def attack(c):
iv = c[:16]
x = 16
s = ""
while x != len(c):
cblock = c[x:x + 16]
if paddingAmt(iv + cblock) > 0:
return s + attack1(iv + cblock)
else:
tryiv = iv
j = 15
newiv = tryiv
for byte in range(256):
tryiv = newiv[:(j)] + chr(byte)
try:
po.dec_check(tryiv + cblock)
except:
pass
else:
l = chr(ord('\x01') ^ ord(iv[j]) ^ ord(tryiv[j]))
break
hold = attack1(tryiv + cblock)
hold = hold[:15] + l
s = hold + s
iv = cblock
x += 16
def attack1(c):
iv = c[:16]
cblock = c[16:]
plen = paddingAmt(c)
mlen = 16 - plen
j = mlen
i = plen
s = ""
tryiv = iv
while j > 0:
diff = (i) ^ (i + 1)
newiv = tryiv[:j]
y = j
while y < 16:
newiv = newiv + chr(ord(tryiv[y]) ^ diff)
y += 1
for byte in range(256):
tryiv = newiv[:(j - 1)] + chr(byte) + newiv[j:]
try:
po.dec_check(tryiv + cblock)
except:
pass
else:
s = chr((i + 1) ^ ord(iv[j - 1]) ^ ord(tryiv[j - 1])) + s
break
j -= 1
i += 1
x = 0
while x < plen:
s = s + chr(plen)
x += 1
return s
def paddingAmt(c):
iv = c[:16]
cblock = c[16:]
i = 15
result = 0
while i >= 0:
curr_byte = iv[i]
x = ord(curr_byte) ^ ord('\xff')
y = x ^ ord('\x01')
if i == 15:
newiv = iv[:i] + chr(y)
else:
newiv = iv[:i] + chr(y) + iv[(i + 1):]
try:
po.dec_check(newiv + cblock)
except:
i -= 1
else:
return 15 - i
def attack(c): iv = c[:16] cblock = c[16:] # Find the length of the message message_length = 0 i = 0 while(message_length==0): newiv = iv[:i] + "\x30" + iv[i+1:] try: po.dec_check(newiv+cblock) except: message_length = i else: i=i+1 pad_length = 16-message_length # Add the spaces to the output message message = "" for i in range(message_length,16): message = chr(pad_length) + message current_pad_length = pad_length # Figure out the rest of the message for i in range(0,message_length): newiv = iv[:message_length-i] current_pad_length = current_pad_length + 1 for j in range(message_length-i,16): curr = iv[j] msgchr = message[j-(message_length-i)] diff = ord(msgchr)^current_pad_length newiv = newiv + chr(ord(curr)^diff) for j in range(1,256): tryiv = newiv[:message_length-i-1] + chr(ord(newiv[message_length-i-1])^j)+newiv[message_length-i:] try: po.dec_check(tryiv+cblock) except: pass else: #print str(j^current_pad_length) + " Worked" message = chr(j^current_pad_length) + message return message
def attack(c):
iv = c[:16]
cblock = c[16:]
# Find the length of the message
length = 0
i = 0
while length == 0:
newiv = iv[:i] + "\x30" + iv[i + 1 :]
try:
po.dec_check(newiv + cblock)
except:
length = i
else:
i = i + 1
spacelen = 16 - length
# Add the spaces to the message
newiv = iv[:length]
diff = spacelen ^ 16 - length
message = ""
for i in range(length, 16):
curr = iv[i]
newiv = newiv + chr(ord(iv[i]) ^ diff)
message = chr(spacelen) + message
current_space_length = spacelen
# Figure out the rest of the message
newiv = iv[:length]
current_space_length = 12
diff = current_space_length ^ spacelen
for i in range(length, 16):
curr = iv[i]
newiv = newiv + chr(ord(curr) ^ diff)
for j in range(1, 256):
tryiv = newiv[:4] + chr(ord(newiv[4]) ^ j) + newiv[5:]
try:
po.dec_check(tryiv + cblock)
except:
pass
else:
print "O Worked"
message = chr(j ^ current_space_length) + message
print message
# L
length = 4
newiv = iv[:length]
current_space_length = 13
for i in range(length, 16):
curr = iv[i]
msgchr = message[i - length]
diff = ord(msgchr) ^ current_space_length
newiv = newiv + chr(ord(curr) ^ diff)
for j in range(1, 256):
tryiv = newiv[:3] + chr(ord(newiv[3]) ^ j) + newiv[4:]
try:
po.dec_check(tryiv + cblock)
except:
pass
else:
print "L Worked"
message = chr(j ^ current_space_length) + message
print message
# L2
length = 3
newiv = iv[:length]
current_space_length = 14
for i in range(length, 16):
curr = iv[i]
msgchr = message[i - length]
diff = ord(msgchr) ^ current_space_length
newiv = newiv + chr(ord(curr) ^ diff)
for j in range(1, 256):
tryiv = newiv[:2] + chr(ord(newiv[2]) ^ j) + newiv[3:]
try:
po.dec_check(tryiv + cblock)
except:
pass
else:
print "L2 Worked"
message = chr(j ^ current_space_length) + message
print message
# E
length = 2
newiv = iv[:length]
current_space_length = 15
for i in range(length, 16):
curr = iv[i]
msgchr = message[i - length]
diff = ord(msgchr) ^ current_space_length
newiv = newiv + chr(ord(curr) ^ diff)
for j in range(1, 256):
tryiv = newiv[:1] + chr(ord(newiv[1]) ^ j) + newiv[2:]
try:
po.dec_check(tryiv + cblock)
except:
pass
else:
print "E Worked"
message = chr(j ^ current_space_length) + message
print message
# H
length = 1
newiv = iv[:length]
current_space_length = 16
for i in range(length, 16):
curr = iv[i]
msgchr = message[i - length]
diff = ord(msgchr) ^ current_space_length
newiv = newiv + chr(ord(curr) ^ diff)
for j in range(1, 256):
tryiv = newiv[:0] + chr(ord(newiv[0]) ^ j) + newiv[1:]
try:
po.dec_check(tryiv + cblock)
except:
pass
else:
print "H Worked"
message = chr(j ^ current_space_length) + message
print message