Example #1
0
def aes_cbc_dec(rawCipher, rawKey, rawIV):
    cipherBlocks = chunks(rawCipher, 16);
    plain = b'';
    for block in cipherBlocks:
        ecbOut = aes_ecb_dec(block, rawKey);
        cbcOut = hexToRaw(hex_xor(rawToHex(ecbOut), rawToHex(rawIV)));
        rawIV = block;
        plain += cbcOut;
    return plain;
Example #2
0
def aes_cbc_dec(rawCipher, rawKey, rawIV):
    cipherBlocks = chunks(rawCipher, 16)
    plain = b''
    for block in cipherBlocks:
        ecbOut = aes_ecb_dec(block, rawKey)
        cbcOut = hexToRaw(hex_xor(rawToHex(ecbOut), rawToHex(rawIV)))
        rawIV = block
        plain += cbcOut
    return plain
Example #3
0
def aes_cbc_enc(rawPlain, rawKey, rawIV):
    plainBlocks = chunks(rawPlain, 16)
    cipher = b""
    for block in plainBlocks:
        blockIn = hexToRaw(hex_xor(rawToHex(block), rawToHex(rawIV)))
        blockOut = aes_ecb_enc(blockIn, rawKey)
        rawIV = blockOut
        cipher += blockOut
    return cipher
Example #4
0
def aes_cbc_dec(rawCipher, rawKey, rawIV):
    cipherBlocks = chunks(rawCipher, 16)
    plain = b""
    for block in cipherBlocks:
        ecbOut = aes_ecb_dec(block, rawKey)
        cbcOut = hexToRaw(hex_xor(rawToHex(ecbOut), rawToHex(rawIV)))
        rawIV = block
        plain += cbcOut
    return plain
Example #5
0
def aes_cbc_enc(rawPlain, rawKey, rawIV):
    plainBlocks = chunks(rawPlain, 16);
    cipher = b'';
    for block in plainBlocks:
        blockIn = hexToRaw(hex_xor(rawToHex(block), rawToHex(rawIV)));
        blockOut = aes_ecb_enc(blockIn, rawKey);
        rawIV = blockOut;
        cipher += blockOut;
    return cipher;
Example #6
0
def aes_cbc_enc(rawPlain, rawKey, rawIV):
    plainBlocks = chunks(rawPlain, 16)
    cipher = b''
    for block in plainBlocks:
        blockIn = hexToRaw(hex_xor(rawToHex(block), rawToHex(rawIV)))
        blockOut = aes_ecb_enc(blockIn, rawKey)
        rawIV = blockOut
        cipher += blockOut
    return cipher
Example #7
0
def test5():
    plain = "Burning 'em, if you ain't quick and nimble\nI go crazy when I hear a cymbal";
    key = "ICE";
    cipher = repeating_hex_xor(rawToHex(plain), rawToHex(key));
    expected = b'0b3637272a2b2e63622c2e69692a23693a2a3c6324202d623d63343c2a26226324272765272a282b2f20430a652e2c652a3124333a653e2b2027630c692b20283165286326302e27282f';
    if (str(expected) == str(cipher)):
        return True;
    print("Expected: " + str(expected));
    print("Cipher  : " + str(cipher));
    return False;
Example #8
0
def test30():
    message = b'comment1=cooking%20MCs;userdata=foo;comment2=%20like%20a%20pound%20of%20bacon'
    print('message ', message)
    tag = dumbMD4HashAuth(hash_secret, message)
    print('hash(secret||message) ', tag)
    newtag = appendMessage(message, tag, b';admin=true')
    print("new tag = ", rawToHex(newtag))
Example #9
0
def rsa_demo2():
    e = 3
    p = 4
    q = 4
    while ((p % e) == 1):
        p = generatePrime(1024)
    while ((q % e) == 1):
        q = generatePrime(1024)
    N = p * q
    phi = (p - 1) * (q - 1)
    assert ((phi % e) != 0)
    d = invmod(e, phi)
    message = 42
    encrypted = mypow(message, e, N)
    decrypted = mypow(encrypted, d, N)
    print('p = %d;q = %d; N = %d; e=%d; d=%d; message = %d; encrypted=%d' %
          (p, q, N, e, d, message, encrypted))
    assert (message == decrypted)
    #Finally, to encrypt a string, do something cheesy, like convert the
    #string to hex and put "0x" on the front of it to turn it into a
    #number. The math cares not how stupidly you feed it strings.
    rawMessage = b'May the Force be with you'
    hexMessage = rawToHex(rawMessage)
    intMessage = int(hexMessage, 16)
    encrypted = mypow(intMessage, e, N)
    decrypted = mypow(encrypted, d, N)
    assert (intMessage == decrypted)
    assert (hexToRaw(hex(intMessage)[2:]) == rawMessage)
Example #10
0
def test30():
    message = b"comment1=cooking%20MCs;userdata=foo;comment2=%20like%20a%20pound%20of%20bacon"
    print("message ", message)
    tag = dumbMD4HashAuth(hash_secret, message)
    print("hash(secret||message) ", tag)
    newtag = appendMessage(message, tag, b";admin=true")
    print("new tag = ", rawToHex(newtag))
Example #11
0
def discover_mac(message):
    guess_mac = b'\x00' * 20;
    for i in range(20):
        nextbyte = guess_byte(message, i, guess_mac);
        guess_mac = setByte(guess_mac, i, nextbyte);
    print (rawToHex(guess_mac));
    return guess_mac;
Example #12
0
def test29():
    message = b'comment1=cooking%20MCs;userdata=foo;comment2=%20like%20a%20pound%20of%20bacon'
    print('message ' ,message)
    tag = dumbHashAuth(hash_secret, message)
    print('hash(secret||message) ',tag)
    newtag = appendMessage(message, tag, b';admin=true');
    print("new tag = ", rawToHex(newtag))
def rsa_demo2():
    e = 3;
    p = 4;
    q = 4;
    while ((p % e) == 1):
        p = generatePrime(1024);
    while ((q % e) == 1):
        q = generatePrime(1024);
    N = p*q;
    phi = (p-1)*(q-1);
    assert((phi%e) != 0);
    d = invmod(e, phi);
    message = 42;
    encrypted = mypow(message, e, N);
    decrypted = mypow(encrypted, d, N);
    assert(message == decrypted);
#Finally, to encrypt a string, do something cheesy, like convert the
#string to hex and put "0x" on the front of it to turn it into a
#number. The math cares not how stupidly you feed it strings.
    rawMessage = b'May the Force be with you'
    hexMessage = rawToHex(rawMessage);
    intMessage = int(hexMessage, 16);
    encrypted = mypow(intMessage, e, N);
    decrypted = mypow(encrypted, d, N);
    assert(intMessage == decrypted);
    assert(hexToRaw(hex(intMessage)[2:]) == rawMessage);
def findKey(split):
    bestMg = 0.0;
    bestKey = 0;
    for i in range(256):
        mg, plain = tryKey(rawToHex(split), rawToHexLUT[i]);
        if (mg > bestMg):
            bestMg = mg;
            bestKey = i;
    return chr(bestKey);
Example #15
0
def findKey(split):
    bestMg = 0.0
    bestKey = 0
    for i in range(256):
        mg, plain = tryKey(rawToHex(split), rawToHexLUT[i])
        if (mg > bestMg):
            bestMg = mg
            bestKey = i
    return chr(bestKey)
def discover_mac(message):
    guess_mac = b'\x00' * 20;
    sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM);
    sock.connect(('127.0.0.1', 9000))
    for i in range(20):
        nextbyte = guess_byte(sock, message, i, guess_mac);
        guess_mac = setByte(guess_mac, i, nextbyte);
    print (rawToHex(guess_mac));
    return guess_mac;
Example #17
0
def discover_mac(message):
    guess_mac = b'\x00' * 20
    sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    sock.connect(('127.0.0.1', 9000))
    for i in range(20):
        nextbyte = guess_byte(sock, message, i, guess_mac)
        guess_mac = setByte(guess_mac, i, nextbyte)
    print(rawToHex(guess_mac))
    return guess_mac
def hex_xor(hex1, hex2):
    if (len(hex1) != len(hex2)):
        return '';
    raw1 = hexToRaw(hex1);
    raw2 = hexToRaw(hex2);
    rawresult = '';
    for i in range(0, len(raw1)):
        rawresult += chr(raw1[i] ^ raw2[i]);
#    rawresult = raw1 ^ raw2;
    return rawToHex(rawresult);
Example #19
0
def hex_xor(hex1, hex2):
    if (len(hex1) != len(hex2)):
        return ''
    raw1 = hexToRaw(hex1)
    raw2 = hexToRaw(hex2)
    rawresult = ''
    for i in range(0, len(raw1)):
        rawresult += chr(raw1[i] ^ raw2[i])


#    rawresult = raw1 ^ raw2;
    return rawToHex(rawresult)
Example #20
0
def generateEncryptedAdminProfile():
    # get to a fresh block
    s = 'A' * (16 - (len(prefix) % 16));
    #locate the IV for my block
    myIVBlock = ((len(prefix) + len(s)) // 16) - 1;
    # add a known block value
    s += 'X' * 16;
    # encrypt
    cip = padAndEncryptString(s);
    # extract IV for block of interest
    allBlocks = chunks(cip, 16);
    myIV = allBlocks[myIVBlock];
    # xor in IV with desired value
    hexIV = rawToHex(myIV);
    hexKnown = rawToHex('X'*16);
    hexDesired = rawToHex(";admin=true;XXXX")
    newHexIV = hex_xor(hexIV, hex_xor(hexKnown, hexDesired));
    newIV = hexToRaw(newHexIV);
    # insert "error"
    allBlocks[myIVBlock] = newIV;
    myCipher = b'';
    for b in allBlocks:
        myCipher += b;
    return myCipher;
Example #21
0
def guess_byte(sock, message, index, guess_mac, numtrials=50):
    timings = [0]*256;
    # try each byte at the index
    for i in range(256):
        this_guess = setByte(guess_mac, index, i);
        url = b'test?file=' + message + b'&signature=' + rawToHex(this_guess) + b'\n';
        start = time.perf_counter()
        for j in range(numtrials):
            sock.send(url);        
            data = sock.recv(1024)
        stop = time.perf_counter()
        timings[i] = stop - start;
    # assume the largest timing is the right one
    value = timings.index(max(timings));
    print("index: " + str(index) + " : value: " + hex(value));
    return value;
Example #22
0
def hex_xor(hex1, hex2):
    if (len(hex1) != len(hex2)):
        return '';
    raw1 = hexToRaw(hex1);
    raw2 = hexToRaw(hex2);
    for i in range(len(hex2)):
        a=type(hex1[i])
        print(a)
        print(hex1[i],hex2[i])
        print(hex1[i]^hex2[i])
    rawresult = '';
    for i in range(0, len(raw1)):
        print(raw1[i]^raw2[i])
        rawresult += chr(raw1[i] ^ raw2[i]);
#    rawresult = raw1 ^ raw2;
    return rawToHex(rawresult);
def guess_byte(sock, message, index, guess_mac, numtrials=5):
    timings = [0]*256;
    # try each byte at the index
    for i in range(256):
        this_guess = setByte(guess_mac, index, i);
        url = b'test?file=' + message + b'&signature=' + rawToHex(this_guess) + b'\n';
        start = time.perf_counter()
        for j in range(numtrials):
            sock.send(url);        
            data = sock.recv(1024)
        stop = time.perf_counter()
        timings[i] = stop - start;
    # assume the largest timing is the right one
    value = timings.index(max(timings));
    print("index: " + str(index) + " : value: " + hex(value));
    return value;
Example #24
0
def guess_byte(message, index, guess_mac, numtrials=1):
    timings = [0]*256;
    # try each byte at the index
    for i in range(256):
        this_guess = setByte(guess_mac, index, i);
        url = b'http://127.0.0.1:9000/test?file=' + message + b'&signature=' + rawToHex(this_guess);
        #print(url)
        start = time.perf_counter()
        requests.get(url);        
        stop = time.perf_counter()
        timings[i] = stop - start;
    # assume the largest timing is the right one
    # for i in range(len(timings)):
    #     print(i,timings[i])
    value = timings.index(max(timings));
    print("index: " + str(index) + " : value: " + hex(value));
    return value;
Example #25
0
"MVQHYhoGGksABwdJAB0ASTpFNwQcTRoDBBgDUkksGioRHUkKCE5THEVCC08E" + \
"EgF0BBwJSQoOGkgGADpfADETDU5tBzcJEFMLTx0bAHQJCx8ADRJUDRdMN1RH" + \
"YgYGTi5jMURFeQEaSRAEOkURDAUCQRkKUmQ5XgBIKwYbQFIRSBVJGgwBGgtz" + \
"RRNNDwcVWE8BT3hJVCcCSQwGQx9IBE4KTwwdASEXF01jIgQATwZIPRpXKwYK" + \
"BkdEGwsRTxxDSToGMUlSCQZOFRwKUkQ5VEMnUh0BR0MBGgAAZDwGUwY7CBdN" + \
"HB5BFwMdUz0aQSwWSQoITlMcRUILTxoCEDUXF01jNw4BTwVBNlRBYhAIGhNM" + \
"EUgIRU5CRFMkOhwGBAQLTVQOHFkvUkUwF0lkbXkbHUVUBgAcFA0gRQYFCBpB" + \
"PU8FQSsaVycTAkJHYhsRSQAXABxUFzFFFggICkEDHR1OPxoqER1JDQhNEUgK" + \
"TkJPDAUAJhwQAg0XQRUBFgArU04lUh0GDlNUGwpOCU9jeTY1HFJARE4xGA4L" + \
"ACxSQTZSDxsJSw1ICFUdBgpTNjUcXk0OAUEDBxtUPRpCLQtFTgBPVB8NSRoK" + \
"SREKLUUVAklkERgOCwAsUkE2Ug8bCUsNSAhVHQYKUyI7RQUFABoEVA0dWXQa" + \
"Ry1SHgYOVBFIB08XQ0kUCnRvPgwQTgUbGBwAOVREYhAGAQBJEUgETgpPGR8E" + \
"LUUGBQgaQRIaHEshGk03AQANR1QdBAkAFwAcUwE9AFxNY2QxGA4LACxSQTZS" + \
"DxsJSw1ICFUdBgpTJjsIF00GAE1ULB1NPRpPLF5JAgJUVAUAAAYKCAFFXjUe" + \
"DBBOFRwOBgA+T04pC0kDElMdC0VXBgYdFkU2CgtNEAEUVBwTWXhTVG5SGg8e" + \
"AB0cRSo+AwgKRSANExlJCBQaBAsANU9TKxFJL0dMHRwRTAtPBRwQMAAATQcB" + \
"FlRlIkw5QwA2GggaR0YBBg5ZTgIcAAw3SVIaAQcVEU8QTyEaYy0fDE4ITlhI" + \
"Jk8DCkkcC3hFMQIEC0EbAVIqCFZBO1IdBgZUVA4QTgUWSR4QJwwRTWM="

if __name__ == "__main__":
    bestKeySizes, bestScores = findKeySize(base64toHex(b64cipher), 20)
    # after running this with a bunch of different number of blocks, 29 always pops out.
    # I'm confident 29 is the right answer.
    splits = splitCipher(base64toRaw(b64cipher), 29)
    key = ""
    for s in splits:
        key += (findKey(s))
    print("Key: " + str(key))
    print("Plain: " + str(
        hexToRaw(repeating_hex_xor(base64toHex(b64cipher), rawToHex(key)))))
Example #26
0
def test5():
    plain = "Burning 'em, if you ain't quick and nimble\nI go crazy when I hear a cymbal"
    key = "ICE"
    cipher = repeating_hex_xor(rawToHex(plain), rawToHex(key))
    print("Cipher  : " + str(cipher))
def test30():
    message = b'comment1=cooking%20MCs;userdata=foo;comment2=%20like%20a%20pound%20of%20bacon'
    tag = dumbMD4HashAuth(hash_secret, message)
    newtag = appendMessage(message, tag, b';admin=true');
    print("new tag = ", rawToHex(newtag))
    print("Problem 30 success")
Example #28
0
def test5():
    plain = "Burning 'em, if you ain't quick and nimble\nI go crazy when I hear a cymbal";
    key = "ICE";
    cipher = repeating_hex_xor(rawToHex(plain), rawToHex(key));
    print("Cipher  : " + str(cipher));
"YgYGTi5jMURFeQEaSRAEOkURDAUCQRkKUmQ5XgBIKwYbQFIRSBVJGgwBGgtz" + \
"RRNNDwcVWE8BT3hJVCcCSQwGQx9IBE4KTwwdASEXF01jIgQATwZIPRpXKwYK" + \
"BkdEGwsRTxxDSToGMUlSCQZOFRwKUkQ5VEMnUh0BR0MBGgAAZDwGUwY7CBdN" + \
"HB5BFwMdUz0aQSwWSQoITlMcRUILTxoCEDUXF01jNw4BTwVBNlRBYhAIGhNM" + \
"EUgIRU5CRFMkOhwGBAQLTVQOHFkvUkUwF0lkbXkbHUVUBgAcFA0gRQYFCBpB" + \
"PU8FQSsaVycTAkJHYhsRSQAXABxUFzFFFggICkEDHR1OPxoqER1JDQhNEUgK" + \
"TkJPDAUAJhwQAg0XQRUBFgArU04lUh0GDlNUGwpOCU9jeTY1HFJARE4xGA4L" + \
"ACxSQTZSDxsJSw1ICFUdBgpTNjUcXk0OAUEDBxtUPRpCLQtFTgBPVB8NSRoK" + \
"SREKLUUVAklkERgOCwAsUkE2Ug8bCUsNSAhVHQYKUyI7RQUFABoEVA0dWXQa" + \
"Ry1SHgYOVBFIB08XQ0kUCnRvPgwQTgUbGBwAOVREYhAGAQBJEUgETgpPGR8E" + \
"LUUGBQgaQRIaHEshGk03AQANR1QdBAkAFwAcUwE9AFxNY2QxGA4LACxSQTZS" + \
"DxsJSw1ICFUdBgpTJjsIF00GAE1ULB1NPRpPLF5JAgJUVAUAAAYKCAFFXjUe" + \
"DBBOFRwOBgA+T04pC0kDElMdC0VXBgYdFkU2CgtNEAEUVBwTWXhTVG5SGg8e" + \
"AB0cRSo+AwgKRSANExlJCBQaBAsANU9TKxFJL0dMHRwRTAtPBRwQMAAATQcB" + \
"FlRlIkw5QwA2GggaR0YBBg5ZTgIcAAw3SVIaAQcVEU8QTyEaYy0fDE4ITlhI" + \
"Jk8DCkkcC3hFMQIEC0EbAVIqCFZBO1IdBgZUVA4QTgUWSR4QJwwRTWM=";

if __name__ == "__main__":
    bestKeySizes, bestScores = findKeySize(base64toHex(b64cipher), 20);
    # print(bestKeySizes);
    # print(bestScores);
    # after running this with a bunch of different number of blocks, 29 always pops out.
    # I'm confident 29 is the right answer.
    splits = splitCipher(base64toRaw(b64cipher), 29);
    key = "";
    for s in splits:
        key += (findKey(s));
    print("Key: " + str(key));
    print("Plain: " + str(hexToRaw(repeating_hex_xor(base64toHex(b64cipher), rawToHex(key)))));
    
Example #30
0
def test30():
    message = b'comment1=cooking%20MCs;userdata=foo;comment2=%20like%20a%20pound%20of%20bacon'
    tag = dumbMD4HashAuth(hash_secret, message)
    newtag = appendMessage(message, tag, b';admin=true')
    print("new tag = ", rawToHex(newtag))
    print("Problem 30 success")