module Matasano::Sets::Set2
Public Instance Methods
solve10(key,input,iv)
click to toggle source
# File lib/crypto-toolbox/matasano/sets/set2.rb, line 9 def solve10(key,input,iv) data = CryptBuffer.from_base64(input).str Ciphers::Aes.new.decipher_cbc(key,data,iv: iv).str end
solve11(oracle,plaintext)
click to toggle source
# File lib/crypto-toolbox/matasano/sets/set2.rb, line 14 def solve11(oracle,plaintext) puts "see tests" end
solve12(oracle)
click to toggle source
# File lib/crypto-toolbox/matasano/sets/set2.rb, line 18 def solve12(oracle) Analyzers::EcbStringAppender.new(oracle).analyze end
solve13(key = SecureRandom.random_bytes(16) )
click to toggle source
# File lib/crypto-toolbox/matasano/sets/set2.rb, line 22 def solve13(key = SecureRandom.random_bytes(16) ) oracle = CryptoToolbox::Oracles::UserProfileEncryptionOracle.new(key) # blocks: # 1) email=[...]@xy. # 2) com&uid=10&role= # 3) (guest|admin)[...] block_size = 16 prefix = "email=" infix = "&uid=10&role=" email_suffix = "@xy.com" email_user_length = (2*block_size) - (prefix.length + infix.length + email_suffix.length) email_user = ("a".."z").to_a.sample(email_user_length).join email_address = email_user + email_suffix ciphertext = oracle.encrypted_profile_for(email_address) # take the first to blocks of the meassage to have a ciphertext of everything up until role= forgery_blocks,_ = ciphertext.to_crypt_buffer[0,2*block_size] # Construct a ciphertext containinig three blocks, where the last block # only contains admin...... where . is a valid padding: # 1: email=aaaaaaaaaa # 2: admin........... . = 0xb # 3: @whatever.com target_role = "admin" padding_length = (block_size - target_role.length()) malicious_username = "aaaaaaaaaa#{target_role}".to_crypt_buffer.pad(padding_length).str + email_suffix ciphertext2 = oracle.encrypted_profile_for(malicious_username) role_chunk = ciphertext2[block_size,block_size] oracle.decrypt_profile(forgery_blocks.str + role_chunk) end
solve14(oracle)
click to toggle source
# File lib/crypto-toolbox/matasano/sets/set2.rb, line 56 def solve14(oracle) Analyzers::EcbStringAppender.new(oracle).analyze end
solve15(input)
click to toggle source
# File lib/crypto-toolbox/matasano/sets/set2.rb, line 60 def solve15(input) CryptBuffer(input).strip_padding!.str end
solve16(oracle)
click to toggle source
# File lib/crypto-toolbox/matasano/sets/set2.rb, line 64 def solve16(oracle) analyzer = CryptoToolbox::Analyzers::CbcMutatingEncryption.new(oracle) analyzer.assemble_attack_message end
solve9(input)
click to toggle source
# File lib/crypto-toolbox/matasano/sets/set2.rb, line 5 def solve9(input) CryptBuffer(input).pad(4).str end