def verify(self, signature): server_sig = hmac.new(my_encode(str(self.K)), my_encode(str(self.salt)), hashlib.sha256).hexdigest() if server_sig == signature: return "OK" else: return "Not-OK"
def get_replacement_byte(orig, new): h1 = str(binascii.hexlify(my_encode(orig)))[2:-1] h2 = str(binascii.hexlify(my_encode("x")))[2:-1] h3 = str(binascii.hexlify(my_encode(new)))[2:-1] temp = binary_xor(h1, h2) r_byte = binary_xor(bin2hex(temp), h3) return r_byte
def checker(m): # decrypt the input string p = decrypt_cbc(my_encode(m), key, iv) print("Altered plaintext: " + p) test_string = ";admin=true;" return test_string in p
def checker(m): # decrypt the input string p = my_cipher.decrypt(my_encode(m)) print("Altered plaintext: " + p) test_string = ";admin=true;" return test_string in p
def sanitizer(p): # concatenate input string with prepend and append strings prepend = "comment1=raining%20MCs;userdata=" append = ";comment2=%20like%20a%20sunny%20day%20tomorrow" s = prepend + p + append # quote out ";" and "=" characters s = s.replace(";", "") s = s.replace("=", "") print("Sanitized plaintext: " + s) # return encrypted string return my_cipher.encrypt(my_encode(s))
def injector(c): # byte array of ciphertext b_array = bytearray(my_encode(c)) # start flipping at the 32nd byte (the first byte of a full attacker-controlled block) starting_byte = 32 # plaintext we want to inject malicious_chars = ";admin=true;" for i in range(0, len(malicious_chars)): target_num = starting_byte + i # index of the target byte target = c[target_num] # original target byte m_char = get_replacement_byte( target, malicious_chars[i]) # malicious char to replace the target byte b_array[target_num] = int(m_char, 2) # update b_array with malicious char return bytes(b_array).decode('latin1')
def get_hex_string(s): return str(binascii.hexlify(s))[2:-1] def three_xor(a1, a2, a3): temp = binary_xor(a1, a2) return binary_xor(bin2hex(temp), a3) if __name__ == '__main__': w = Webapp() # captured[0] is the ciphertext (string); captured[1] is the iv (bytes) captured = w.random_encrypt() ciphertext = my_encode(captured[0]) # convert to bytes iv = captured[1] answer = "" for block_index in range(0, len(ciphertext) // 16): block = ciphertext[16 * block_index:16 * block_index + 16] if block_index == 0: prev_block = bytearray(iv) else: # TODO: fix prev_block prev_block = bytearray(iv) block_answer = ""
ciphertext = None with open("w4p2.txt") as f: # inputFile plaintext = f.read() # randomly choose ecb or cbc random_num = os.urandom(1) mode = random_num[0] % 2 # 0 for ECB, 1 for CBC # print selected mode if mode == 0: # randomChoiceofECB-CBC print("ECB mode selected") else: print("CBC mode selected") b_array = bytearray(my_encode(plaintext)) # randomly prepend 5-10 bytes random_prepend = os.urandom(1) num_prepend_bytes = 5 + random_prepend[0] % 6 # noOfPrependBytes for i in range(0, num_prepend_bytes): b_array.append(os.urandom(1)[0]) # randomly append 5-10 bytes random_append = os.urandom(1) num_append_bytes = 5 + random_append[0] % 6 # noOfAppendBytes for j in range(0, num_append_bytes): b_array.insert(0, os.urandom(1)[0]) # create modified plaintext plaintext = bytes(b_array)
def store_password(self): self.salt = str(os.urandom(1)[0]) s_xH = hashlib.sha256(my_encode(self.salt + P)).hexdigest() s_x = int(s_xH, 16) self.v = quick_exp(g, s_x, N)
s = Server() # create account s.store_password() # login protocol s.set_I("username") a = os.urandom(1)[0] A = quick_exp(g, a, N) s.set_A(A) salt = s.get_salt() B = s.get_B() s.compute_u() uH = hashlib.sha256(bytes(str(A) + str(B), 'latin1')).hexdigest() u = int(uH, 16) xH = hashlib.sha256(my_encode(salt + "password")).hexdigest() x = int(xH, 16) S = quick_exp(B - k * quick_exp(g, x, N), a + u * x, N) K = hashlib.sha256(bytes(str(S), 'latin1')).hexdigest() s.create_K() # authenticate the shared key my_signature = hmac.new(my_encode(str(K)), my_encode(str(salt)), hashlib.sha256).hexdigest() print(s.verify(my_signature))
# create account s.store_password() # login protocol s.set_I("username") a = os.urandom(1)[0] A = 0 # A = quick_exp(g, a, N) s.set_A(A) salt = s.get_salt() B = s.get_B() s.compute_u() uH = hashlib.sha256(bytes(str(A) + str(B), 'latin1')).hexdigest() u = int(uH, 16) xH = hashlib.sha256( my_encode(salt + fake_P)).hexdigest() # give the server an invalid password x = int(xH, 16) S = 0 # S = quick_exp(B - k * quick_exp(g, x, N), a + u * x, N) K = hashlib.sha256(bytes(str(S), 'latin1')).hexdigest() s.create_K() # authenticate the shared key my_signature = hmac.new(my_encode(str(K)), my_encode(str(salt)), hashlib.sha256).hexdigest() print(s.verify(my_signature))