def process_and_decrypt_string(encrypted_tampered):
key = '0x71e6efcfb44e362b6e14f7abbecf5503'
key_in_binary = binascii.a2b_hex(key[2:])
iv = key
iv_in_binary = binascii.a2b_hex(iv[2:])
decrypted = block.openssl_cbc_decrypt(encrypted_tampered, key_in_binary,
iv_in_binary)
if block.exception_high_ascii(decrypted) is not None:
return 'Text had high ASCII characters', decrypted
else:
return 'All clean', None
def padding_oracle(encrypted):
blockcount = len(encrypted) / blocklen
final = ''
for enclen in range(len(encrypted), 0, -16):
i2 = []
c2 = encrypted[enclen - 16:enclen]
#Message larger than 1 block
if enclen - 16 > 0:
c1dash = encrypted[enclen - 32:enclen - 16]
#Single block message
elif enclen - 16 == 0:
c1dash = ivsplit
for bytenum in range(15, -1, -1):
no_of_pad_chars = blocklen - bytenum
l1 = []
for middlebyte in reversed(i2):
t2 = middlebyte ^ no_of_pad_chars
l1.append(hex(t2)[2:].zfill(2).decode("hex"))
#This is the actual brute-force bit where we guess characters in a specific position
for i in range(1, 256):
t1 = hex(i)[2:].zfill(2).decode("hex")
c1 = '\x41' * bytenum + t1
#Appending bytes already solved for. This grabs the last byte first, then the second last and so on
for x in l1:
c1 = c1 + x
chosen_ct = c1 + c2
decrypted = block.openssl_cbc_decrypt(chosen_ct, key, ivsplit)
is_padding_correct = block.check_pad(blocklen, decrypted)
if is_padding_correct == True:
#This is for block N-1. Remember. NOT Block N.
i2.append(i ^ no_of_pad_chars)
break
else:
continue
f1 = []
c1dash = c1dash[::-1]
#CBC here, xor previous block byte by byte (which we solved for) with the target block (which we already have) and get plaintext_per_block
for i in range(0, 16):
f1.append(chr(ord(c1dash[i]) ^ i2[i]))
blockcount -= 1
#Since we have solved stuff in the reverse order, we need to reverse it here to get the plaintext in the right order
final = ''.join(reversed(f1)) + final
return final
def process_and_decrypt_string(encrypted_tampered):
admin_string = ';admin=true;'
key = '0x71e6efcfb44e362b6e14f7abbecf5503'
key_in_binary = binascii.a2b_hex(key[2:])
iv = '0x29b28d9f2f56c07a8df1778d7408ba79'
iv_in_binary = binascii.a2b_hex(iv[2:])
decrypted_tampered = block.openssl_cbc_decrypt(encrypted_tampered,
key_in_binary, iv)
m1 = re.search(admin_string, decrypted_tampered)
if m1:
return decrypted_tampered, True
else:
return decrypted_tampered, False
'''
MITM Attack starts here
'''
print 'This is the MITM case'
#User A sends p, g and A to B but it is intercepted by M who sends p, g, mA instead. B calculates the shared secret using 'mA' instead of A. Meaning there's a connection now between M and B using a shared secret chosen by the attacker
mb = random.getrandbits(256)
mB = pow(g, mb, p)
secretB = pow(mB, b, p)
keyB = hashlib.sha1(str(secretB)).hexdigest()[0:16]
#User B encrypts traffic with keyB and sends it to User A. This traffic can be MITM'd by M who can also generate keyB and decrypt the traffic.
enc_to_A = block.openssl_cbc_encrypt(msg_to_A, block_size, keyB,
binascii.a2b_hex(iv_to_A[2:]))
print 'Encrypted text from A to B', repr(enc_to_A)
dec_to_A = block.openssl_cbc_decrypt(enc_to_A, keyB,
binascii.a2b_hex(iv_to_A[2:]))
print 'Decrypted text from A to B', repr(dec_to_A)
#User B sends back B to A, but this also is MITMed, dropped and 'mB' is sent back to A. Meaning there's a connection now between M and A using a second shared secret.
ma = random.getrandbits(256)
mA = pow(g, ma, p)
secretA = pow(mA, a, p)
keyA = hashlib.sha1(str(secretA)).hexdigest()[0:16]
#User A encrypts traffic with keyA and sends it to User B. This traffic can be MITM'd by M who can also generate keyA and decrypt the traffic.
enc_to_B = block.openssl_cbc_encrypt(msg_to_B, block_size, keyB,
binascii.a2b_hex(iv_to_B[2:]))
print 'Encrypted text from B to A', repr(enc_to_B)
dec_to_B = block.openssl_cbc_decrypt(enc_to_B, keyB,
binascii.a2b_hex(iv_to_B[2:]))
import sys
import os
#Adding directory to the path where Python searches for modules
cmd_folder = os.path.dirname('/home/arvind/Documents/Me/My_Projects/Git/Crypto/modules/')
sys.path.insert(0, cmd_folder)
#Importing common crypto module
import block
import base64
input_file= '10.txt'
if __name__ == "__main__":
key= 'YELLOW SUBMARINE'
iv= ((r'\x00') * 16).decode('string-escape')
block_size= 16
#This bit actually tests the encryption for cbc code
#plaintext= 'abcdefghijklmnopqrstuvwxyz'
#encrypted= block.openssl_cbc_encrypt(plaintext, block_size, key, iv)
#ciphertext= encrypted
#This bit solves the actual challenge :)
with open(input_file) as f:
t1= f.readlines()
t2= ''.join(t1)
ciphertext= base64.b64decode(t2)
decrypted= block.openssl_cbc_decrypt(ciphertext, key, iv)
print decrypted
def process_and_decrypt_string(encrypted):
decrypted= block.openssl_cbc_decrypt(encrypted, key_in_binary, iv_in_binary)
return decrypted