Path: blob/master/Block-Cipher/Attack-CBC-Bit-Flipping/Challenges/CNVService/CNVService.py
1402 views
import os1import socket2import threading3import time4import SocketServer5from AES_CNV_COOKIE import Cookie, BLOCK_SIZE6from Crypto import Random7from Secret import __FLAG__89host, port = '0.0.0.0', 444410BUFF_SIZE = 10241112class ThreadedTCPServer(SocketServer.ThreadingMixIn, SocketServer.TCPServer):13allow_reuse_address = True1415class ThreadedTCPRequestHandler(SocketServer.BaseRequestHandler):1617def Register(self):18self.request.sendall("*****************************REGISTER*****************************\n")19self.request.sendall("Name: ")20name = self.request.recv(BUFF_SIZE).strip()21self.request.sendall("Username: ")22username = self.request.recv(BUFF_SIZE).strip()23if "root" in username:24self.request.sendall("Can not register root user!\n")25else:26cookie = self.cookie.register(name, username)27self.request.sendall("Cookie: %s\n" %cookie)28self.request.sendall("***************************END REGISTER***************************\n")2930def Login(self):31self.request.sendall("*******************************LOGIN******************************\n")32self.request.sendall("Cookie: ")33cookie = self.request.recv(BUFF_SIZE).strip()34name, username, time = self.cookie.authentication(cookie)35if username == None:36self.request.sendall("Don't attack my service, hacker!\n")37self.request.sendall("***************************LOGIN FALSE****************************\n")38else:39self.request.sendall("**************************LOGIN SUCCESS***************************\n")40self.request.sendall("Welcome CNV service: %s\n" %name)41self.request.sendall("Username: %s\n" %username)42self.request.sendall("Time register: %s\n" %time)43if username != "root":44self.request.sendall("Sorry! This service support only root user! Please waiting service upgrade.\n")45return False46else:47self.request.sendall("***************************Root Servive***************************\n")48self.request.sendall("This is flag: %s\n" %__FLAG__)49return True5051def handle(self):52self.key = Random.new().read(BLOCK_SIZE)53self.cookie = Cookie(self.key)54self.request.settimeout(1)55self.countuser = 056self.request.sendall("***************************CNVService*****************************\n")57self.request.sendall("* Challenge created by CNV *\n")58self.request.sendall("* My blog: https://chung96vn.blogspot.com *\n")59self.request.sendall("***************************CNVService*****************************\n")60while True:61self.request.sendall("********************Menu********************\n")62self.request.sendall("* 1 - Register *\n")63self.request.sendall("* 2 - Login *\n")64self.request.sendall("********************************************\n")65self.request.sendall("Your choice: ")66try:67choice = int(self.request.recv(BUFF_SIZE).strip())68except:69choice = 070if choice == 1:71if self.countuser < 2:72if self.Register():73self.countuser += 174else:75self.request.sendall("Can not register more than two user!\n")76elif choice == 2:77self.Login()78break79else:80self.request.sendall("Invalid choice!\n")81break82def main():83server = ThreadedTCPServer((host, port), ThreadedTCPRequestHandler)84server_thread = threading.Thread(target=server.serve_forever)85server_thread.daemon = True86server_thread.start()87print "Server loop running in thread:", server_thread.name88server_thread.join()8990if __name__ == '__main__':91main()929394