#!/usr/bin/env python3
import sys, io, binascii, hashlib
from rc4 import RC4

MAGIC1 = b'This is the MPPE Master Key'
MAGIC2 = b'On the client side, this is the send key; on the server side, it is the receive key.'
MAGIC3 = b'On the client side, this is the receive key; on the server side, it is the send key.'
SHSPAD1 = b'\x00'*40
SHSPAD2 = b'\xf2'*40

PASSWORD = '!2moondreamer2!'
NT_RESPONSE = binascii.unhexlify('eeec9d8a2c9678bf641727ff5ff776331575f42916215cd1')

def get_key(mk, ck, klen):
	return hashlib.new('sha1', mk[:klen] + SHSPAD1 + ck + SHSPAD2).digest()[:klen]

ntlm = hashlib.new('md4', PASSWORD.encode('utf-16le')).digest()
mkey = hashlib.new('sha1', hashlib.new('md4', ntlm).digest() + NT_RESPONSE + MAGIC1).digest()[:16]

ppp = {'cli': {'c': -1, 'ip': None}, 'srv': {'c': -1, 'ip': None}}
ppp['cli']['mkey'] = get_key(mkey, MAGIC2, 16)
ppp['srv']['mkey'] = get_key(mkey, MAGIC3, 16)
ppp['cli']['skey'] = get_key(ppp['cli']['mkey'], ppp['cli']['mkey'][:16], 16)
ppp['srv']['skey'] = get_key(ppp['srv']['mkey'], ppp['srv']['mkey'][:16], 16)

ts = 0
with io.open('comp.dat', 'rb') as fp:
	for rline in fp:
		rline = rline.strip().split(b'\t')
		ip_src, ip_dst = rline[0], rline[1]
		data = binascii.unhexlify(rline[2].decode('utf-8'))
		# rfc3078#3.1
		abcd = data[0] >> 4
		ccount =((data[0] & 0xf) << 8) + data[1]
		bit_a, bit_d = abcd & 1 != 0, abcd & 8 != 0
		data = data[2:]
		if ppp['cli']['ip'] is None:
			ppp['cli']['ip'] = ip_src
			ppp['srv']['ip'] = ip_dst
		tx = ppp['cli'] if ppp['cli']['ip'] == ip_src else ppp['srv']
		# rfc3078#7.3
		for i in range(0, ccount - tx['c']):
			tx['skey'] = get_key(tx['mkey'], tx['skey'], 16)
			tx['skey'] = RC4(tx['skey']).crypt(tx['skey'])
		tx['c'] = ccount
		dec = RC4(tx['skey']).crypt(data)
		# rfc3078#3.1
		if dec[:2] != b'\x00\x21':
			# not IP packet
			continue
		ts += 1
		print("0:00:00.{0} {1}".format(ts, dec[2:].hex()))