Skip to content

Instantly share code, notes, and snippets.

@le4ker
Last active October 22, 2017 16:30
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Embed
What would you like to do?
# # # # # # # # # # # # # # # # # # # # # # # # # #
# Demonstration of CBC Bit Flipping Attack #
# Author: Panos Sakkos <panos.sakkos@gmail.com> #
# Date: October 2017 #
# License: MIT #
# # # # # # # # # # # # # # # # # # # # # # # # # #
require 'openssl'
class UnauthenticatedEncryption
def encrypt(plaintext)
cipher = OpenSSL::Cipher::AES.new(256, :CBC)
cipher.encrypt
@key = cipher.random_key
iv = cipher.random_iv
ciphertext = cipher.update(plaintext) + cipher.final
return iv + ciphertext
end
def decrypt(ciphertext)
decipher = OpenSSL::Cipher::AES.new(256, :CBC)
decipher.decrypt
decipher.key = @key
decipher.iv = ciphertext[0..15]
plaintext = decipher.update(ciphertext[16..(ciphertext.length - 1)]) + decipher.final
return plaintext
end
end
plaintext = 'admin=0'
unauthenticatedEncryption = UnauthenticatedEncryption.new()
intercepted_ciphertext = unauthenticatedEncryption.encrypt(plaintext)
intercepted_ciphertext[6] = (intercepted_ciphertext.bytes[6] ^ 0x01).chr
new_plaintext = unauthenticatedEncryption.decrypt(intercepted_ciphertext)
puts new_plaintext
# admin=1
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment