EvilZone

Hey all,
I'm working on this problem to reverse a hash. I've got a solution, but I think it's a bit of a hack and I'd like to see what I'm missing. This is a (broken) hash function that accepts a 16-byte input (16 integers in range(256)). A value of zero is assumed for hash[0] (message[-1] = 0).

Hash function is:
     hash[i] = ((129 * message[i]) XOR message[i-1]) % 256



def hashme(message):
    return [(((129 * m) ^ (0 if i is 0 else message[i-1]))%256) for (i, m) in enumerate(message)]


def _gcd(a,b):
    while b:
        a, b = b, a % b
    return abs(a)


def unhashme(digest):
    msg = [0] * len(digest)
    lastbyte = 0
    for (i, ch) in enumerate(digest):
        newchar = (ch ^ (lastbyte * 129))
        if _gcd(ch, 256) is 1:
            newbyte += 128
        newbyte = newbyte % 256
        msg[i] = newbyte
        lastbyte = newbyte
    return msg
The above 'unhashme' function works, but it feels inelegant. When run without the GCD calculation (and thus not offsetting the value by m/2 = 128), every other element seems to reverse correctly, but the others are off by 128. Multiplying by 19 will reverse the multiplication by 129 (modulo 256), but I'm not sure how/where to work it in. I feel like adding 128 here-and-there is hacky, or at best, missing the underlying intent. I'm going in circles between rings, cyclic groups, multiplicitive inverses, etc.


Can anyone explain what I'm missing, or give me a direction to search?




Input:    0,129,5,141,25,137,61,149,113,145,53,157,233,185,109,165
-------------------------------------------------------------------
No GCD:   0,129,4,137,16,153,36,177,64,209,100,249,144,41,196,97
-------------------------------------------------------------------
Expected: 0,1,4,9,16,25,36,49,64,81,100,121,144,169,196,225


Test data:
test1_input = [0, 129, 3, 129, 7, 129, 3, 129, 15, 129, 3, 129, 7, 129, 3, 129]
test1_output = [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15]


test2_input = [0, 129, 5, 141, 25, 137, 61, 149, 113, 145, 53, 157, 233, 185, 109, 165]
test2_output = [0, 1, 4, 9, 16, 25, 36, 49, 64, 81, 100, 121, 144, 169, 196, 225]

Session hijacking is possible anytime you can intercept, predict or otherwise acquire the session ID. So, if someone is using really awful session IDs that you can predict, you can certainly do it over HTTPS. Additionally, there's the "Secure" flag on cookies. If it's not set, the data will be visible over HTTP. Even if it is set, you can overwrite it with a plaintext cookie.

Tamper data?

For web pentesting Burpsuite is hands down the best IMO.

Yeah, that's it! And I was thinking about Burpsuite at work today. Wireshark is supposedly useful, but frankly I've yet to wrap my head around it. I've used it in some super-specific situations, but otherwise haven't used it much.

This sounds like a good place for mesh networking. It can be done with new/used routers and a base internet connection. A lot of vendors sell ready-made devices (Cisco, Ruckus SmartMesh, VillageTelco, etc.) I flashed some WR54G routers from Goodwill and had a small setup going, but never tried to scale it.

There was a pretty good whitepaper/case study about using them in small villages in Africa or something, but I'm coming up short today.

Haven't use PDO myself. But afaik when with mysqli(-driver) you can communicate only with mysql databases, but with right PDO-driver you can use mysql, microsoft sql, postgresql, sqlite, etc. databases. So i think pdo's flexibility is one of it advantages. Correct me if i'm wrong.

This is correct; the mysqli_* functions were kinda a fix for the mysql_* ones. The mysqli_* set allows you to easily update the mysql_* functions and maintain a functional programming style (vs OOP). PDO's, to my knowledge, must be an object, whereas mysqli provides a functional AND OOP interface.


That being said, PDO is the standard, particularly among open-source projects. This is largely to allow the interchangeability between databases, as mentioned, as well as the OOP style. Either is preferred over mysql_*, but they're approximately equivalent for all intents and purposes.

1) Stop being lazy.
2) Write code.
3) Write more code.
4) Go back and look at the awful code you wrote in step 2. Unfuck it. Make it faster. Make it use less memory. Make it more secure. If it's a script, make it OOP. If it's OOP, try to make it procedural.
5) Repeat.


If you're stuck on the bullshit tutorials, pick something you're interested in and write a program that involves that subject. Make a system to catalog your music/movie/porn collection. Write a browser plugin that downloads YouTube videos, whatever. If you find yourself doing the same repetitive task, figure out how to automate it. It doesn't really matter what you write, just write code.


As a corollary to that last statement, try googling "best way to <do something> in <language>". Look at the options, and don't settle for the first half-assed answer you see. While that's fine for prototyping or getting your feet wet, there are often lots of problems with the basic examples. Find a faster, better, more secure way of doing it. Then, test that shit and find what breaks, and fix it. Supply invalid input. Break things, fix them, then learn how to prevent them from breaking again.


The answers are out there - you may have to search for specific answers, but you can pretty much write any program in any language by searching StackOverflow and the likes. Just google it.


"how to save to a file in <language>"
"how to parse HTML in <language>"
etc.




Learning a computer language is just like learning any other language. You can sit in class, read about it, and wish you were fluent all day long, but until you get out there and start using it, you'll never know shit.

I've been wondering this myself lately. Thanks man!