Beispiel #1
0
def main():
    global random_key
    global to_prepend
    random_key = challenge11.random_string(AES.block_size)
    to_prepend = challenge11.random_string(randint(1, 32))

    guessed_block_size = guess_block_size(encrypt_oracle)
    guessed_offset = guess_offset(encrypt_oracle)
    guessed_ecb = challenge11.guess_ecb(encrypt_oracle(b'?' * guessed_offset[1] + b'YELLOW SUBMARINEYELLOW SUBMARINE'))
    # print('Block size: ', guessed_block_size)
    # print('ECB: ', guessed_ecb)
    # print('Offset: ', guessed_offset)
    prevs = bytearray()
    block_n = 0
    for i in range(24):
        prevs += decrypt_block(encrypt_oracle, guessed_block_size, prevs, guessed_offset)
        block_n += 1
    #print(prevs)
    correct = bytearray(b'Three Rings for the Elven-kings under the sky,\r\nSeven for the Dwarf-lords in their halls'
                        b' of stone,\r\nNine for Mortal Men doomed to die,\r\nOne for the Dark Lord on his dark throne'
                        b'\r\nIn the Land of Mordor where the Shadows lie.\r\nOne Ring to rule them all, One Ring to'
                        b' find them,\r\nOne Ring to bring them all, and in the darkness bind them,\r\nIn the Land of '
                        b'Mordor where the Shadows lie.\x01\x00\x00\x00\x00')
    if prevs != correct:
        print('Error at: ', guessed_offset)
Beispiel #2
0
def main():
    mac = secret_prefix_mac(plaintext, random_string(16))
    print(mac)
    mac2 = secret_prefix_mac(
        b'Alight, winds approach deadly approaching winds alight.',
        random_string(16))
    print(mac2)
Beispiel #3
0
def profile_for(username):
    username = username.replace('&', '')
    username = username.replace('=', '')
    str = 'email=' + username + '&uid=10&role=user'
    random_key = random_string(16)
    aes = AES.new(random_key)
    return aes.encrypt(pkcs7padding(bytes(str, encoding='utf-8'))), random_key
Beispiel #4
0
def aes_ctr_enc_lines(filename):
    ciphertexts = []
    key = random_string(16)
    # Original challenge set this to 0. But that's boring.
    nonce = random.randint(4294967296, 9223372036854775807)
    with open(filename, 'rb') as file:
        for line in file.readlines():
            ciphertexts.append(
                aes_ctr_crypt(binascii.a2b_base64(line), key, nonce))
    return ciphertexts
Beispiel #5
0
def cbc_padding_oracle(c1, c2):
    assert (len(c1) == len(c2) == AES.block_size)
    p2 = bytearray([0] * AES.block_size)
    chosen_c1 = bytearray(random_string(AES.block_size))
    # note that padding is the amount of padding this iteration is attempting to achieve. -padding is the byte being set
    for padding in range(1, AES.block_size + 1):
        for c in range(256):
            chosen_c1[-padding] = c
            if check_cbc_padding_random(c2, chosen_c1):
                break
        p2[-padding] = chosen_c1[-padding] ^ padding ^ c1[-padding]
        for i in range(1, padding + 1):
            chosen_c1[-i] = chosen_c1[-i] ^ padding ^ (padding + 1)

    return p2
Beispiel #6
0
#!/usr/bin/env python3
import binascii

from Crypto.Cipher import AES

import challenge11
import challenge9

random_key = challenge11.random_string(AES.block_size)


def encrypt_oracle(plaintext):
    to_append = binascii.a2b_base64('Um9sbGluJyBpbiBteSA1LjAKV2l0aCBteSByYWctdG9wIGRvd24gc28gbXkg'\
                                    'aGFpciBjYW4gYmxvdwpUaGUgZ2lybGllcyBvbiBzdGFuZGJ5IHdhdmluZyBq'\
                                    'dXN0IHRvIHNheSBoaQpEaWQgeW91IHN0b3A/IE5vLCBJIGp1c3QgZHJvdmUg'\
                                    'YnkK')
    global random_key
    aes = AES.new(random_key)
    ciphertext = aes.encrypt(challenge9.pkcs7padding(plaintext + to_append))
    return ciphertext


def guess_block_size(oracle):
    last_block_size = 0
    this_block_size = 0
    length = 1
    while last_block_size == 0 or this_block_size == last_block_size:
        last_block_size = this_block_size
        this_block_size = len(oracle(b'A' * length))
        length += 1
    return this_block_size - last_block_size
Beispiel #7
0
#!/usr/bin/env python
import sys
import challenge11
import string
import challenge9

key = challenge11.random_string()


def oracle_function(data):
    to_append = \
'''Um9sbGluJyBpbiBteSA1LjAKV2l0aCBteSByYWctdG9wIGRvd24gc28gbXkg
aGFpciBjYW4gYmxvdwpUaGUgZ2lybGllcyBvbiBzdGFuZGJ5IHdhdmluZyBq
dXN0IHRvIHNheSBoaQpEaWQgeW91IHN0b3A/IE5vLCBJIGp1c3QgZHJvdmUg
YnkK'''
    return challenge11.encrypt_AES_ECB(data + to_append.decode('base64'), key)


if __name__ == '__main__':

    # Step 1
    block_size = 0
    while True:
        result = oracle_function('A' * block_size)
        if challenge11.is_ECB(result): break
        block_size += 1
    block_size /= 2
    print 'Step #1: Block size length = {}'.format(block_size)

    # Step 2
    if challenge11.is_ECB(oracle_function('A' * block_size * 4)):
Beispiel #8
0
def encrypt_cbc_random():
    plaintext = binascii.a2b_base64(random.choice(possible_b64_plaintexts))
    iv = random_string(AES.block_size)
    return aes_cbc_encrypt(plaintext, random_key, iv), iv
Beispiel #9
0
from challenge15 import strip_pkcs7padding

possible_b64_plaintexts = [
    'MDAwMDAwTm93IHRoYXQgdGhlIHBhcnR5IGlzIGp1bXBpbmc=',
    'MDAwMDAxV2l0aCB0aGUgYmFzcyBraWNrZWQgaW4gYW5kIHRoZSBWZWdhJ3MgYXJlIHB1bXBpbic=',
    'MDAwMDAyUXVpY2sgdG8gdGhlIHBvaW50LCB0byB0aGUgcG9pbnQsIG5vIGZha2luZw==',
    'MDAwMDAzQ29va2luZyBNQydzIGxpa2UgYSBwb3VuZCBvZiBiYWNvbg==',
    'MDAwMDA0QnVybmluZyAnZW0sIGlmIHlvdSBhaW4ndCBxdWljayBhbmQgbmltYmxl',
    'MDAwMDA1SSBnbyBjcmF6eSB3aGVuIEkgaGVhciBhIGN5bWJhbA==',
    'MDAwMDA2QW5kIGEgaGlnaCBoYXQgd2l0aCBhIHNvdXBlZCB1cCB0ZW1wbw==',
    'MDAwMDA3SSdtIG9uIGEgcm9sbCwgaXQncyB0aW1lIHRvIGdvIHNvbG8=',
    'MDAwMDA4b2xsaW4nIGluIG15IGZpdmUgcG9pbnQgb2g=',
    'MDAwMDA5aXRoIG15IHJhZy10b3AgZG93biBzbyBteSBoYWlyIGNhbiBibG93]'
]

random_key = random_string(AES.key_size[0])


def encrypt_cbc_random():
    plaintext = binascii.a2b_base64(random.choice(possible_b64_plaintexts))
    iv = random_string(AES.block_size)
    return aes_cbc_encrypt(plaintext, random_key, iv), iv


def check_cbc_padding_random(ciphertext, iv):
    ciphertext = bytes(ciphertext)
    iv = bytes(iv)
    try:
        plaintext = aes_cbc_decrypt(ciphertext, random_key, iv)
        return True
    except ValueError:
Beispiel #10
0
#!/usr/bin/env python3

from challenge2 import fixed_xor
from util import *
from challenge18 import aes_ctr_crypt
from challenge11 import random_string
import random
from urllib.parse import quote, unquote

random_key = random_string(16)
random_nonce = random.getrandbits(16)


def build_profile(userdata):
    plaintext = ('comment1=cooking%20MCs;userdata=' + quote(userdata) +
                 ';comment2=%20like%20a%20pound%20of%20bacon')
    plaintext = bytearray(plaintext, encoding='utf-8')
    ciphertext = aes_ctr_crypt(plaintext, random_key, random_nonce)
    return ciphertext


def authenticate(ciphertext):
    plaintext = aes_ctr_crypt(ciphertext, random_key, random_nonce)
    info_dict = {}
    for pair in plaintext.split(b';'):
        k, v = pair.split(b'=')
        info_dict[bytes(unquote(k.decode(errors='ignore')), encoding='utf-8')] = \
                bytes(unquote(v.decode(errors='ignore')), encoding='utf-8')
    if b'admin' in info_dict and info_dict[b'admin'] == b'true':
        print('Logged in as admin. ')
        return True, plaintext