CoCalc -- exploit.py

GitHub Repository: ashutosh1206/crypton
Path: blob/master/Block-Cipher/Attack-CBC-Byte-at-a-Time/exploit.py
¹⁴⁰² views

1
from Crypto.Cipher import AES
2
from Crypto.Util.number import *
3
from os import urandom
4
from secret import flag
5

6
BLOCKSIZE = 16
7
key = urandom(16)
8
print "key: ", key.encode("hex")
9
iv = urandom(16)
10
print "iv: ", iv.encode("hex")
11

12
def pad(s):
13
	s += (BLOCKSIZE - (len(s) % BLOCKSIZE))*(chr(BLOCKSIZE - (len(s) % BLOCKSIZE)))
14
	return s
15

16
def encryption(plaintext):
17
	plaintext = plaintext + flag
18
	plaintext = pad(plaintext)
19
	assert len(plaintext) % BLOCKSIZE == 0
20
	obj1 = AES.new(key, AES.MODE_CBC, iv)
21
	ciphertext = obj1.encrypt(plaintext)
22
	return ciphertext.encode("hex")
23

24
#<----------------------------------</Server-Side>----------------------------------->
25
#<----------------------------------<Attacker's-Side>-------------------------------->
26
s = ""
27
for k in range(4):
28
	for i in range(1, BLOCKSIZE+1):
29
		input_str = 'a'*(16-i)
30
		ct = encryption(input_str)[32*k:32*k+32]
31
		for j in range(256):
32
			ct1 = encryption(input_str + s + chr(j))[32*k:32*k+32]
33
			if ct == ct1:
34
				s += chr(j)
35
				break
36
		print s
37
#<-----------------------------------</Attacker's-Side>------------------------------>
38

Product

Resources

Company