You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi, the readme suggests running python test.py -m mysecretmessage to test the package, but this doesn't work because the cipher given to run does not include the IV:
I think an oracle usually assumes that the ciphertext includes the IV as the first block? This is just a nuance of the test file, which allows the user to pass a plaintext message, which test.py encrypts with a fixed IV, before passing it to run.
Prepending the IV to the cipher passed to run resolves this:
run(iv.hex() + cipher.hex(), 16)
and recovers the entire plaintext:
$ python test.py -m mysecretmessage[+] Encrypt mysecretmessage[+] mysecretmessage ---> fc6df3bb5a6995d6ffa35c8df315a4c6[+] Search value block : 1[+] Found 2 bytes : 6501[+] Found 3 bytes : 676501[+] Found 4 bytes : 61676501[+] Found 5 bytes : 7361676501[+] Found 6 bytes : 737361676501[+] Found 7 bytes : 65737361676501[+] Found 8 bytes : 6d65737361676501[+] Found 9 bytes : 746d65737361676501[+] Found 10 bytes : 65746d65737361676501[+] Found 11 bytes : 7265746d65737361676501[+] Found 12 bytes : 637265746d65737361676501[+] Found 13 bytes : 65637265746d65737361676501[+] Found 14 bytes : 7365637265746d65737361676501[+] Found 15 bytes : 797365637265746d65737361676501[+] Found 16 bytes : 6d797365637265746d65737361676501[+] Decrypted value (HEX): 6D797365637265746D65737361676501[+] Decrypted value (ASCII): mysecretmessage
Although perhaps it would be better to show in the printed message that the IV is being prepended:
if__name__=="__main__":
parser=argparse.ArgumentParser(description="Exploit of Padding Oracle Attack")
parser.add_argument("-m", "--message", required=True, help="message to pown")
parser.add_argument(
"-v",
"--verbose",
help="debug mode, you need a large screen",
action="store_true",
)
args=parser.parse_args()
iv=b"1234567812345678"print("[+] Encrypt", args.message, "with IV", iv)
cipher, iv=encrypt(bytearray(args.message, "UTF-8"), iv)
print("[+] Ciphertext ---> %s"% (iv.hex() +cipher.hex()))
plaintext=decrypt(cipher, iv)
run(iv.hex() +cipher.hex(), 16)
$ python test.py -m mysecretmessage[+] Encrypt mysecretmessage with IV b'1234567812345678'[+] Ciphertext ---> 31323334353637383132333435363738fc6df3bb5a6995d6ffa35c8df315a4c6[+] Search value block : 1[+] Found 2 bytes : 6501[+] Found 3 bytes : 676501[+] Found 4 bytes : 61676501[+] Found 5 bytes : 7361676501[+] Found 6 bytes : 737361676501[+] Found 7 bytes : 65737361676501[+] Found 8 bytes : 6d65737361676501[+] Found 9 bytes : 746d65737361676501[+] Found 10 bytes : 65746d65737361676501[+] Found 11 bytes : 7265746d65737361676501[+] Found 12 bytes : 637265746d65737361676501[+] Found 13 bytes : 65637265746d65737361676501[+] Found 14 bytes : 7365637265746d65737361676501[+] Found 15 bytes : 797365637265746d65737361676501[+] Found 16 bytes : 6d797365637265746d65737361676501[+] Decrypted value (HEX): 6D797365637265746D65737361676501[+] Decrypted value (ASCII): mysecretmessage
The text was updated successfully, but these errors were encountered:
Hi, the readme suggests running
python test.py -m mysecretmessage
to test the package, but this doesn't work because the cipher given torun
does not include the IV:Padding-oracle-attack/test.py
Lines 251 to 255 in 94526ce
I think an oracle usually assumes that the ciphertext includes the IV as the first block? This is just a nuance of the test file, which allows the user to pass a plaintext message, which
test.py
encrypts with a fixed IV, before passing it torun
.Prepending the IV to the cipher passed to
run
resolves this:run(iv.hex() + cipher.hex(), 16)
and recovers the entire plaintext:
Although perhaps it would be better to show in the printed message that the IV is being prepended:
The text was updated successfully, but these errors were encountered: