def main():
print("Running Middle")
host = socket.gethostname()
client_port = 3500
bot_port = 4020
middle_bot = socket.socket()
middle_client = socket.socket()
middle_bot.connect((host, bot_port))
middle_client.bind((host, client_port))
middle_client.listen()
client, addr = middle_client.accept()
status = middle_bot.recv(1024)
client.send(status)
p = client.recv(1024)
g = client.recv(1024)
A = client.recv(1024)
middle_bot.send(p)
middle_bot.send(g)
middle_bot.send(p)
B = middle_bot.recv(1024)
client.send(p)
client_encrypted = client.recv(1024)
client_IV = client.recv(1024)
middle_bot.send(client_encrypted)
middle_bot.send(client_IV)
bot_encrypted = middle_bot.recv(1024)
bot_IV = middle_bot.recv(1024)
client.send(bot_encrypted)
client.send(bot_IV)
s = 0
SHA = s4_4.SHA1()
CBCkey = bytes.fromhex(SHA.Hash(bytes([s]))[0:32])
client_message = s2_2.CBC_decrypt(client_encrypted, CBCkey, client_IV)
bot_message = s2_2.CBC_decrypt(bot_encrypted, CBCkey, bot_IV)
print("*MITM* | Client Message: " + str(client_message))
print("*MITM* | Bot Message: " + str(bot_message))
client.close()
middle_bot.close()
def create_admin(user_input):
found_block_size = block_size_detection(s2_2.CBC_encrypt)
print(pre_append_size_detection(CBC_encryption_oracle, found_block_size))
admin_string = (b'AadminAtrue').decode()
fake_string = found_block_size * 'A'
encrypted_string = CBC_encryption_oracle(fake_string + admin_string)
char_index = 2 * found_block_size
encrypted_string = bytearray(encrypted_string)
encrypted_string[int(char_index)] = int(
s1_2.b16_x(
hex(encrypted_string[char_index])[2:],
s1_2.b16_x(hex(ord('A'))[2:],
hex(ord(';'))[2:])), 16)
char_index += 6
encrypted_string[int(char_index)] = int(
s1_2.b16_x(
hex(encrypted_string[char_index])[2:],
s1_2.b16_x(hex(ord('A'))[2:],
hex(ord('='))[2:])), 16)
#char_index += 5
#encrypted_string[int(char_index)] =int(s1_2.b16_x(hex(encrypted_string[char_index])[2:], s1_2.b16_x(hex(ord('A'))[2:], hex(ord(';'))[2:])), 16)
encrypted_string = bytes(encrypted_string)
print(encrypted_string)
decrypted_string = s2_1.pkcs7_unpad(
s2_2.CBC_decrypt(encrypted_string, unkown_key, IV))
print(decrypted_string)
if find_admin(decrypted_string) == 1:
return "*ADMIN FOUND*"
else:
return "*ADMIN NOT FOUND*"
def recieve_token(token):
decrypted=s2_2.CBC_decrypt(token, unknown_key, IV)
for i in range(0, len(decrypted)):
if decrypted[i] > 127:
return decrypted
break
return 1
def main():
print("Running Client")
p=37
g=5
a=random.randint(0, p)
A=pow(g, a, p)
client1=Client()
print("*Client* | Attempting Connection")
client1.connectTo(3500, socket.gethostname())
status=client1.recieve()
print(str(status))
client1.send(p.to_bytes(16, 'big'))
client1.send(g.to_bytes(16, 'big'))
client1.send(A.to_bytes(16, 'big'))
B=client1.recieve()
B=int.from_bytes(B, 'big')
s=pow(B, a, p)
message=b"Shh. Issa Secret."
SHA=s4_4.SHA1()
CBCkey=bytes.fromhex(SHA.Hash(bytes([s]))[0:32])
IV=os.urandom(16)
encrypted_message=s2_2.CBC_encrypt(message, CBCkey, IV)
client1.send(encrypted_message)
client1.send(IV)
bot_message=client1.recieve()
bot_IV=client1.recieve()
returned_message=s2_2.CBC_decrypt(bot_message, CBCkey, bot_IV)
print("*CLIENT* | Echoed Message: " + str(returned_message))
client1.close()
def padding_oracle(ciphertext):
plaintext = s2_2.CBC_decrypt(ciphertext, ukey, IV)
if check_padding(plaintext) == 1:
return 1
return 0