def encrypt(self, text):
sekrit = ('Um9sbGluJyBpbiBteSA1LjAKV2l0aCBteSByYWctdG9wIGRvd24gc28gbXkg'
'aGFpciBjYW4gYmxvdwpUaGUgZ2lybGllcyBvbiBzdGFuZGJ5IHdhdmluZyBq'
'dXN0IHRvIHNheSBoaQpEaWQgeW91IHN0b3A/IE5vLCBJIGp1c3QgZHJvdmUg'
'YnkK')
text += base64.b64decode(sekrit.encode())
text = pkcs.pad(text, 16)
return self._cipher.encrypt(text)
def cbcEncrypt(plaintext, key, iv):
plaintext = pkcs.pad(plaintext, 16)
ciphertext = ''
oldBlock = iv
for i in my_range(0, len(plaintext), 16):
newBlock = xor.charXor(oldBlock, plaintext[i:i+16])
newBlock = ecbEncryptSub(newBlock.decode('hex'), key)
ciphertext += newBlock
oldBlock = newBlock
return ciphertext
def encryptionOracle(text):
# Some random padding
frontPad = randint(5, 10)
endPad = randint(5, 10)
text = _randomBytes(frontPad) + text + _randomBytes(endPad)
# Now pad text to block size with pkcs
text = pkcs.pad(text, 16)
key = _randomBytes(16)
if randint(0, 1):
iv = _randomBytes(16)
cipher = aes.cbc(key, iv)
method = 'CBC'
else:
cipher = aes.ecb(key)
method = 'ECB'
return cipher.encrypt(text), method
def encryptionOracle(text):
# Some random padding
frontPad = randint(5, 10)
endPad = randint(5, 10)
text = _randomBytes(frontPad) + text + _randomBytes(endPad)
# Now pad text to block size with pkcs
text = pkcs.pad(text, 16)
key = _randomBytes(16)
if randint(0, 1):
iv = _randomBytes(16)
cipher = aes.cbc(key, iv)
method = 'CBC'
else:
cipher = aes.ecb(key)
method = 'ECB'
return cipher.encrypt(text), method
def makeAdmin(cipher):
# Shorthand
encrypt = cipher.encrypt
blockSize = cryptUtil.blockSize(encrypt)
prefixLen = ecbUtil.prefixLength(encrypt, blockSize)
adminPad = blockSize - (prefixLen % blockSize)
rolePad = adminPad + (blockSize - len('&uid=10&role='))
text = encrypt(b'x' * rolePad)
roleBlock = cryptUtil.getNthBlock(text, blockSize, 1)
text = encrypt(b'x' * adminPad + pkcs.pad(b'admin', blockSize))
adminBlock = cryptUtil.getNthBlock(text, blockSize, 1)
text = encrypt(b'x' * rolePad)
myText = cryptUtil.getNthBlock(text, blockSize, 0) + roleBlock + adminBlock
try:
return cipher.decrypt(myText)['role'] == 'admin'
except:
return False
def makeAdmin(cipher):
# Shorthand
encrypt = cipher.encrypt
blockSize = cryptUtil.blockSize(encrypt)
prefixLen = ecbUtil.prefixLength(encrypt, blockSize)
adminPad = blockSize - (prefixLen % blockSize)
rolePad = adminPad + (blockSize - len('&uid=10&role='))
text = encrypt(b'x' * rolePad)
roleBlock = cryptUtil.getNthBlock(text, blockSize, 1)
text = encrypt(b'x' * adminPad + pkcs.pad(b'admin', blockSize))
adminBlock = cryptUtil.getNthBlock(text, blockSize, 1)
text = encrypt(b'x' * rolePad)
myText = cryptUtil.getNthBlock(text, blockSize, 0) + roleBlock + adminBlock
try:
return cipher.decrypt(myText)['role'] == 'admin'
except:
return False
def encrypt(self, email):
if type(email) == str: email = email.encode()
text = pkcs.pad(self._profile_for(email), 16)
return self._cipher.encrypt(text)
tokens = buf.split('&')
for token in tokens:
key_pair = token.split('=')
cookie[key_pair[0]] = key_pair[1]
return cookie
def profile_for(email):
email = email.replace('=', '')
email = email.replace('&', '')
# len is 19 up to the role, using randomly generated uid would
# make it slightly more difficult, but for every digit increase
# we could just decrease the email length
cookieString = 'email=' + email + '&uid=10' + '&role=user'
return cookieString, parseString(cookieString)
def encrypt_profile(encoding):
return aes.ecbEncrypt(encoding, key)
def decrypt_profile(ciphertext):
plaintext = aes.ecbDecrypt(ciphertext, key)
return parseString(plaintext)
#any 13 (mod 16) char email will work for 2 digit uid, 12 for 3, etc
profile = profile_for('*****@*****.**')
admin_string = pkcs.pad('admin', 16)
#offset by 10 so admin_string starts a block
target = profile_for('0123456789'+admin_string)
encrypted = encrypt_profile(profile[0])
targetencrypted = encrypt_profile(target[0])
encrypted = encrypted[:-16] + targetencrypted[16:32]
print decrypt_profile(encrypted)
def encrypt(self, text):
if type(text) == str: text = text.encode()
text = self._prefix + Quoter.quote(text) + self._suffix
return self._cipher.encrypt(pkcs.pad(text, 16))
def encrypt(self, text):
text = self.prefix + text + self.secret
return self._cipher.encrypt(pkcs.pad(text, 16))
def encrypt(self, email):
if type(email) == str: email = email.encode()
text = pkcs.pad(self._profile_for(email), 16)
return self._cipher.encrypt(text)
def ecbEncrypt(plaintext, key):
plaintext = pkcs.pad(plaintext, 16)
return ecbEncryptSub(plaintext, key)