int random_int(void *pp) { ty_random *p; p = (ty_random *)pp; return (int)taus_get(p->tausmem); }
static void taus2_set (void *vstate, unsigned long int s) { taus_state_t *state = (taus_state_t *) vstate; if (s == 0) s = 1; /* default seed is 1 */ #define LCG(n) ((69069 * n) & 0xffffffffUL) state->s1 = LCG (s); if (state->s1 < 2) state->s1 += 2UL; state->s2 = LCG (state->s1); if (state->s2 < 8) state->s2 += 8UL; state->s3 = LCG (state->s2); if (state->s3 < 16) state->s3 += 16UL; /* "warm it up" */ taus_get (state); taus_get (state); taus_get (state); taus_get (state); taus_get (state); taus_get (state); return; }
static void taus_set (taus_state_t * state, unsigned int s) { if (s == 0) { s = 1; /* default seed is 1 */ } // original for unsigned long int //#define LCG(n) ((69069 * n) & 0xffffffffUL) #define LCG(n) ((69069 * n)) state->s1 = LCG (s); state->s2 = LCG (state->s1); state->s3 = LCG (state->s2); /* "warm it up" */ taus_get (state); taus_get (state); taus_get (state); taus_get (state); taus_get (state); taus_get (state); return; }
int main (int argc, char * argv[]) { /* the default password */ unsigned char TcpFlag[9] = { 0xF7,0xC3,0x12,0xAA,0xAA,0x12,0xC3,0xF7 }; unsigned char BadFlag[9] = { 0xFF,0xC3,0x12,0xAA,0xAA,0x12,0xC3,0xFF }; char * found_it; int i; int suc = 0; int badcnt = 0; char * newn; size_t nlen; int oldf; int newf; int ret; unsigned long bytecount; char in[9]; int j, k; char ccd; char * str; char * buf = (char *) malloc(GRAB_SIZE); size_t dat; char * newpwd = (char *) malloc(5 * 8 + 2); char * oldpwd = (char *) malloc(5 * 8 + 2); memset (newpwd, '\0', 5 * 8 + 2); memset (oldpwd, '\0', 5 * 8 + 2); if (argc < 4) { fprintf (stderr, "%s", _("\nUsage: samhain_setpwd <filename> <suffix> "\ "<new_password>\n\n")); fprintf (stderr, "%s", _(" This program is a utility that will:\n")); fprintf (stderr, "%s", _(" - search in the binary executable "\ "<filename> for samhain's\n")); fprintf (stderr, "%s", _(" compiled-in default password,\n")); fprintf (stderr, "%s", _(" - change it to <new_password>,\n")); fprintf (stderr, "%s", _(" - and output the modified binary to "\ "<filename>.<suffix>\n\n")); fprintf (stderr, "%s", _(" To allow for non-printable chars, "\ "<new_password> must be\n")); fprintf (stderr, "%s", _(" a 16-digit hexadecimal "\ "number (only 0-9,A-F allowed in input),\n")); fprintf (stderr, "%s", _(" thus corresponding"\ " to an 8-byte password.\n\n")); fprintf (stderr, "%s", _(" Example: 'samhain_setpwd samhain new "\ "4142434445464748'\n")); fprintf (stderr, "%s", _(" takes the file 'samhain', sets the "\ "password to 'ABCDEFGH'\n")); fprintf (stderr, "%s", _(" ('A' = 41 hex, 'B' = 42 hex, ...) "\ "and outputs the result\n")); fprintf (stderr, "%s", _(" to 'samhain.new'.\n")); return EXIT_FAILURE; } if (strlen(argv[3]) != 16) { fprintf (stdout, _("ERROR <new_password> |%s| has not exactly 16 chars\n"), argv[3]); fflush(stdout); return EXIT_FAILURE; } str = &argv[3][0]; i = 0; while (i < 16) { k = i/2; j = 0; if (2*k == i) in[k] = 0; while (j < 16) { if (-1 != readhexchar(str[i])) { in[k] += readhexchar(str[i]) * (i == 2*k ? 16 : 1); break; } ++j; if (j == 16) { fprintf(stdout, _("ERROR Invalid char %c\n"), str[i]); fflush(stdout); return EXIT_FAILURE; } } ++i; } in[8] = '\0'; /* ---- initialize ----- */ (void) umask (0); taus_seed(); bytecount = 0; /* ---- open files ----- */ oldf = open(argv[1], O_RDONLY); nlen = strlen(argv[1])+strlen(argv[2])+2; newn = (char *) malloc (nlen); strncpy(newn, argv[1], nlen); newn[nlen-1] = '\0'; strncat(newn, ".", nlen); newn[nlen-1] = '\0'; strncat(newn, argv[2], nlen); newn[nlen-1] = '\0'; newf = open(newn, O_WRONLY|O_CREAT|O_TRUNC, S_IRWXU); if (oldf < 0) { fprintf(stdout, _("ERROR Cannot open input file %s.\n"), argv[1]); fflush(stdout); return EXIT_FAILURE; } if (newf < 0) { fprintf(stdout, _("ERROR Cannot open output file %s.\n"), newn); fflush(stdout); return EXIT_FAILURE; } /* ---- scan file ----- */ while (1) { dat = read (oldf, buf, GRAB_SIZE); if (dat == 0) break; bytecount += dat; while ( (found_it = my_strstr(buf, (char *) TcpFlag, GRAB_SIZE)) != NULL) { suc = 1; fprintf (stdout, "%s", _("INFO old password found\n")); fflush(stdout); for (i = 0; i < 8; ++i) { sprintf(&oldpwd[i*2], _("%02x"), (unsigned char) *found_it); sprintf(&newpwd[i*2], _("%02x"), (unsigned char) in[i]); *found_it = in[i]; ++found_it; } fprintf (stdout, _("INFO replaced: %s by: %s\n"), oldpwd, newpwd); fflush(stdout); } while ( (found_it = my_strstr(buf, (char *) BadFlag, GRAB_SIZE)) != NULL) { badcnt++; /* fprintf (stderr, _("INFO old filler found\n")); */ for (i = 0; i < 8; ++i) { sprintf(&oldpwd[i*2], _("%02x"), (unsigned char) *found_it); ccd = (unsigned char) (256.0 * (taus_get()/(TAUS_MAX+1.0))); sprintf(&newpwd[i*2], _("%02x"), (unsigned char) ccd); *found_it = ccd; ++found_it; } /* fprintf (stderr, _("INFO replaced: %s by: %s\n"), oldpwd, newpwd); */ } ret = write (newf, buf, dat); if (dat > 0 && ret < 0) { fprintf(stdout, _("ERROR Cannot write to output file %s.\n"), newn); fflush(stdout); return EXIT_FAILURE; } } if (suc == 1 && badcnt == 7) { fprintf (stdout, "%s", _("INFO finished\n")); close (newf); close (oldf); fflush(stdout); return (0); } lseek (oldf, 0, SEEK_SET); lseek (newf, 0, SEEK_SET); fprintf (stdout, "%s", _("INFO Not found in first pass.\n")); fprintf (stdout, "%s", _("INFO Second pass ..\n")); /* offset the start point */ dat = read (oldf, buf, (GRAB_SIZE / 2)); ret = write (newf, buf, dat); if (dat > 0 && ret < 0) { fprintf(stdout, _("ERROR Cannot write to output file %s.\n"), newn); fflush(stdout); return EXIT_FAILURE; } bytecount = 0; suc = 0; badcnt = 0; while (1) { dat = read (oldf, buf, GRAB_SIZE); if (dat == 0) break; bytecount += dat; while ( (found_it = my_strstr(buf, (char *) TcpFlag, GRAB_SIZE)) != NULL) { suc = 1; fprintf (stdout, "%s", _("INFO old password found\n")); for (i = 0; i < 8; ++i) { sprintf(&oldpwd[i*2], _("%02x"), (unsigned char) *found_it); sprintf(&newpwd[i*2], _("%02x"), (unsigned char) in[i]); *found_it = in[i]; ++found_it; } fprintf (stdout, _("INFO Replaced: %s by: %s\n"), oldpwd, newpwd); } while ( (found_it = my_strstr(buf, (char *) BadFlag, GRAB_SIZE)) != NULL) { badcnt++; /* fprintf (stderr, _("INFO old filler found\n")); */ for (i = 0; i < 8; ++i) { sprintf(&oldpwd[i*2], _("%02x"), (unsigned char) *found_it); ccd = (unsigned char) (256.0 * taus_get()/(TAUS_MAX+1.0)); sprintf(&newpwd[i*2], _("%02x"), (unsigned char) ccd); *found_it = ccd; ++found_it; } /* fprintf (stderr, _("INFO Replaced: %s by: %s\n"), oldpwd, newpwd);*/ } ret = write (newf, buf, dat); if (dat > 0 && ret < 0) { fprintf(stdout, _("ERROR Cannot write to output file %s.\n"), newn); fflush(stdout); return EXIT_FAILURE; } } close (newf); close (oldf); if (suc == 1 && badcnt == 7) { fprintf (stdout, "%s", _("INFO finished\n")); fflush(stdout); return 0; } if (suc == 0 || badcnt < 7) { fprintf (stdout, "%s", _("ERROR incomplete replacement\n")); } else { fprintf (stdout, "%s", _("ERROR bad replacement\n")); } fflush(stdout); return EXIT_FAILURE; }
double taus_get_double (void *vstate) { return taus_get (vstate) / 4294967296.0 ; }
uint4 cl_random_get(uint4 state) { state.s0 = taus_get(&state.state); return state; }