Untitled

# Ciphertexts are sent back and forth as ASCII Encoded Hex Strings. 0xFF will be sent as
# "FF" (2 Bytes), not as "\xff" (1 Byte).

# You can use python's string.encode('hex') and string.decode('hex') to quickly convert between
# raw data and string representation if you need/want to.

from twisted.internet import reactor, protocol
from Crypto.Cipher import AES
import os
import random

PORT = 9001

KEYSIZE = 16
KEY = "AAA" + "BBB" + "CCC" + '\x01' + "\x80" * 6
IV = "\x00" * KEYSIZE
SECRET = "lolnotflaglol"
prefix = "comment1=wowsuch%20CBC;userdata="
suffix = ";coment2=%20suchsafe%20very%20encryptwowww"

key = os.urandom(16)
iv = os.urandom(16)

def parse_profile( data):
    ptxt = decrypt_cbc(key, iv, data.encode('hex'))
    ptxt = ptxt.replace(" ","")
    print ptxt
    if ";admin=true" in ptxt:
        return 1
    return 0

def mkprofile( email):
    if((";" in email)):
        return -1
    prefix = "comment1=wowsuch%20CBC;userdata="
    suffix = ";coment2=%20suchsafe%20very%20encryptwowww"
    ptxt = prefix + email + suffix
    return encrypt_cbc(key, iv, ptxt)


class bcolors:
    HEADER = '\033[95m'
    OKBLUE = '\033[94m'
    OKGREEN = '\033[92m'
    WARNING = '\033[93m'
    FAIL = '\033[91m'
    ENDC = '\033[0m'
    BOLD = '\033[1m'
    UNDERLINE = '\033[4m'
    CLEAR = '\x1b[2J\x1b[1;1H'


BANNER = bcolors.OKBLUE + """
.--------------------------------------------.
|+ [ BLACKBOX ]  PUBLIC API DOCS v1.33.7   + |
'--------------------------------------------'""" + bcolors.ENDC

DOCS = """
|                                            |
|                                            |
|getapikey:              Get an Account      |
|getflag:<admin_apikey>  Get a Flag!!!!      |
|                                            |
|                                            |
'--------------------------------------------'
"""
def pad(instr, length):
        if(length == None):
                print "Supply a length to pad to"
        elif(len(instr) % length == 0):
                print "No Padding Needed"
                return instr
        else:
                return instr + ' ' * (length - (len(instr) % length ))

def encrypt_block(key, plaintext):
        encobj = AES.new(key, AES.MODE_ECB)
        return encobj.encrypt(plaintext).encode('hex')

def decrypt_block(key, ctxt):
        decobj = AES.new(key, AES.MODE_ECB)
        return decobj.decrypt(ctxt).encode('hex')

def xor_block(first,second):
        '''
        Return a string containing a XOR of bytes in first with second
        '''
        if(len(first) != len(second)):
                print "Blocks need to be the same length!"
                return -1

        first = list(first)
        second = list(second)
        for i in range(0,len(first)):
                first[i] = chr(ord(first[i]) ^ ord(second[i]))
        return ''.join(first)

def encrypt_cbc(key,IV, plaintext):
        '''
        High Level Function to encrypt things in AES CBC Mode.
        1: Pad plaintext if necessary.
        2: Split plaintext into blocks of length <keysize>
        3: XOR Block 1 w/ IV
        4: Encrypt Blocks, XOR-ing them w/ the previous block.
        '''
        if(len(plaintext) % len(key) != 0):
                plaintext = pad(plaintext,len(key))
        blocks = [plaintext[x:x+len(key)] for x in range(0,len(plaintext),len(key))]
        for i in range(0,len(blocks)):
                if (i == 0):
                        ctxt = xor_block(blocks[i],IV)
                        ctxt = encrypt_block(key,ctxt)
                else:
                        tmp = xor_block(blocks[i],ctxt[-1 * (len(key) * 2):].decode('hex'))     #len(key) * 2 because ctxt is an ASCII string that we convert to "raw" binary.
                        print tmp
                        ctxt = ctxt + encrypt_block(key,tmp)
        return ctxt

def decrypt_cbc(key,IV,ctxt):
        '''
        High Level function to decrypt thins in AES CBC mode.
        1: Split Ciphertext into blocks of len(Key)
        2: Decrypt block.
        3: For the first block, xor w/ IV. For the others, xor with last ciphertext block.
        '''
        ctxt = ctxt.decode('hex')       # Plain text
        if(len(ctxt) % len(key) != 0):
                print "Invalid Key."
                return -1
        blocks = [ctxt[x:x+len(key)] for x in range(0,len(ctxt),len(key))]  # Blocks of plain
        for i in range(0,len(blocks)):
                if (i == 0):                # For first, send plaint vs key
                        ptxt = decrypt_block(key,blocks[i])
                        ptxt = xor_block(ptxt.decode('hex'),IV)
                else:                       # For rest, decrypt plain
                        tmp = decrypt_block(key,blocks[i])     # decrypt the plain w/ key
                        tmp = xor_block(tmp.decode('hex'),blocks[i-1]) # XOR the decoded stuff and comp vs prev block
                        ptxt = ptxt + tmp
        return ptxt

def decrypt(cipher):
    cipher = cipher.decode('hex')
    if (len(cipher) % 32 != 0):
        print len(cipher) % 32
        print ("[BLACKBOX] Invalid Length for API Endpoint\n")
        return

    if (parse_profile(cipher) == 1):
        print ("Congratulations!\nThe Secret is: ")

    else:
        print("[BLACKBOX] You are a normal user.\n")

def encrypt(aString):
    return mkprofile(aString)