Last active
December 10, 2015 17:58
-
-
Save martani/4471399 to your computer and use it in GitHub Desktop.
Online padding oracle
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //Class implements ICBCOracle | |
| public class OnlineCBCOracle : ICBCOracle | |
| { | |
| public bool RequestOracle(byte[] cipher) | |
| { | |
| const string BASE_URL = "ORACLE_URL?er="; | |
| string urlData = Helpers.ConvertByteArrayToHexString(cipher); | |
| WebClient wc = new WebClient(); | |
| try | |
| { | |
| wc.DownloadData(BASE_URL + urlData); | |
| } | |
| catch (WebException e) | |
| { | |
| //Invalid padding | |
| if (e.Message.Contains("403")) | |
| return false; | |
| //Valid padding, but wrong mac | |
| if (e.Message.Contains("404")) | |
| return true; | |
| } | |
| //Failed, the oracle is not up! | |
| return false; | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment