-
Notifications
You must be signed in to change notification settings - Fork 24
/
Copy pathecb_oracle.py
42 lines (34 loc) · 1.05 KB
/
ecb_oracle.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
#!/usr/bin/env python3
from Crypto.Cipher import AES
import requests
import time
import string
def encrypt(payload):
url = "http://aes.cryptohack.org/ecb_oracle/encrypt/"
r = requests.get(url + payload + '/')
return r.json()['ciphertext']
def print_blk(hex_blks, sz):
for i in range(0, len(hex_blks), sz):
print(hex_blks[i:i+sz], ' ', end='')
print()
def bruteforce():
flag = ''
total = 32 - 1
alphabet = '_'+'@'+'{'+'}'+string.digits+string.ascii_lowercase+string.ascii_uppercase
while True:
payload = '1' * (total-len(flag))
expected = encrypt(payload.encode().hex())
print('E', '', end='')
print_blk(expected, 32)
for c in alphabet:
res = encrypt(bytes.hex((payload + flag + c).encode()))
print(c, '', end='')
print_blk(res, 32)
if res[32:64] == expected[32:64]:
flag += c
print(flag)
break
time.sleep(1)
if flag.endswith('}'): break
print(flag)
bruteforce()