-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathITS_HA2_2A.py
82 lines (49 loc) · 2.83 KB
/
ITS_HA2_2A.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
#28 b4 3e 63 17 c3 a1 5d f5 09 68 26 50 4f dc a9 f2 1c a9 c3 e5 5e 89 1c ae 72 aa 1e 75 a9 07 46 2f dc 24 d0 be 21 b4 71 a1 2f 29 c8 13 a5 7f 41 cc 94 6b e4 1b 66 ad 10 4b 16 0f 23 06 46 dd db
#4 blocks
#1: 28 b4 3e 63 17 c3 a1 5d f5 09 68 26 50 4f dc a9
#2: f2 1c a9 c3 e5 5e 89 1c ae 72 aa 1e 75 a9 07 46
#3: 2f dc 24 d0 be 21 b4 71 a1 2f 29 c8 13 a5 7f 41
#4: cc 94 6b e4 1b 66 ad 10 4b 16 0f 23 06 46 dd db
import base64
import os
import subprocess
def decrypt_block(block_no):
for byte_no in range(16): #go through every byte
c1fake = bytearray(os.urandom(16)) #gen random bytearray
for j in range(byte_no): #calc c1fake for valid padding
c1fake[-(j+1)] = i2[-(j+1)] ^ byte_no+1 #c'1[16] ^ i2 = 02
for test_hex in range(256): #find byte for correct padding
c2 = blocks[block_no] #block to be decrypted
testbyte = test_hex #generated byte in hex
c1fake[-(byte_no+1)] = testbyte #insert test byte in fake c1 block
c1fake_c2 = bytes(c1fake) + bytes(c2) #merge blocks
c1fake_c2_b64 = base64.b64encode(c1fake_c2) #base64 encode bytestring
c1fake_c2_b64_str = c1fake_c2_b64.decode('utf-8') #convert to string
c1fake_c2_b64_str_urlsafe = c1fake_c2_b64_str.replace('=', '%3D') #make url safe
c1fake_c2_b64_str_urlsafe = c1fake_c2_b64_str_urlsafe.replace('+', '%2B')
c1fake_c2_b64_str_urlsafe = c1fake_c2_b64_str_urlsafe.replace('/', '%2F')
url = 'http://gruenau5.informatik.hu-berlin.de:8888/store_secret/'+c1fake_c2_b64_str_urlsafe #build url
command = subprocess.Popen(["curl","--silent",url], stdout = subprocess.PIPE)
answer = command.communicate()
if answer[0] == 'Secret succesfully received': #if padding is right
break
c1 = blocks[block_no-1] #get real c1 block
i2[-(byte_no+1)] = testbyte ^ byte_no+1 #calc intermediate state i2
p2[-(byte_no+1)] = c1[-(byte_no+1)] ^ i2[-(byte_no+1)] #calc plaintext p2
return(p2) #return plaintext
if __name__ == "__main__":
cipher = "KLQ+YxfDoV31CWgmUE/cqfIcqcPlXokcrnKqHnWpB0Yv3CTQviG0caEvKcgTpX9BzJRr5BtmrRBLFg8jBkbd2w==" #cipher
cipher_hex = base64.b64decode(cipher) #base64 decode cipher
testbyte = 0
size = 16
block1 = bytearray(cipher_hex[:16]) #partition cipher in blocks
block2 = bytearray(cipher_hex[16:32])
block3 = bytearray(cipher_hex[32:48])
block4 = bytearray(cipher_hex[48:])
blocks = [block1,block2,block3,block4]
message = ""
for i in range(1,4):
p2 = bytearray(size)
i2 = bytearray(size)
message = message+decrypt_block(i) #decrypt blocks 2 to 4 (block 1 is IV)
print(message+"\n")