def generate(key, message):
blk_size = SHA1.block_size
if (len(key) > blk_size):
key = SHA1.digest(key)
if (len(key) < blk_size):
key = key + bytes([0x00] * (blk_size - len(key)))
o_key_pad = xor_bytes(bytes([0x5c] * blk_size), key)
i_key_pad = xor_bytes(bytes([0x36] * blk_size), key)
return SHA1.digest(o_key_pad + SHA1.digest(i_key_pad + message))
def main(insecure_delay=0.05, server_retries=10, num_of_threads=64):
# Starting server
server_start(insecure_delay)
# File to attack
attack_file = 'README.md'
# Generate one signature and perform 1 dummy connection
sig = bytearray(SHA1.digest(b''))
sig = bytearray([0] * len(sig))
# Brute-force each byte in the signature
for j in range(len(sig)):
test_connection_multithreaded(attack_file, sig, j, num_of_threads,
server_retries)
# Verify signature
code, time, text = test_connection(attack_file, sig, 1)
print(text)
def main():
# Perform keyed hash of original msg
original_msg = b'comment1=cooking%20MCs;userdata=foo;comment2=%20like%20a%20pound%20of%20bacon'
original_mac= encryption_oracle(original_msg)
print('Original msg = ', original_msg)
print('Orignal msg MAC = ', bytes_hexstr(original_mac))
print('Origianal msg verify passed = ', verify_mac(encryption_oracle, original_msg, original_mac))
# Re-create SHA state from hash value
print ('---------------')
print ('Trying to forge')
# Reverse SHA state
h = reverse_SHA_state(original_mac)
# Set string that we want to append
forged_str=b';admin=true'
# Try all key lengthes
for keylen in range(1,100):
forged_msg=original_msg + SHA1.padding(original_msg, len(original_msg) + keylen) + forged_str
forged_str_len=len(forged_msg)+keylen
forged_mac=SHA1.digest(forged_str,h[0],h[1],h[2],h[3],h[4], forged_str_len)
if verify_mac(encryption_oracle, forged_msg, forged_mac):
break;
print('Forged msg = ', forged_msg)
print('Forged msg MAC = ', bytes_hexstr(forged_mac))
print('Forged msg verify passed = ', verify_mac(encryption_oracle, forged_msg, forged_mac))
