def oracle(ciphertext):
try:
aes.cbc_decrypt(ciphertext, key)
except tools.PaddingError:
return False
else:
return True
def is_admin(token):
cookie = cbc_decrypt(KEY, IV, token).decode('latin-1')
fields = cookie.split(';')
items = [(key, unescape(value))
for key, value in (field.split('=', maxsplit=1)
for field in fields if "=" in field)]
return any([item == ('admin', 'true') for item in items])
def decrypt(cipertext, iv):
return aes.cbc_decrypt(cipertext, key, iv)
def padding_oracle(iv, ciphertext):
try:
cbc_decrypt(KEY, iv, ciphertext)
return True
except BadPaddingException:
return False
def padding_oracle(iv, ciphertext):
try:
cbc_decrypt(KEY, iv, ciphertext)
return True
except BadPaddingException:
return False
def is_admin(ciphertext):
plaintext = aes.cbc_decrypt(ciphertext, key, iv)
return b';admin=true;' in plaintext
def test_cbc_decrypt():
msg = bytes.fromhex("62cc02dafc6482edf9f2adca6abbb3d2")
key = bytes.fromhex("000102030405060708090a0b0c0d0e0f")
iv = bytes.fromhex("00112233445566778899aabbccddeeff")
decrypted = aes.cbc_decrypt(msg, key, iv).hex()
assert decrypted == "00112233445566778899aabbccddee"
from aes import ecb_encrypt, ecb_decrypt, cbc_encrypt, cbc_decrypt
from base64 import b64decode
key = "YELLOW SUBMARINE"
test_block = bytes([0x40] * 16)
assert (test_block == ecb_decrypt(key, ecb_encrypt(key, test_block)))
with open("10.txt") as f:
ciphertext = b64decode(''.join([line.strip() for line in f.readlines()]))
iv = bytes([0x00] * 16)
decrypted = cbc_decrypt(key, iv, ciphertext)
print(decrypted.decode('ascii'))
assert (ciphertext == cbc_encrypt(key, iv, decrypted))
