Skip to content

Instantly share code, notes, and snippets.

@rcombs
Created May 7, 2013 05:03
Show Gist options
  • Save rcombs/5530361 to your computer and use it in GitHub Desktop.
Save rcombs/5530361 to your computer and use it in GitHub Desktop.
'''
Created on Jul 4, 2010
@author: Eloi Sanfelix < eloi AT limited-entropy.com >
'''
from Crypto.Cipher import AES
from PaddingOracle.DecryptionOracle import DecryptionOracle
from PaddingOracle.CBCREncryptionOracle import CBCREncryptionOracle
import random
import struct
import socket
def hex_string(data):
x = struct.unpack("B"*len(data),data)
return "".join([ hex(i)+" " for i in x])
#Random key globally initialized
#key = "".join([struct.pack("B",random.getrandbits(8)) for i in range(16) ])
key = "cacacacacacacaca"
sock = socket.socket()
sock.connect(("vuln.picoctf.com", 4567))
sock.recv(1024)
def oracle(ctext):
# sock.send("165047d37a95eb20028a88af4aa3527b7191209e799d4fdd24e631de95638a0a".decode("hex") + "\n")
sock.send(ctext + "\n")
buf = sock.recv(1024)
print buf
return buf.find("incorrect padding") == -1
if __name__ == '__main__':
#Random 4 block plaintext
# data = "".join([struct.pack("B",random.getrandbits(8)) for i in range(64) ])
# data = "".join([struct.pack("B",random.getrandbits(8)) for i in range(16) ])
data="HERE_IS_COMMAND:flag\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c"
#print "Plaintext: "+hex_string(data)
cipher = AES.new(key,AES.MODE_CBC,"\x00"*16)
#ctext = cipher.encrypt(data)
ctext ="\xb6\x4e\x2c\x54\x08\x4d\x23\xbb\xd6\x40\xe0\x6e\xd5\x7f\x08\x08"
print "Ciphertext: "+hex_string(ctext)
decryptOracle = DecryptionOracle(oracle,16)
encryptOracle = CBCREncryptionOracle(decryptOracle,16)
ctext2 = encryptOracle.encrypt_message(data)
print "Ciphertext using CBC-R (includes IV): "+hex_string(ctext2)
#print "Encryption oracle says: " + hex_string(ctext2)
cipher2 = AES.new(key,AES.MODE_CBC,ctext2[0:16])
ptext = cipher2.decrypt(ctext2[16:])
if(ptext == data):
print "CORRECT decryption of CBC-R encrypted ctext!"
else:
print "INCORRECT decryption of CBC-R encrypted ctext"
@rcombs
Copy link
Author

rcombs commented May 7, 2013

Deps are (probably) here: https://gist.github.com/5530367

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment