def encrypt_AES_CBC(plaintext, key):
plaintext = plaintext.replace('&', '').replace('=', '')
plaintext = "comment1=cooking%20MCs;userdata=" + plaintext + ";comment2=%20like%20a%20pound%20of%20bacon"
plaintext = plaintext.encode('ascii')
print(keysize_blocks(BLOCK_SIZE, plaintext))
padded_plaintext = pad(plaintext, BLOCK_SIZE)
cipher_obj = AES.new(key, AES.MODE_CBC, iv)
encrypted_bytes = cipher_obj.encrypt(padded_plaintext)
return encrypted_bytes
def encrypt_AES_CBC(plaintext, iv, key, block_size): encrypted_bytes = bytes() plaintext = keysize_blocks(block_size, plaintext) #initial iv xored_plaintext = xor_bytes(plaintext.pop(0), iv) encrypted_bytes += encrypt_AES_ECB(xored_plaintext, key) while plaintext: xored_plaintext = xor_bytes(plaintext.pop(0), encrypted_bytes[-block_size:]) encrypted_bytes += encrypt_AES_ECB(xored_plaintext, key) return encrypted_bytes
def detect_ecb(plaintext, block_size):
plaintext = keysize_blocks(block_size, plaintext)
#print("Number of plaintext: ", len(plaintext))
#print("Set number: ", len(set(plaintext)))
if len(set(plaintext)) != len(plaintext):
print("ECB")
return True
else:
print("CBC")
return False
def is_admin(cipher_bytes, key):
cipher_obj = AES.new(key, AES.MODE_CBC, iv)
decrypted_bytes = cipher_obj.decrypt(cipher_bytes)
print(keysize_blocks(BLOCK_SIZE, decrypted_bytes))
match_obj = re.search(r';admin=true;',
decrypted_bytes.decode('ascii', errors='ignore'))
if match_obj:
print("True")
return True
else:
print("False")
return False
def AES_CTR_crypt(key, nonce, text, BLOCK_SIZE=16):
blocks = keysize_blocks(BLOCK_SIZE, text)
if type(key) != bytes:
key = key.encode('ascii')
counter = 0
final_text = bytearray()
for block in blocks:
to_encrypt = nonce + counter.to_bytes(8, byteorder="little")
encrypted_text = encrypt_AES_ECB(to_encrypt, key)
xor_encrypted_text = xor_byte_block(encrypted_text, block)
final_text.extend(xor_encrypted_text)
counter += 1
return final_text
def decrypt_AES_CBC(ciphertext, iv, key, block_size): plaintext = bytes() ciphertext = keysize_blocks(block_size, ciphertext) intermediate = ciphertext.pop(0) decrypted_bytes = decrypt_AES_ECB_bytes(intermediate, key) plaintext += xor_bytes(decrypted_bytes, iv) iv = intermediate while ciphertext: intermediate = ciphertext.pop(0) decrypted_bytes = decrypt_AES_ECB_bytes(intermediate, key) plaintext += xor_bytes(decrypted_bytes, iv) iv = intermediate return plaintext
def byte_at_ecb(secret_key_len, oracle_function=None):
# set key to zero
decoded_key = ""
initial_length = secret_key_len
while initial_length:
print("Length ", initial_length)
initial_length -= 1
my_input = "A" * initial_length
#print("Initial length" , initial_length)
print("Input: ", my_input)
encrypted = ecb_oracle(my_input, BLOCK_SIZE)
encrypted_blocks = keysize_blocks(BLOCK_SIZE, encrypted)
#print(encrypted_blocks)
block_to_use = (secret_key_len // BLOCK_SIZE) - 1
print("Block to use: ", block_to_use)
try:
x = find_letter(encrypted_blocks[block_to_use], my_input, decoded_key, ecb_oracle, BLOCK_SIZE)
decoded_key += x
except:
print("Finished decrypting or key lookup error")
break
print("Key so far: ", decoded_key)
else:
print("False")
return False
if __name__ == '__main__':
BLOCK_SIZE = 16
# static for now
#key = os.urandom(BLOCK_SIZE)
key = bytes(16)
iv = ("\x00" * BLOCK_SIZE).encode('ascii')
encrypted = encrypt_AES_CBC("AAAAAAAAAAAAAAAABadminBtrue", key)
encrypted_blocks = (keysize_blocks(BLOCK_SIZE, encrypted))
print(encrypted_blocks)
# bit flip here
# use bin(byte) to get binary
# use int('0b10101201', 2) to get back into byte
# bytearray.append(97)
# lets start by changing 3rd block
block_to_change = encrypted_blocks[2]
print("First character is: ", block_to_change[0])
first_char_bin = bin(block_to_change[0])
first_char_byte = 90 ^ ord(';')
print("Changing to: ", first_char_byte)