def break_ecb(oracle: Callable[[bytes], bytes]) -> bytes: bs = blocksize(oracle) l = len(oracle(b"")) prefix_length = len_prefix(oracle) string_length = len_string(oracle) - prefix_length plaintext = b"" uc = (l + bs - prefix_length - 1) * b"A" while len(plaintext) <= string_length: oracle_input = oracle(uc) for i in range(127): test = uc + plaintext + bytes([i]) if oracle(test)[l:l + bs] == oracle_input[l:l + bs]: uc = uc[1:] plaintext += bytes([i]) break return de_pkcs7(plaintext)
def break_ecb(oracle): bs = blocksize(oracle) l = len(oracle()) string_length = len_string(oracle) prefix_length = len_prefix(oracle) plaintext = b'' uc = (l + bs - len_prefix(oracle) - 1) * b'A' while len(plaintext) <= string_length: oracle_input = oracle(uc) for i in range(127): test = uc + plaintext + bytes([i]) if oracle(test)[l:l + bs] == oracle_input[l:l + bs]: uc = uc[1:] plaintext += bytes([i]) #print(chr(i), end = "", flush = True) break return de_pkcs7(plaintext)
def len_string(oracle): l = len(oracle()) bs = blocksize(oracle) for i in range(1, bs + 1): if l < len(oracle(i * b'A')): return l - i - len_prefix(oracle)