Plaid Parliament of Pwning
Overview
bin200 is a web service that dumps the key if provided with a pair of values that form a collision for the Tangle hash function.
Writeup
We quickly reversed this binary and found that it read in two numbers and dumped the key if they were a collision for some hash function. Googling the constants used revealed that it is the proposed SHA-3 Tangle hash function.
As there are several papers on attacking this particular hash function, we quickly wrote up a solution:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
#!/usr/bin/python
import struct
import socket
import time
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect(('140.197.217.155', 18703))
# Provide the magic constants expected by the service.
payload = struct.pack('>I', 0x94A4C265)
payload += struct.pack('>I', 0xFE732D6F)
payload += struct.pack('>I', 0xEEF814CB)
payload += struct.pack('>I', 0x6EC8A126)
# The length.
payload += struct.pack('I', 40)
# Send the colliding values.
payload += '\xc8\x19\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
payload += '\xc8\x19\x00\x80\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x80'
s.send(payload)
time.sleep(1)
print s.recv(1024)