-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathc26.py
36 lines (30 loc) · 1.15 KB
/
c26.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
from pals import utils
from Crypto import Random
rand_key = Random.get_random_bytes(16)
nonce = Random.get_random_bytes(8)
prefix = b'comment1=cooking%20MCs;userdata='
suffix = b';comment2=%20like%20a%20pound%20of%20bacon'
#setup
def black_box(user_input):
user_input = user_input.replace(b'=', b'')
user_input = user_input.replace(b';', b'')
return parse(prefix+user_input+suffix)
def parse(cookie):
return utils.ctr(cookie, rand_key, nonce)
#1 pass in zero bytes so we just get the 'key' (encrypted nonce+ctr) back
cookie = bytearray(black_box(b'fooba\x00admin\x00true')) #37, #43 are the XXX characters
#2 swap out the special bytes with what will xor to our target bytes
cookie[37] ^= ord(';')
cookie[43] ^= ord('=')
#3 send it back in to be turned into plaintext
cookie = parse(cookie)
#4 check admin token
print("admin:", b"admin=true" in cookie)
print("cookie:", cookie)
'''
CTR bitflipping
There are people in the world that believe that CTR resists bit flipping
attacks of the kind to which CBC mode is susceptible.
Re-implement the CBC bitflipping exercise from earlier to use CTR mode
instead of CBC mode. Inject an "admin=true" token.
'''