Python pkcs7pad Beispiele

Beispiel #1

Datei: s13.py Projekt: dkess/matasano-challenge

def profile_for(email_b):
    if b'&' in email_b or b'=' in email_b:
        raise IndexError

    profile = b'email=' + email_b + b'&uid=10&role=user'

    return util.aes_ecb_enc(util.pkcs7pad(profile, 16), key_b)

Beispiel #2

def profile_for(email_b):
    if b'&' in email_b or b'=' in email_b:
        raise IndexError

    profile = b'email=' + email_b + b'&uid=10&role=user'

    return util.aes_ecb_enc(util.pkcs7pad(profile, 16), key_b)

Beispiel #3

Datei: s11.py Projekt: dkess/matasano-challenge

def encryption_oracle(msg_b):
    msg_b = (util.random_bytes(random.randrange(5,11))
             + msg_b
             + util.random_bytes(random.randrange(5, 11)))

    key_b = util.random_bytes(16)
    if random.getrandbits(1):
        # use ecb
        return (util.aes_ecb_enc(util.pkcs7pad(msg_b, 16), key_b), True)
    else:
        # use cbc
        return (util.cbc_enc(msg_b, key_b, iv=util.random_bytes(16)), False)

Beispiel #4

Datei: s16.py Projekt: dkess/matasano-challenge

def f1(msg_b):
    b = PREFIX + msg_b + SUFFIX

    return util.cbc_enc(util.pkcs7pad(b, 16), key_b)

Beispiel #5

Datei: s9.py Projekt: dkess/matasano-challenge

import util

start_b = b'YELLOW SUBMARINE'
print(util.pkcs7pad(start_b, 20))

Beispiel #6

def f1(msg_b):
    b = PREFIX + msg_b + SUFFIX

    return util.cbc_enc(util.pkcs7pad(b, 16), key_b)

Beispiel #7

Datei: s14.py Projekt: dkess/matasano-challenge

def oracle(msg_b):
    random_prefix = util.random_bytes(random.randrange(16))
    return util.aes_ecb_enc(util.pkcs7pad(
        random_prefix + msg_b + mystery_b, 16), key_b)

Beispiel #8

def oracle(msg_b):
    random_prefix = util.random_bytes(random.randrange(16))
    return util.aes_ecb_enc(
        util.pkcs7pad(random_prefix + msg_b + mystery_b, 16), key_b)

Beispiel #9

    return util.aes_ecb_enc(util.pkcs7pad(profile, 16), key_b)


def profile_decrypt(enc_b):
    return cookie_parse(util.aes_ecb_dec(enc_b, key_b))


# figure out the block size
start_len = len(profile_for(bytes()))
acc_bytes = b'a'
while True:
    new_len = len(profile_for(acc_bytes))
    if new_len != start_len:
        blocksize = new_len - start_len
        break
    else:
        acc_bytes += b'a'
print('Detected block size {}'.format(blocksize))

email_length = len(acc_bytes) + len(b'user')

our_email = b'a' * email_length
start_ciphertext = profile_for(our_email)[:-blocksize]

clear_len = len(acc_bytes) + 1
malicious_text = util.pkcs7pad(b'admin', blocksize)
out = profile_for((b'a' * clear_len) + malicious_text)
evil = util.make_chunks(out, blocksize)[1]

print(profile_decrypt(start_ciphertext + evil))

Beispiel #10

Datei: s17.py Projekt: dkess/matasano-challenge

def f1(n):
    iv = util.random_bytes(16)
    msg = options[n]
    enc = util.cbc_enc(util.pkcs7pad(msg, 16), key_b, iv=iv)
    return iv, enc

Beispiel #11

def oracle(msg_b):
    return util.aes_ecb_enc(util.pkcs7pad(msg_b + mystery_b, 16), key_b)

Beispiel #12

Datei: s13.py Projekt: dkess/matasano-challenge

    profile = b'email=' + email_b + b'&uid=10&role=user'

    return util.aes_ecb_enc(util.pkcs7pad(profile, 16), key_b)

def profile_decrypt(enc_b):
    return cookie_parse(util.aes_ecb_dec(enc_b, key_b))

# figure out the block size
start_len = len(profile_for(bytes()))
acc_bytes = b'a'
while True:
    new_len = len(profile_for(acc_bytes))
    if new_len != start_len:
        blocksize = new_len - start_len
        break
    else:
        acc_bytes += b'a'
print('Detected block size {}'.format(blocksize))

email_length = len(acc_bytes) + len(b'user')

our_email = b'a' * email_length
start_ciphertext = profile_for(our_email)[:-blocksize]

clear_len = len(acc_bytes) + 1
malicious_text = util.pkcs7pad(b'admin', blocksize)
out = profile_for((b'a' * clear_len) + malicious_text)
evil = util.make_chunks(out, blocksize)[1]

print(profile_decrypt(start_ciphertext + evil))