示例#1
0
def break_CTR():
    aes_key = chal11.get_random_bytes(16)
    nonce = 0
    ciphertexts = []
    strings = []
    file = open('20.txt', 'r')
    for line in file:
        strings.append(line)
    #print strings
    for plaintext in strings:
        plaintext = base64.b64decode(plaintext)
        #print plaintext
        ciphertexts.append(
            chal18.encrypt_decrypt_CTR(plaintext, aes_key, nonce))

    transpose_cipher = map(None, *ciphertexts)

    keystream = ''
    for ele in transpose_cipher:
        data = ''.join(filter(None, ele))
        keystream += chr(chal3.breakSingleByteXOR(data)[0])

    for ele in ciphertexts:
        #print len(ele)
        print chal10.xor_data(ele, keystream[:len(ele)])
示例#2
0
 def send_msg(self, msg):
     iv = chal11.get_random_bytes(16)
     #print 'iv - ',iv
     cipher = chal10.encrypt_CBC(msg, self.key, iv)
     cipher = iv + cipher
     #print cipher
     self.c.send(cipher)
示例#3
0
def CBC_padding_oracle_encrypt(key):
    plaintext = base64.b64decode(random_strings[random.randint(
        0,
        len(random_strings) - 1)])
    print '.',
    iv = chal11.get_random_bytes(16)
    plaintext = chal9.pad(plaintext, 16)
    ciphertext = chal10.encrypt_CBC(plaintext, key, iv)
    return ciphertext, iv
示例#4
0
		cipher = len(encryption_oracle(plaintext))
		if cipher > last_cipher:
			return cipher - last_cipher
		last_cipher = cipher
		length += 1


def break_ECB():
	matched_string = ''
	block_length = check_ECB_block_size()
	size_of_msg = len(encryption_oracle(''))
	msg_blocks = (size_of_msg/block_length)*block_length
	#print msg_blocks,' ',size_of_msg
	for k in range(size_of_msg):
		#print len(matched_string)
		plaintext = 'A'*(msg_blocks-len(matched_string)-1)
		ciphertext = encryption_oracle(plaintext)[:msg_blocks]
		for i in range(256):
			if ciphertext == encryption_oracle(plaintext+matched_string+chr(i))[:msg_blocks]:
				matched_string += chr(i)
				break
	return matched_string

if __name__=="__main__":
	KEY = chal11.get_random_bytes(16)
	#print check_ECB_block_size()
	plaintext = break_ECB()
	print plaintext
示例#5
0
def decrypt(key, ciphertext):
    return encrypt(key, ciphertext)


def break_cipher(ciphertext):
    suffix_plaintext = 'A' * 14
    for seed in range(2**16 - 1):
        #print '.',
        if decrypt(seed, ciphertext)[-14:] == suffix_plaintext:
            print 'Cipher Cracked :)'
            return seed


def generate_pass_link():
    plaintext = 'A' * 14
    return encrypt(int(time.time()), plaintext)


def check_pass_link(ciphertext):
    return decrypt(int(time.time()), ciphertext) == 'A' * 14


if __name__ == "__main__":
    plaintext = chal11.get_random_bytes(random.randint(2, 40)) + 'A' * 14
    key = random.randint(0, 2**16 - 1)
    ciphertext = encrypt(key, plaintext)
    print "Key Matched - ", key == break_cipher(ciphertext)

    print 'Password link time seed test -', check_pass_link(
        generate_pass_link())
示例#6
0
    if len(key) > BLOCK_SIZE:
        hash.update(key)
        key = hash.hexdigest()
    if len(key) < BLOCK_SIZE:
        key = key + '\x00' * (BLOCK_SIZE - len(key))

    o_key_pad = chal10.xor_data(chr(0x5c) * BLOCK_SIZE, key)
    i_key_pad = chal10.xor_data(chr(0x36) * BLOCK_SIZE, key)

    hash1 = SHA1()
    hash1.update(i_key_pad + message)
    hash2 = SHA1()
    hash2.update(o_key_pad + hash1.hexdigest())
    return hash2.hexdigest()


def insecure_compare(A, B):
    print A
    print B
    if len(A) != len(B):
        return False
    for a, b in zip(A, B):
        if a != b:
            return False
        time.sleep(DELAY)
    return True


if __name__ == "__main__":
    KEY = chal11.get_random_bytes(random.randint(1, 100))
    app.run(port=9000)
示例#7
0
		cipher1 = encryption_oracle('A'*(k+1))
		cipher2 = encryption_oracle('A'*k+'B')
		if cipher1[matched_size:matched_size+block_length] == cipher2[matched_size:matched_size+block_length]:
			break
	matched_size += (block_length-k)
	return matched_size

def break_ECB():
	matched_string = ''
	block_length = check_ECB_block_size()
	prefix_len = get_prefix_length(block_length)
	prefix_block_len = (prefix_len/block_length)*block_length
	size_of_msg = len(encryption_oracle('')) - prefix_len
	msg_blocks = (size_of_msg/block_length)*block_length
	#print msg_blocks,' ',size_of_msg
	for k in range(size_of_msg):
		#print len(matched_string)
		plaintext = 'A'*(msg_blocks-len(matched_string)-1+prefix_block_len-prefix_len)
		ciphertext = encryption_oracle(plaintext)[prefix_block_len:prefix_block_len+msg_blocks]
		for i in range(256):
			if ciphertext == encryption_oracle(plaintext+matched_string+chr(i))[prefix_block_len:prefix_block_len+msg_blocks]:
				matched_string += chr(i)
				break
	return matched_string

if __name__=="__main__":
	KEY = chal11.get_random_bytes(16)
	random_prefix = chal11.get_random_bytes(random.randint(1,100))
	#print check_ECB_block_size()
	print break_ECB()
示例#8
0
#	print guess_block
    return guess_block


def attack():
    #print len(ciphertext)
    plain_strings = []
    while len(plain_strings) < 10:
        ciphertext, iv = CBC_padding_oracle_encrypt(aes_key)
        num_of_blocks = len(ciphertext) / 16
        prev_block = iv
        plaintext = ''
        #print num_of_blocks
        for i in range(num_of_blocks):
            #print i
            block = ciphertext[i * 16:(i + 1) * 16]
            plaintext += break_block(block, prev_block, ciphertext[:(i) * 16],
                                     aes_key, iv)
            #print plaintext
            prev_block = block
        plaintext = chal9.unpad(plaintext)
        if not plaintext in plain_strings:
            plain_strings.append(plaintext)
    return plain_strings


if __name__ == "__main__":
    aes_key = chal11.get_random_bytes(16)
    print attack()
示例#9
0
 def send_msg(self, msg):
     iv = chal11.get_random_bytes(16)
     cipher = chal10.encrypt_CBC(msg, self.key, iv)
     cipher = iv + cipher
     self.s.send(cipher)