Class: Analyzers::PaddingOracle::Analyzer

Inherits:

Object

Object
Analyzers::PaddingOracle::Analyzer

show all

Defined in:: lib/crypto-toolbox/analyzers/padding_oracle/analyzer.rb

Defined Under Namespace

Classes: FailedAnalysis

Instance Attribute Summary collapse

#result ⇒ Object readonly

Returns the value of attribute result.

Instance Method Summary collapse

#analyze(cipher) ⇒ Object

start with the second to last block to manipulate the final block ( cbc xor behaviour ) from there on we move to the left until we have used the first block (iv) to decrypt the second blick ( first plain text block ).
#initialize(oracle_class = ::Analyzers::PaddingOracle::Oracles::TcpOracle) ⇒ Analyzer constructor

A new instance of Analyzer.

Constructor Details

#initialize(oracle_class = ::Analyzers::PaddingOracle::Oracles::TcpOracle) ⇒ `Analyzer`

Returns a new instance of Analyzer.

# File 'lib/crypto-toolbox/analyzers/padding_oracle/analyzer.rb', line 13

def initialize(oracle_class = ::Analyzers::PaddingOracle::Oracles::TcpOracle)
  @result      = [ ]
  @oracle      = oracle_class.new
end

Instance Attribute Details

#result ⇒ `Object` (readonly)

Returns the value of attribute result.



10
11
12

# File 'lib/crypto-toolbox/analyzers/padding_oracle/analyzer.rb', line 10

def result
  @result
end

Instance Method Details

#analyze(cipher) ⇒ `Object`

start with the second to last block to manipulate the final block ( cbc xor behaviour ) from there on we move to the left until we have used the first block (iv) to decrypt the second blick ( first plain text block )

we have to manipulate the block before the one we want to change xxxxxxxxx xxxxxxxxx xxxxxxxxxx changing this byte ^- will change ^- this byte at decryption

# File 'lib/crypto-toolbox/analyzers/padding_oracle/analyzer.rb', line 25

def analyze(cipher)
  blocks = CryptBuffer.from_hex(cipher).chunks_of(16)
  
  (blocks.length - 1).downto(1) do |block_index|
    result_part = []
    # manipulate each byte of the 16 byte block
    1.upto(blocks[block_index -1 ].length) do |pad_index|
      @oracle.connect
      
      jot("processing byte #{pad_index} in block: #{block_index - 1} => #{block_index}",debug: true)
      byte = read_byte(pad_index,result_part,blocks,block_index)
      result_part.unshift byte
      
      @oracle.disconnect
    end
    result.unshift result_part
  end
  jot(CryptBuffer(result.flatten).chars.inspect,debug: false)
  jot("stripping padding!",debug: true)
  jot(CryptBuffer(result.flatten).strip_padding.str,debug: false)
end