Beispiel #1
0
def profile_for(email_b):
    if b'&' in email_b or b'=' in email_b:
        raise IndexError

    profile = b'email=' + email_b + b'&uid=10&role=user'

    return util.aes_ecb_enc(util.pkcs7pad(profile, 16), key_b)
Beispiel #2
0
def profile_for(email_b):
    if b'&' in email_b or b'=' in email_b:
        raise IndexError

    profile = b'email=' + email_b + b'&uid=10&role=user'

    return util.aes_ecb_enc(util.pkcs7pad(profile, 16), key_b)
Beispiel #3
0
def encryption_oracle(msg_b):
    msg_b = (util.random_bytes(random.randrange(5,11))
             + msg_b
             + util.random_bytes(random.randrange(5, 11)))

    key_b = util.random_bytes(16)
    if random.getrandbits(1):
        # use ecb
        return (util.aes_ecb_enc(util.pkcs7pad(msg_b, 16), key_b), True)
    else:
        # use cbc
        return (util.cbc_enc(msg_b, key_b, iv=util.random_bytes(16)), False)
Beispiel #4
0
def f1(msg_b):
    b = PREFIX + msg_b + SUFFIX

    return util.cbc_enc(util.pkcs7pad(b, 16), key_b)
Beispiel #5
0
import util

start_b = b'YELLOW SUBMARINE'
print(util.pkcs7pad(start_b, 20))
Beispiel #6
0
def f1(msg_b):
    b = PREFIX + msg_b + SUFFIX

    return util.cbc_enc(util.pkcs7pad(b, 16), key_b)
Beispiel #7
0
def oracle(msg_b):
    random_prefix = util.random_bytes(random.randrange(16))
    return util.aes_ecb_enc(util.pkcs7pad(
        random_prefix + msg_b + mystery_b, 16), key_b)
Beispiel #8
0
def oracle(msg_b):
    random_prefix = util.random_bytes(random.randrange(16))
    return util.aes_ecb_enc(
        util.pkcs7pad(random_prefix + msg_b + mystery_b, 16), key_b)
Beispiel #9
0
    return util.aes_ecb_enc(util.pkcs7pad(profile, 16), key_b)


def profile_decrypt(enc_b):
    return cookie_parse(util.aes_ecb_dec(enc_b, key_b))


# figure out the block size
start_len = len(profile_for(bytes()))
acc_bytes = b'a'
while True:
    new_len = len(profile_for(acc_bytes))
    if new_len != start_len:
        blocksize = new_len - start_len
        break
    else:
        acc_bytes += b'a'
print('Detected block size {}'.format(blocksize))

email_length = len(acc_bytes) + len(b'user')

our_email = b'a' * email_length
start_ciphertext = profile_for(our_email)[:-blocksize]

clear_len = len(acc_bytes) + 1
malicious_text = util.pkcs7pad(b'admin', blocksize)
out = profile_for((b'a' * clear_len) + malicious_text)
evil = util.make_chunks(out, blocksize)[1]

print(profile_decrypt(start_ciphertext + evil))
Beispiel #10
0
def f1(n):
    iv = util.random_bytes(16)
    msg = options[n]
    enc = util.cbc_enc(util.pkcs7pad(msg, 16), key_b, iv=iv)
    return iv, enc
Beispiel #11
0
def oracle(msg_b):
    return util.aes_ecb_enc(util.pkcs7pad(msg_b + mystery_b, 16), key_b)
Beispiel #12
0
    profile = b'email=' + email_b + b'&uid=10&role=user'

    return util.aes_ecb_enc(util.pkcs7pad(profile, 16), key_b)

def profile_decrypt(enc_b):
    return cookie_parse(util.aes_ecb_dec(enc_b, key_b))

# figure out the block size
start_len = len(profile_for(bytes()))
acc_bytes = b'a'
while True:
    new_len = len(profile_for(acc_bytes))
    if new_len != start_len:
        blocksize = new_len - start_len
        break
    else:
        acc_bytes += b'a'
print('Detected block size {}'.format(blocksize))

email_length = len(acc_bytes) + len(b'user')

our_email = b'a' * email_length
start_ciphertext = profile_for(our_email)[:-blocksize]

clear_len = len(acc_bytes) + 1
malicious_text = util.pkcs7pad(b'admin', blocksize)
out = profile_for((b'a' * clear_len) + malicious_text)
evil = util.make_chunks(out, blocksize)[1]

print(profile_decrypt(start_ciphertext + evil))