cryptopals

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs
commit 3bb622bcd3eb5c3c166a586fd554c37a96306744
parent 3886f078222dd5ad7d163613aeafa0579ecc42b5
Author: mpizzzle <michael.770211@gmail.com>
Date:   Sat, 21 Oct 2017 14:41:17 +0100

correcting ecb cracking, no longer modifying plaintext

Diffstat:

Mset2/byte_at_a_time_ecb_decryption.py | 25++++++++++++-------------


Aset2/ecb_cut_and_paste.py | 25+++++++++++++++++++++++++


2 files changed, 37 insertions(+), 13 deletions(-)

diff --git a/set2/byte_at_a_time_ecb_decryption.py b/set2/byte_at_a_time_ecb_decryption.py
@@ -2,23 +2,22 @@ import sys
 from Crypto.Cipher import AES
 from Crypto import Random
 
-def random_key():
-    return Random.new().read(AES.block_size)
-
-def encryption_oracle(key, msg):
-    return AES.new(key, AES.MODE_ECB).encrypt(msg + ''.join(['\x04' for i in range(AES.block_size - (len(msg) % AES.block_size))]) if len(msg) % AES.block_size != 0 else msg)
-
 pt1 = "Um9sbGluJyBpbiBteSA1LjAKV2l0aCBteSByYWctdG9wIGRvd24gc28gbXkg\n"
 pt2 = "aGFpciBjYW4gYmxvdwpUaGUgZ2lybGllcyBvbiBzdGFuZGJ5IHdhdmluZyBq\n"
 pt3 = "dXN0IHRvIHNheSBoaQpEaWQgeW91IHN0b3A/IE5vLCBJIGp1c3QgZHJvdmUg\n"
 pt4 = "YnkK"
-aaa = "AAAAAAAAAAAAAAA"
 
-plaintext = aaa + str(pt1 + pt2 + pt3 + pt4).decode("base64") # no peeking!
-key = random_key()
+key = Random.new().read(AES.block_size)
+plaintext = str(pt1 + pt2 + pt3 + pt4).decode("base64") # no peeking!
+
+def encryption_oracle(msg):
+    return AES.new(key, AES.MODE_ECB).encrypt(msg + ''.join(['\x04' for i in range(AES.block_size - (len(msg) % AES.block_size))]) if len(msg) % AES.block_size != 0 else msg)
+
+aaa = buf = "AAAAAAAAAAAAAAA"
 
 for i in range(len(plaintext)):
-    dict = {encryption_oracle(key, aaa + chr(j)) : chr(j) for j in range(0xff)}
-    cipher = encryption_oracle(key, plaintext[i:])
-    sys.stdout.write(dict[cipher[:AES.block_size]])
-    aaa = aaa[1:]  + dict[cipher[:AES.block_size]]
+    dict = {encryption_oracle(aaa[i:] + chr(j)) : chr(j) for j in range(0xff)}
+    cipher = encryption_oracle(buf[i % AES.block_size:] + plaintext)
+    aaa += dict[cipher[AES.block_size * (i / AES.block_size) : AES.block_size * ((i + AES.block_size) / AES.block_size)]]
+
+print aaa[AES.block_size - 1:]
diff --git a/set2/ecb_cut_and_paste.py b/set2/ecb_cut_and_paste.py
@@ -0,0 +1,25 @@
+import re
+from Crypto.Cipher import AES
+from Crypto import Random
+
+def random_key():
+    return Random.new().read(AES.block_size)
+
+key = random_key()
+
+def encrypt(key, msg):
+    return AES.new(key, AES.MODE_ECB).encrypt(msg + ''.join(['\x04' for i in range(AES.block_size - (len(msg) % AES.block_size      ))]) if len(msg) % AES.block_size != 0 else msg)
+
+def decrypt_and_parse(key, cipher):
+    return parse_string_to_dict(AES.new(key, AES.MODE_ECB).decrypt(cipher))
+
+def parse_string_to_dict(token):
+    return {entry.split('=')[0] : entry.split('=')[1] for entry in token.split('&')}
+
+def profile_for(email):
+    email_entry = "email=" + re.sub("[&|=]", '', email)
+    cipher =  encrypt(key, email_entry)
+    return decrypt_and_parse(key, cipher)
+
+encoded_user_profile = "michael770211@gmail.com&uid=10&role=admin"
+print profile_for(encoded_user_profile)