Python Profile.profile_for Exemples

Langage de programmation: Python

Class/Type: Profile

Méthode/Fonction: profile_for

Exemples au hotexamples.com: 2

Python Profile.profile_for - 2 exemples trouvés. Ce sont les exemples réels les mieux notés de Profile.profile_for à partir du pack pyro extraits de projets open source. Vous pouvez noter les exemples pour nous aider à en améliorer la qualité.

Méthodes fréquemment utilisées

Afficher Cacher

encrypt(2)

decrypt(2)

profile_for(2)

countProbably(1)

Méthodes fréquemment utilisées

encrypt (2)

decrypt (2)

profile_for (2)

countProbably (1)

Exemple #1

0

Afficher le fichier

Fichier : set2.py Projet : rohitg15/matasano

def c13(): input = "foo=bar&baz=qux&zap=zazzle" #print Profile.parse(input) input2 = "*****@*****.**" p = Profile.profile_for(input2) # print p , p.encode() # now we make role= appear at the end of a block legit_email = "*****@*****.**" lp = Profile.profile_for(legit_email) legit_ciphertext = Profile.encrypt(lp.encode()) # generate a fake profile where 'admin' appears at the begining of a block fake_email = "A"*10 + "admin" fp = Profile.profile_for(fake_email) fake_ciphertext = Profile.encrypt(fp.encode()) # perform a cut and paste of the ECB ciphertexts obtained above ciphertext = legit_ciphertext[:32] + fake_ciphertext[16:32] # fake_profile = Profile.decrypt(ciphertext) # print fake_profile new_profile = Profile.parse(Profile.decrypt(ciphertext)) print new_profile

Exemple #2

0

Afficher le fichier

Fichier : set2.py Projet : rohitg15/matasano

def c13_enhanced(): """ In this enhanced mode of c13, we search for the appropriate sizes of the legitimate, fake profile's. i denotes the size of the legitimate email id that is created so that the word role= is positioned at the end of a block j denotes the size of the fake email id that we create to position admin at the begining of a new block since we do not know whether the keywordsd role=, admin are part fo the cookie, we search for all possible pairs i,j and perform the ECB cut and paste attack performed in part 13 for one combiantion of i,j the keyword role= would be at the end of a block and the fake profile's 'admin' would be at the begining of a block. splicing the two and decrypting, generates a counterfeit profile with its privilege escalated """ input = "foo=bar&baz=qux&zap=zazzle" #print Profile.parse(input) input2 = "*****@*****.**" p = Profile.profile_for(input2) # now we make 'role='' appear at the end of a block # since we do not know where eactly it occurs in the plaintext, we # search for all possible sizes for the email id such that 'role=' would # be pushed to the end of a block bsize = 16 for i in range(bsize): legit_email = "a"*i + "@bar.com" lp = Profile.profile_for(legit_email) legit_ciphertext = Profile.encrypt(lp.encode()) # generate a fake profile where 'admin' appears at the begining of a block # search all possible sizes from 0 through bsize, so that 'admin' falls # at the begining of a block for j in range(bsize): fake_email = "A"*j + "admin" fp = Profile.profile_for(fake_email) fake_ciphertext = Profile.encrypt(fp.encode()) # perform a cut and paste of the ECB ciphertexts obtained above ciphertext = legit_ciphertext[:32] + fake_ciphertext[16:32] # print fake_profile new_profile = Profile.parse(Profile.decrypt(ciphertext)) print new_profile , i , j, "\n"