def edit(ciphertext, offset, newtext):
decrypted_text = aes_ctr_operation(key, ciphertext, nonce.hex())
len_newtext = len(newtext)
crafted_plaintext = decrypted_text[:offset] + newtext + decrypted_text[
offset + len_newtext:]
ciphertext = aes_ctr_operation(key, crafted_plaintext, nonce.hex())
return ciphertext
def guess_full_key(ciphertext):
key_bytes = bytearray([0] * 16)
for i in range(0, len(key_bytes), 3):
temp_score = 0
best_score = -9999999
best_byte1 = 0
best_byte2 = 0
best_byte3 = 0
for j in range(256):
key_bytes[i] = j
for k in range(256):
key_bytes[i + 1] = k
for l in range(256):
key_bytes[i + 2] = l
plaintext = aes_ctr_operation(key_bytes.hex(), ciphertext,
nonce.hex())
if len(plaintext) % 2:
plaintext = '0' + plaintext
temp_score = score_string(
bytes.fromhex(plaintext[2 * i:2 * (i + 3)]))
if temp_score > best_score:
print(bytes.fromhex(plaintext))
(best_score, best_byte1, best_byte2,
best_byte3) = (temp_score, j, k, l)
key_bytes[i] = best_byte1
key_bytes[i + 1] = best_byte2
key_bytes[i + 2] = best_byte3
def main():
# code taken from 1.7
dt = ''
with open('25.txt', 'r') as f:
ciphertext = base64.b64decode(f.read().strip())
chall_seven_key = "YELLOW SUBMARINE"
CipherObj = Cipher(algorithms.AES(chall_seven_key.encode()),
modes.ECB(),
backend=default_backend())
dt = aes_ecb_decrypt(CipherObj, ciphertext)
ciphertext = aes_ctr_operation(key, dt.hex(), nonce.hex())
ciphertext_bytes = bytes.fromhex(ciphertext)
# begin "attack" here
injected_text = "A" * int(len(ciphertext) / 2)
injected_ciphertext = edit(ciphertext, 0, injected_text.encode().hex())
injected_bytes = bytes.fromhex(injected_ciphertext)
assert len(ciphertext_bytes) == len(injected_bytes)
extracted_plaintext = ''
for i in range(len(injected_bytes)):
extracted_plaintext += chr(injected_bytes[i] ^ ord("A")
^ ciphertext_bytes[i])
print(extracted_plaintext)
def decryption_oracle(ciphertext):
plaintext = bytes.fromhex(aes_ctr_operation(key, ciphertext, nonce))
print(plaintext)
normal_plaintext = pkcs7_unpad(plaintext)
#print(plaintext)
cookie_data = normal_plaintext.split(b';')
for data in cookie_data:
try:
(pt_key, value) = (data.split(b'=')[0], data.split(b'=')[1])
if b"admin" == pt_key:
return (pt_key, value)
except IndexError:
pass
return 0
def encrypt_lines(lines):
for pt in lines:
msg = base64.b64decode(pt.strip())
ciphertexts.append(aes_ctr_operation(key, msg.hex(), nonce))
def encryption_oracle(input_string):
input_string = urllib.parse.quote(input_string)
plaintext = '"comment1"="cooking%20MCs";"userdata"="' + input_string + '";"comment2"="%20like%20a%20pound%20of%20bacon"'
plaintext = pkcs7_pad(plaintext.encode().hex(), block_size)
return aes_ctr_operation(key, plaintext, nonce)
for k in range(256):
key_bytes[i + 1] = k
for l in range(256):
key_bytes[i + 2] = l
plaintext = aes_ctr_operation(key_bytes.hex(), ciphertext,
nonce.hex())
if len(plaintext) % 2:
plaintext = '0' + plaintext
temp_score = score_string(
bytes.fromhex(plaintext[2 * i:2 * (i + 3)]))
if temp_score > best_score:
print(bytes.fromhex(plaintext))
(best_score, best_byte1, best_byte2,
best_byte3) = (temp_score, j, k, l)
key_bytes[i] = best_byte1
key_bytes[i + 1] = best_byte2
key_bytes[i + 2] = best_byte3
# encryption
with open('19.txt', 'r') as f:
for line in f:
plaintext = b64decode(line.strip())
ciphertext_array.append(
aes_ctr_operation(aes_key, plaintext.hex(), nonce.hex()))
print(ciphertext_array)
for ctext in ciphertext_array:
guess_full_key(ctext)