Exemple #1
0
def break_block(block, previous_block, oracle, blocksize):
    """Decrypts a block encrypted with CBC using a padding oracle. written to use check_padding.
  """
    right_bytes = b''  # invariant: rightbytes is the rightmost known bytes of plaintext.
    l = 0

    def leftpad(_bytes):
        return b'\x00' * (blocksize - len(_bytes)) + _bytes

    all_bytes = [int.to_bytes(x, 1, 'big') for x in range(256)]
    while l < blocksize:
        padmask1 = pad(b'\x00' * (blocksize - 1 - l),
                       blocksize)  # both padmasks have correct padding
        padmask2 = pad(
            b'\xFF' * (blocksize - 1 - l), blocksize
        )  # therefore, (padmask ^ plaintext ^ (leftpad(right_bytes)) ^ previous_block) has correct padding
        for x in all_bytes:
            test_bytes = xor(leftpad(x + right_bytes), previous_block)  #DUH
            if oracle(xor(test_bytes, padmask1), block) and oracle(
                    xor(test_bytes, padmask2), block):
                right_bytes = x + right_bytes
                break
        l += 1
    return right_bytes
Exemple #2
0
def encrypt_one_token():
    tokens = [
        'MDAwMDAwTm93IHRoYXQgdGhlIHBhcnR5IGlzIGp1bXBpbmc=',
        'MDAwMDAxV2l0aCB0aGUgYmFzcyBraWNrZWQgaW4gYW5kIHRoZSBWZWdhJ3MgYXJlIHB1bXBpbic=',
        'MDAwMDAyUXVpY2sgdG8gdGhlIHBvaW50LCB0byB0aGUgcG9pbnQsIG5vIGZha2luZw==',
        'MDAwMDAzQ29va2luZyBNQydzIGxpa2UgYSBwb3VuZCBvZiBiYWNvbg==',
        'MDAwMDA0QnVybmluZyAnZW0sIGlmIHlvdSBhaW4ndCBxdWljayBhbmQgbmltYmxl',
        'MDAwMDA1SSBnbyBjcmF6eSB3aGVuIEkgaGVhciBhIGN5bWJhbA==',
        'MDAwMDA2QW5kIGEgaGlnaCBoYXQgd2l0aCBhIHNvdXBlZCB1cCB0ZW1wbw==',
        'MDAwMDA3SSdtIG9uIGEgcm9sbCwgaXQncyB0aW1lIHRvIGdvIHNvbG8=',
        'MDAwMDA4b2xsaW4nIGluIG15IGZpdmUgcG9pbnQgb2g=',
        'MDAwMDA5aXRoIG15IHJhZy10b3AgZG93biBzbyBteSBoYWlyIGNhbiBibG93'
    ]
    # token = data(tokens[0]).bytes
    token = data(random.sample(tokens, 1)[0], 'b64').bytes
    # iv = key[::-1]
    iv = int.to_bytes(random.getrandbits(16 * 8), 16, 'big')
    return (iv, CBC_encrypt(pad(token, 16), key, iv))
def cyphered_comment(comment):
  comment = '"comment1=cooking%20MCs;userdata="'+data(comment).ascii().replace("=","\=").replace(";","\;")+'";comment2=%20like%20a%20pound%20of%20bacon"'
  return CBC_encrypt(pad(data(comment).bytes),key)
def cyphered_comment(comment):
    comment = '"comment1=cooking%20MCs;userdata="' + data(
        comment).ascii().replace("=", "\=").replace(
            ";", "\;") + '";comment2=%20like%20a%20pound%20of%20bacon"'
    return CTR_encrypt(pad(data(comment).bytes),
                       key)  #counterfunction and nonce have default values
def oracle(input_bytes):
  unknown_string = data("Um9sbGluJyBpbiBteSA1LjAKV2l0aCBteSByYWctdG9wIGRvd24gc28gbXkgaGFpciBjYW4gYmxvdwpUaGUgZ2lybGllcyBvbiBzdGFuZGJ5IHdhdmluZyBqdXN0IHRvIHNheSBoaQpEaWQgeW91IHN0b3A/IE5vLCBJIGp1c3QgZHJvdmUgYnkK",'b64').bytes
  key = data("sdfKJH432480hnfidjanf430q9fa",'b64').bytes[0:16] # I'm pretending not to know what either of these are
  plaintext = input_bytes+unknown_string
  plaintext = pad(plaintext,16)
  return ECB_encrypt(plaintext,key)
def oracle(input_string):
  key = data("sdJH432480hnfidjao2hc",'b64').bytes
  return ECB_encrypt(pad(profile_for(input_string).encode(),16),key)
def fake_admin():
    key = iv = get_iv()
    return CBC_encrypt(pad(b';admin=true;'), key, iv)