * 1.0) / (elapsed * 1.0)); | ||
} | ||
for (_BYTE o3 = oct3_low; o3 <= oct3_hi; o3++) { | ||
for (_BYTE o4 = oct4_low; o4 <= oct4_hi; o4++) { | ||
src[2] = o3; | ||
src[3] = o4; | ||
|
||
if (cid_crack_attempt(CIDs, cid_count, src, otp)) { | ||
char found[20]; | ||
gen_display_res(found, src); | ||
printf("\nFOUND: %s\n", found); | ||
rv = 1; | ||
} | ||
|
||
if (o4 == 255) { break; } | ||
} | ||
if (o3 == 255) { break; } | ||
} | ||
} | ||
|
||
return rv; | ||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
#ifndef _CRACK_INCLUDED_H | ||
#define _CRACK_INCLUDED_H | ||
|
||
#include "sim_types.h" | ||
|
||
int cid_matches(const char *CIDs[], int cid_count, const char *cid); | ||
void gen_otp_val(char otpBuf[], int val); | ||
void gen_display_res(char *buf, unsigned char *src); | ||
int cid_crack_attempt(const char *CIDs[5], int cid_count, _BYTE src[4], int otp); | ||
int cid_crack(const char *pString[5], int cid_count, _BYTE oct3_low, _BYTE oct3_hi, _BYTE oct4_low, _BYTE oct4_hi, int otplow, int otphi); | ||
int crk_slice_start(int slice); | ||
int crk_slice_end(int slice); | ||
|
||
|
||
|
||
#endif |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
#include <stdio.h> | ||
#include <stdlib.h> | ||
#include "crack.h" | ||
|
||
const char *CIDs[10] = { | ||
"bb52677e489ba0bdf9c55e092e1b9fb98c3d3966fa7126ccc7b3a9527f8d0f54", | ||
"06aeee4fcd565a4b527a20274a352a78e83b81a3a0f35509df144a6c1450270d", | ||
"56ea3b3d00df1ee0592dd4870317020ebe02a232f0ae37fff31733e1f918e571", | ||
"ea1e03022cc3a0378ef9056b5346befdf735f56d56509dcb3d1ea03191803815", | ||
"51b9326cad4f65e656ea6251937e9715643332adc5b811093faedf8d01fc10b8", | ||
"472d7834f4dd0ab70b631f58a923af3c8db18913491e03a6679bbe4ff8e658eb", | ||
"b784c8325a15d7b7d62d4ded79b86b08fd0cbc8ed0099fee200b55ef8791eae6", | ||
|
||
"047b5f5a6dd57f44ddc76f57bffeea7a06cd8d8dea2fdc6fc8ea5f47e4b4c117", | ||
"3431b241b4f09c76c4ae404919f09cad650fe5f83e4a51ed695464941680f680", | ||
"44d60efee6f4a5922742b51cc6b4345f083acb55b3b14d51256b19b778ffcfdb" | ||
}; | ||
|
||
int main(int argc, char**argv) { | ||
if ( argc < 3 ) { | ||
printf("Usage: %s O3 S2\n", argv[0]); | ||
return 3; | ||
} | ||
int o3 = atoi(argv[1]); | ||
int slice2 = atoi(argv[2]); | ||
|
||
int o4s = crk_slice_start(slice2); | ||
int o4e = crk_slice_end(slice2); | ||
|
||
puts("Probing:"); | ||
|
||
return cid_crack(CIDs, 10, o3, o3, o4s, o4e, 0, 999999); | ||
} |
Oops, something went wrong.