def test_po_attack():
for i in xrange(1000):
po = PaddingOracle(msg_len=i)
ctx = po.setup()
msg = po_attack(po, ctx)
assert po.test(msg), "Failed 'po_attack' for msg of length={}".format(
i)
def test_po_attack_2blocks():
for i in xrange(1, 16):
po = PaddingOracle(msg_len=i)
ctx = po.setup()
msg = po_attack_2blocks(po, ctx)
print "{0}: {1}".format(i, binascii.b2a_hex(msg))
assert po.test(msg), "Failed 'po_attack_2blocks' for msg of length={}".format(i)
def test_po_attack():
for i in xrange(1000):
po = PaddingOracle(msg_len=i)
ctx = po.setup()
msg = po_attack(po, ctx)
if i > 1:
print "{0}: {1}".format(i, binascii.b2a_hex(msg))
else:
print "{0}: {1}".format(i, msg)
assert po.test(msg), "Failed 'po_attack' for msg of length={}".format(i)
def test_po_attack():
import random
for i in xrange(100):
l = random.randint(1, (i+1)*10)
po = PaddingOracle(msg_len=l)
ctx = po.setup()
msg = po_attack(po, ctx)
#print msg
assert po.test(msg), "Failed 'po_attack' for msg of length={}".format(i)
print "{}. Length: {} passed".format(i, l)
def run():
print("\nPADDING ORACLE ATTACK!")
target_raw = input("Target server: ").lower()
ciphertext = input("Target Ciphertext: ").lower()
if len(ciphertext) != 128:
print("ERROR: Ciphertext must be be 128 characters in length.")
return
try:
bytes.fromhex(ciphertext)
except:
print("ERROR: Your ciphertext must be hex-encoded.")
return
target = "http://" + target_raw + "/po?er="
print("\n-")
print("Request Format: ", target + "CIPHERTEXT")
print("Ciphertext:")
c = textwrap.wrap(ciphertext, width=32)
for i in c:
print(" ", i)
raw_decryption = None
print("\n-")
print("Decrypting... \n")
try:
po = PaddingOracle(target)
raw_decryption = po.decrypt4blocks(ciphertext)
print("\n...done.")
except:
print("Something went wrong. ")
return
print("\nRaw bytes: ", raw_decryption)
try:
message = decode(raw_decryption)
print("\nFinal result: ", message)
except:
print("The format of the decrypted message is unexpected.", end="")
print()
def test2(set2):
t, c, m = set2
po = PaddingOracle(t)
p = po.decrypt4blocks(c)
assert m == decode(p)
print("\n------------------------------------\n")
print("Target website:", raw)
print("Format: ", target + "CIPHERTEXT")
print("Ciphertext: \n")
c = textwrap.wrap(ciphertext, width=32)
for i in c:
print(i)
raw_decryption = None
print("\n------------------------------------")
print("Decrypting... \n")
try:
po = PaddingOracle(target)
raw_decryption = po.decrypt4blocks(ciphertext)
print("\n...done.")
except:
print("Something went wrong. ")
print("\n------------------------------------")
print("Your ciphertext decrypted in raw bytes:")
print(raw_decryption)
print("\n------------------------------------")
try:
message = decode(raw_decryption)
print("\nHere's the final result:")
print(message)
except:
print("The format of the decrypted message is unexpected.", end="")
def test_po_attack_2blocks():
for i in xrange(16):
po = PaddingOracle(msg_len=i)
ctx = po.ciphertext()
msg = po_attack(po, ctx)
assert po.test(msg), "Failed 'po_attack_2blocks' for msg of length={}".format(i)
def test_po_attack():
for i in xrange(1000):
po = PaddingOracle(msg_len=i)
ctx = po.setup()
msg = po_attack(po, ctx)
assert po.test(msg), "Failed 'po_attack' for msg of length={}".format(i)
