def cbcModeDecrypt(key, iv, cipherText):
cipherObj = AES.new(key, AES.MODE_ECB)
if (len(cipherText) % 16):
for _ in range(16 - len(cipherText) % 16):
cipherText.append(0)
plainText = []
lastCipherBlock = iv
for i in range(len(cipherText) / 16):
cipherBlock = cipherText[i * 16:(i + 1) * 16]
plainTextBlock = array.array('B', cipherObj.decrypt(cipherBlock))
plainTextBlock = set1.bufferXOR(plainTextBlock, lastCipherBlock)
plainText += plainTextBlock
lastCipherBlock = cipherBlock
return plainText
def cbcModeDecrypt(key, iv, cipherText):
cipherObj = AES.new(key, AES.MODE_ECB)
if(len(cipherText) % 16):
for _ in range(16 - len(cipherText) % 16):
cipherText.append(0)
plainText = []
lastCipherBlock = iv
for i in range(len(cipherText)/16):
cipherBlock = cipherText[i * 16 : (i+1) * 16]
plainTextBlock = array.array('B', cipherObj.decrypt(cipherBlock))
plainTextBlock = set1.bufferXOR(plainTextBlock, lastCipherBlock)
plainText += plainTextBlock
lastCipherBlock = cipherBlock
return plainText
def encode(userStr, cipherObj):
front = "comment1=cooking%20MCs;userdata="
back = ";comment2=%20like%20a%20pound%20of%20bacon"
regex = re.compile('(=)')
userStr = regex.sub('"="', userStr)
regex = re.compile('(;)')
userStr = regex.sub('";"', userStr)
message = set2.pkcs7Pad(array.array('B', front + userStr + back), 16)
return cipherObj.encrypt(message)
def decode(cipherText, cipherObj):
plainText = cipherObj.decrypt(cipherText)
print plainText
if(string.find(plainText, ';admin=true;') >= 0):
print True
else:
print False
rndfile = Random.new()
key = rndfile.read(16)
iv = array.array('B', rndfile.read(16))
cipherObj = AES.new(key, AES.MODE_CBC, iv)
cipherText = encode("YELLOW SUBMARINEYELLOW SUBMARINE", cipherObj)
cipherText = array.array('B', cipherText)
cipherText[32:48] = array.array('B', set1.bufferXOR(set1.bufferXOR(array.array('B', 'YELLOW SUBMARINE'), set2.pkcs7Pad(array.array('B', ';admin=true;'), 16)), cipherText[32:48]) )
cipherObj = AES.new(key, AES.MODE_CBC, iv)
decode(cipherText, cipherObj)
import set1
a = set1.strToHex('1c0111001f010100061a024b53535009181c')
b = set1.strToHex('686974207468652062756c6c277320657965')
result = set1.bufferXOR(a,b)
print ''.join(format(x, '02x') for x in result)
if (len(sys.argv) == 2):
inputText = array.array('B', open(sys.argv[1], "rb").read())
else:
inputText = array.array(
'B',
binascii.a2b_base64(
'L77na/nrFsKvynd6HzOoG7GHTLXsTVu9qvY/2syLXzhPweyyMTJULu/6/kXX0KSvoOLSFQ=='
))
key = 'YELLOW SUBMARINE'
cipherObj = AES.new(key, AES.MODE_ECB)
nonce = "\x00\x00\x00\x00\x00\x00\x00\x00"
counter = 0
output = []
keyBlockLen = 16
numBlocks = len(inputText) / 16
if (len(inputText) % 16 != 0):
numBlocks += 1
for block in range(0, numBlocks):
if (block == numBlocks - 1):
keyBlockLen = len(inputText) % 16
countStr = struct.pack('L', counter)
counter += 1
keyBlock = array.array('B', cipherObj.encrypt(nonce + countStr))
output += set1.bufferXOR(keyBlock[:keyBlockLen],
inputText[16 * block:16 * (block + 1)])
# print output
print ''.join([chr(x) for x in output])
'MDAwMDA5aXRoIG15IHJhZy10b3AgZG93biBzbyBteSBoYWlyIGNhbiBibG93'
]
rndfile = Random.new()
key = rndfile.read(16)
iv = array.array('B', rndfile.read(16))
plainText = array.array(
'B', binascii.a2b_base64(plainTexts[ord(rndfile.read(1)) % 10]))
cipherObj = AES.new(key, AES.MODE_CBC, iv)
cipherText = cipherObj.encrypt(set2.pkcs7Pad(plainText, 16))
prevCipher = iv
outputText = ''
for blockNum in range(0, len(cipherText) / 16):
curCipher = array.array('B', cipherText[blockNum * 16:(blockNum + 1) * 16])
cPrime = array.array('B', [ord(rndfile.read(1)) for x in range(0, 16)])
imd = [0 for _ in range(0, 16)]
for i in reversed(range(0, 16)):
for j in range(0, 256):
cPrime[i] = j
if decryptOracle(curCipher, key, cPrime):
curImd = j ^ (16 - i)
# print chr(curImd ^ iv[i])
imd[i] = curImd
# prepare cPrime with values that will create correct padding up to the point of interest
for k in reversed(range(i, 16)):
cPrime[k] = (17 - i) ^ imd[k]
break
outputText += ''.join([chr(x) for x in set1.bufferXOR(prevCipher, imd)])
prevCipher = curCipher
print outputText
import binascii
import array
import struct
sys.path.append('../set1')
import set1
if(len(sys.argv) == 2):
inputText = array.array('B',open(sys.argv[1] , "rb").read())
else:
inputText = array.array('B', binascii.a2b_base64('L77na/nrFsKvynd6HzOoG7GHTLXsTVu9qvY/2syLXzhPweyyMTJULu/6/kXX0KSvoOLSFQ=='))
key = 'YELLOW SUBMARINE'
cipherObj = AES.new(key,AES.MODE_ECB)
nonce = "\x00\x00\x00\x00\x00\x00\x00\x00"
counter = 0
output = []
keyBlockLen = 16
numBlocks = len(inputText) / 16
if (len(inputText) % 16 != 0):
numBlocks += 1
for block in range(0, numBlocks):
if (block == numBlocks -1 ):
keyBlockLen = len(inputText) % 16
countStr = struct.pack('L', counter)
counter += 1
keyBlock = array.array('B', cipherObj.encrypt(nonce + countStr))
output += set1.bufferXOR(keyBlock[:keyBlockLen],inputText[16*block:16*(block+1)])
# print output
print ''.join([chr(x) for x in output])
import set1
a = set1.strToHex('1c0111001f010100061a024b53535009181c')
b = set1.strToHex('686974207468652062756c6c277320657965')
result = set1.bufferXOR(a, b)
print ''.join(format(x, '02x') for x in result)
return set2.pkcs7Validation(plainText)[0]
plainTexts = ['MDAwMDAwTm93IHRoYXQgdGhlIHBhcnR5IGlzIGp1bXBpbmc=','MDAwMDAxV2l0aCB0aGUgYmFzcyBraWNrZWQgaW4gYW5kIHRoZSBWZWdhJ3MgYXJlIHB1bXBpbic=','MDAwMDAyUXVpY2sgdG8gdGhlIHBvaW50LCB0byB0aGUgcG9pbnQsIG5vIGZha2luZw==','MDAwMDAzQ29va2luZyBNQydzIGxpa2UgYSBwb3VuZCBvZiBiYWNvbg==','MDAwMDA0QnVybmluZyAnZW0sIGlmIHlvdSBhaW4ndCBxdWljayBhbmQgbmltYmxl','MDAwMDA1SSBnbyBjcmF6eSB3aGVuIEkgaGVhciBhIGN5bWJhbA==','MDAwMDA2QW5kIGEgaGlnaCBoYXQgd2l0aCBhIHNvdXBlZCB1cCB0ZW1wbw==','MDAwMDA3SSdtIG9uIGEgcm9sbCwgaXQncyB0aW1lIHRvIGdvIHNvbG8=','MDAwMDA4b2xsaW4nIGluIG15IGZpdmUgcG9pbnQgb2g=','MDAwMDA5aXRoIG15IHJhZy10b3AgZG93biBzbyBteSBoYWlyIGNhbiBibG93']
rndfile = Random.new()
key = rndfile.read(16)
iv = array.array('B', rndfile.read(16))
plainText = array.array('B', binascii.a2b_base64(plainTexts[ord(rndfile.read(1)) % 10]))
cipherObj = AES.new(key,AES.MODE_CBC, iv)
cipherText = cipherObj.encrypt(set2.pkcs7Pad(plainText,16))
prevCipher = iv
outputText = ''
for blockNum in range(0, len(cipherText) / 16):
curCipher = array.array('B', cipherText[blockNum * 16:(blockNum+1) * 16])
cPrime = array.array('B', [ord(rndfile.read(1)) for x in range(0,16)])
imd = [0 for _ in range(0,16)]
for i in reversed(range(0,16)):
for j in range(0,256):
cPrime[i] = j
if decryptOracle(curCipher, key, cPrime):
curImd = j ^ (16 - i)
# print chr(curImd ^ iv[i])
imd[i] = curImd
# prepare cPrime with values that will create correct padding up to the point of interest
for k in reversed(range(i,16)):
cPrime[k] = (17-i) ^ imd[k]
break;
outputText += ''.join([chr(x) for x in set1.bufferXOR(prevCipher, imd)])
prevCipher = curCipher
print outputText