Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #Padding Oracle decryption
- import binascii
- import urllib2
- import string
- target="http://crypto-class.appspot.com/po?er="
- plain_text=[]
- def padding_oracle(iv,ct):
- global target,plain_text
- #print "iv=",iv
- iv=binascii.unhexlify(iv)
- iv=list(iv) #because string is immutable,convert to a string first
- iv_index=len(iv)-1
- j=0x1
- bf_range=list(" "+string.ascii_letters)
- for k in range(16):
- #print "orig =0x%02x " %ord(iv[iv_index])
- temp=iv[iv_index]
- for i in bf_range:
- iv[iv_index]=chr(ord(iv[iv_index]) ^ ord(i) ^ j)
- final_target=target+"".join(iv).encode("hex")+ct
- # if i == 's' and k==1:
- # print final_target
- # print iv[iv_index],iv_index,i,j
- request=urllib2.Request(final_target) #create a HTTP Request
- try:
- resp=urllib2.urlopen(request) #capture the Response
- except urllib2.HTTPError,e:
- if e.code == 404: #valid pad
- #print final_target
- print "Got the %d byte and it is 0x%02x" %(iv_index+1,ord(i))
- plain_text.append("%c" % i)
- #print plain_text
- break
- elif e.code == 403: #invalid pad, iterate
- print "403:Forbidden"
- else:
- print "unknown code :%d" % e.code
- iv[iv_index]=temp #restore the value back
- #print final_target
- #print "modified=0x%02x" % ord(iv[iv_index])
- iv_index-=1
- j+=1
- list_index=0
- end_index=len(iv)-1
- while end_index > iv_index and list_index < len(plain_text): #this is to take care of further padding
- if k==15: #skip the last iteration
- break
- iv[end_index]=chr(ord(iv[end_index]) ^ j ^ (j-1))
- #print "pad modified=0x%02x" % ord(iv[end_index])
- end_index-=1
- list_index+=1
- print "Padding Oracle Attack successful"
- print "Decrypted text : ","".join(plain_text)[::-1] #print the decrypted text
- if __name__ == "__main__":
- cipher_text="f20bdba6ff29eed7b046d1df9fb7000058b1ffb4210a580f748b4ac714c001bd4a61044426fb515dad3f21f18aa577c0bdf302936266926ff37dbf7035d5eeb4"
- print "len of cipher text = %d" % len(cipher_text)
- iv=cipher_text[:32]
- ct=cipher_text[32:64]
- padding_oracle(iv,ct)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement