Created
July 24, 2014 05:22
-
-
Save blindFS/c38d8daecbdb2482c952 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import urllib2 | |
import copy | |
TARGET = 'http://crypto-class.appspot.com/po?er=' | |
cipher_text = 'f20bdba6ff29eed7b046d1df9fb7000058b1ffb4210a580f748b4ac714c001bd4a61044426fb515dad3f21f18aa577c0bdf302936266926ff37dbf7035d5eeb4'.decode('hex') | |
IV = cipher_text[:16] | |
c_blocks = [IV, cipher_text[16:32], cipher_text[32:48], cipher_text[48:64]] | |
m_blocks = [[0]*16, [0]*16, [0]*16] | |
class PaddingOracle(object): | |
def query(self, q): | |
target = TARGET + urllib2.quote(q) # Create query URL | |
req = urllib2.Request(target) # Send HTTP request to server | |
try: | |
urllib2.urlopen(req) # Wait for response | |
return True | |
except urllib2.HTTPError, e: | |
print "We got: %d" % e.code # Print response code | |
if e.code == 404: | |
return True # good padding | |
return False # bad padding | |
def decrypt_block(index): | |
c = ''.join(c_blocks[:index+2]) | |
m = m_blocks[index] | |
for bi in xrange(16): | |
decrypt_byte(c, m, bi) | |
def decrypt_byte(c, m, b_index): | |
po = PaddingOracle() | |
cc = copy.copy(c) | |
tail = "" | |
for j in xrange(b_index): | |
old_char = ord(c[-17-j]) ^ (b_index+1) ^ m[-1-j] | |
tail = chr(old_char)+tail | |
for i in xrange(256): | |
# i = 127-i | |
i = i+9 | |
query = cc[:-17-b_index] | |
char = ord(c[-17-b_index]) ^ (b_index+1) ^ i | |
query += chr(char) | |
query += tail | |
query += cc[-16:] | |
q = "".join("{:02x}".format(ord(c)) for c in query) | |
if po.query(q): | |
print "index "+str(b_index)+" OK!" | |
print "char:"+str(i) | |
m[-1-b_index] = i | |
return | |
def dec(): | |
for i in xrange(3): | |
decrypt_block(i) | |
print ''.join(map(chr, m_blocks[i])) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment