cbc_bitflipping_attacks.py - cryptopals - <a href="https://cryptopals.com/">https://cryptopals.com/</a>

cbc_bitflipping_attacks.py (953B)

      1 import re
      2 from Crypto.Cipher import AES
      3 from Crypto import Random
      4 
      5 key = Random.new().read(AES.block_size)
      6 iv  = Random.new().read(AES.block_size)
      7 
      8 def encrypt(msg):
      9     pad_len = AES.block_size - (len(msg) % AES.block_size)
     10     return AES.new(key, AES.MODE_CBC, iv).encrypt(msg + ''.join([chr(pad_len) for x in range(pad_len)]))
     11 
     12 def decrypt_and_parse(cipher):
     13     return ";admin=true;" in AES.new(key, AES.MODE_CBC, iv).decrypt(cipher)
     14 
     15 def encryption_oracle(m):
     16     return encrypt("comment1=cooking%20MCs;userdata=" + re.sub("[;|=]", '', m) + ";comment2=%20like%20a%20pound%20of%20bacon")
     17 
     18 plaintext = "hello-admin-truehello-admin-true"
     19 ciphertext = list(encryption_oracle(plaintext))
     20 
     21 ciphertext[(2 * AES.block_size) + 5] = chr(ord('-') ^ ord(';') ^ ord(ciphertext[(2 * AES.block_size) + 5]))
     22 ciphertext[(2 * AES.block_size) + 11] = chr(ord('-') ^ ord('=') ^ ord(ciphertext[(2 * AES.block_size) + 11]))
     23 
     24 print decrypt_and_parse(''.join(ciphertext))