def encrypt(self, data):
"""
Encrypts `data` in CBC and ECB
half chosen randomly
order of encryption is saved to self.__first_half_mode
"""
self.__first_half_mode = choice(["ecb", "cbc"])
key = self.__generate_key()
data = self.__generate_random_data(
) + data + self.__generate_random_data()
hlf = int(len(data) / 2)
encrypted = b''
if self.__first_half_mode == "ecb":
cbc = AES_CBC(key)
encrypted = AES_ECB_encrypt(pad_pkcs7(data[:hlf]), key)
encrypted += cbc.encrypt(pad_pkcs7(data[hlf:]))
else:
cbc = AES_CBC(key)
encrypted = cbc.encrypt(pad_pkcs7(data[hlf:]))
encrypted += AES_ECB_encrypt(pad_pkcs7(data[:hlf]), key)
return encrypted
def attack():
"""
Function runs attack on `Account` class and generates ciphertext
which provides us with dictonary with elevated user priviledges
"""
# the string `email=[email]` will occupy exactly 32 bytes
# it will look like [email=anything_to_16_bytes][admin + '\x11'*16]
# thus we will obtain cipherblock of padd(admin)
payload = (16 - len('email=')) * 'A' + pad_pkcs7('admin')
account1 = Account(payload)
cipher_from_payload = account1.get_cipher()
# this is cipher( padd(admin) )
admin_priviledge = cipher_from_payload[16:32]
# i compute email length so
# email=[email]&uuid=[uuid]&role= occupies exactly 2 blocks
# i assume uuid has value less then 10
new_account_len = 'A' * (16 * 2 - len('email=') - len('&uuid=X&role='))
account2 = Account(new_account_len)
cipher_to_modify = account2.get_cipher()
# now i can swap last block to decode to admin+'\x11'*11
ciper_payload = cipher_to_modify[:32] + admin_priviledge
d = account2.generate_account(ciper_payload)
print(d)
def encrypt_data(self, data):
"""
encrypts user data and returns ciphertext
"""
data = self.__delete_delimeters(data)
to_encrypt = b"comment1=cooking%20MCs;userdata=" + data + b";comment2=%20like%20a%20pound%20of%20bacon"
return self.__cipher.encrypt(pad_pkcs7(to_encrypt))
def setup_server():
"""
Creates server instance and encrypts one of the strings with CBC mode
Returns server instance
"""
server = Server()
data = open('17.txt').readlines()
index = randint(0, 9)
server.encrypt(bytes(pad_pkcs7(b64decode(data[index]))))
return server
def __init__(self, email):
"""
Creates account from email
"""
email = email.replace("=", "").replace("&", "")
email = str.encode(email)
routine = b'email=' + email + b'&uuid=' + str.encode(str(
self.__Uuid)) + b'&role=user'
self.parser = Parser()
self.__account_data = self.parser.parse(routine.decode('utf-8'))
Account.__Uuid += 1
if self.__Cipher == None:
key = self.generate()
Account.__Cipher = AES.new(key, AES.MODE_ECB)
self.__cbc_routine = self.__Cipher.encrypt(pad_pkcs7(routine))
def encrypt(self, data): data = pad_pkcs7(data) return self.__cipher.encrypt(data)