def process_and_decrypt_string(encrypted_tampered): key = '0x71e6efcfb44e362b6e14f7abbecf5503' key_in_binary = binascii.a2b_hex(key[2:]) iv = key iv_in_binary = binascii.a2b_hex(iv[2:]) decrypted = block.openssl_cbc_decrypt(encrypted_tampered, key_in_binary, iv_in_binary) if block.exception_high_ascii(decrypted) is not None: return 'Text had high ASCII characters', decrypted else: return 'All clean', None
def padding_oracle(encrypted): blockcount = len(encrypted) / blocklen final = '' for enclen in range(len(encrypted), 0, -16): i2 = [] c2 = encrypted[enclen - 16:enclen] #Message larger than 1 block if enclen - 16 > 0: c1dash = encrypted[enclen - 32:enclen - 16] #Single block message elif enclen - 16 == 0: c1dash = ivsplit for bytenum in range(15, -1, -1): no_of_pad_chars = blocklen - bytenum l1 = [] for middlebyte in reversed(i2): t2 = middlebyte ^ no_of_pad_chars l1.append(hex(t2)[2:].zfill(2).decode("hex")) #This is the actual brute-force bit where we guess characters in a specific position for i in range(1, 256): t1 = hex(i)[2:].zfill(2).decode("hex") c1 = '\x41' * bytenum + t1 #Appending bytes already solved for. This grabs the last byte first, then the second last and so on for x in l1: c1 = c1 + x chosen_ct = c1 + c2 decrypted = block.openssl_cbc_decrypt(chosen_ct, key, ivsplit) is_padding_correct = block.check_pad(blocklen, decrypted) if is_padding_correct == True: #This is for block N-1. Remember. NOT Block N. i2.append(i ^ no_of_pad_chars) break else: continue f1 = [] c1dash = c1dash[::-1] #CBC here, xor previous block byte by byte (which we solved for) with the target block (which we already have) and get plaintext_per_block for i in range(0, 16): f1.append(chr(ord(c1dash[i]) ^ i2[i])) blockcount -= 1 #Since we have solved stuff in the reverse order, we need to reverse it here to get the plaintext in the right order final = ''.join(reversed(f1)) + final return final
def process_and_decrypt_string(encrypted_tampered): admin_string = ';admin=true;' key = '0x71e6efcfb44e362b6e14f7abbecf5503' key_in_binary = binascii.a2b_hex(key[2:]) iv = '0x29b28d9f2f56c07a8df1778d7408ba79' iv_in_binary = binascii.a2b_hex(iv[2:]) decrypted_tampered = block.openssl_cbc_decrypt(encrypted_tampered, key_in_binary, iv) m1 = re.search(admin_string, decrypted_tampered) if m1: return decrypted_tampered, True else: return decrypted_tampered, False
''' MITM Attack starts here ''' print 'This is the MITM case' #User A sends p, g and A to B but it is intercepted by M who sends p, g, mA instead. B calculates the shared secret using 'mA' instead of A. Meaning there's a connection now between M and B using a shared secret chosen by the attacker mb = random.getrandbits(256) mB = pow(g, mb, p) secretB = pow(mB, b, p) keyB = hashlib.sha1(str(secretB)).hexdigest()[0:16] #User B encrypts traffic with keyB and sends it to User A. This traffic can be MITM'd by M who can also generate keyB and decrypt the traffic. enc_to_A = block.openssl_cbc_encrypt(msg_to_A, block_size, keyB, binascii.a2b_hex(iv_to_A[2:])) print 'Encrypted text from A to B', repr(enc_to_A) dec_to_A = block.openssl_cbc_decrypt(enc_to_A, keyB, binascii.a2b_hex(iv_to_A[2:])) print 'Decrypted text from A to B', repr(dec_to_A) #User B sends back B to A, but this also is MITMed, dropped and 'mB' is sent back to A. Meaning there's a connection now between M and A using a second shared secret. ma = random.getrandbits(256) mA = pow(g, ma, p) secretA = pow(mA, a, p) keyA = hashlib.sha1(str(secretA)).hexdigest()[0:16] #User A encrypts traffic with keyA and sends it to User B. This traffic can be MITM'd by M who can also generate keyA and decrypt the traffic. enc_to_B = block.openssl_cbc_encrypt(msg_to_B, block_size, keyB, binascii.a2b_hex(iv_to_B[2:])) print 'Encrypted text from B to A', repr(enc_to_B) dec_to_B = block.openssl_cbc_decrypt(enc_to_B, keyB, binascii.a2b_hex(iv_to_B[2:]))
import sys import os #Adding directory to the path where Python searches for modules cmd_folder = os.path.dirname('/home/arvind/Documents/Me/My_Projects/Git/Crypto/modules/') sys.path.insert(0, cmd_folder) #Importing common crypto module import block import base64 input_file= '10.txt' if __name__ == "__main__": key= 'YELLOW SUBMARINE' iv= ((r'\x00') * 16).decode('string-escape') block_size= 16 #This bit actually tests the encryption for cbc code #plaintext= 'abcdefghijklmnopqrstuvwxyz' #encrypted= block.openssl_cbc_encrypt(plaintext, block_size, key, iv) #ciphertext= encrypted #This bit solves the actual challenge :) with open(input_file) as f: t1= f.readlines() t2= ''.join(t1) ciphertext= base64.b64decode(t2) decrypted= block.openssl_cbc_decrypt(ciphertext, key, iv) print decrypted
def process_and_decrypt_string(encrypted): decrypted= block.openssl_cbc_decrypt(encrypted, key_in_binary, iv_in_binary) return decrypted