RubyGems - crypto-toolbox - Versions diffs - 0.1.6 → 0.1.7 - Mend

crypto-toolbox 0.1.6 → 0.1.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

checksums.yaml +4 -4
data/lib/crypto-toolbox/analyzers/padding_oracle/analyzer.rb +102 -0
data/lib/crypto-toolbox/analyzers/padding_oracle/oracles/http_oracle.rb +37 -0
data/lib/crypto-toolbox/analyzers/padding_oracle/oracles/tcp_oracle.rb +51 -0
data/lib/crypto-toolbox/analyzers/padding_oracle.rb +1 -0
metadata +6 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 90662f9ce9a68130e6aec3b0a54e6026489d07be
-  data.tar.gz: b58322bbce9f43e2bd7ae861768ebfaeb3a6ebec
+  metadata.gz: cb26fa406648e8e856c7aaf45c86b9c78b6cff6d
+  data.tar.gz: c9dcc5cd246e4547fd3e22c8be90725dd496aa08
 SHA512:
-  metadata.gz: d2786c46319239decdb33da755f9581d310a86538ef33f9f0a3dc22f683f4b8db27d098331a637edb58832ae8aa49e79d87558e136ee1a30f56804cd138c23c9
-  data.tar.gz: d3499d2c7e9ab1507bd125ece8892c85090995c76a1b3a6a6d06ce7172e8b39b198a5397bee1db14f4f7e83d99f93a49d432bdfae006bff317ccec4e537a516c
+  metadata.gz: 45e036a7da35bcead7b46b3036de35d73f0cb7642f4f6cc9a8edb316372b6304134b2a18babbad1bd044fc0d75d1572c64ccb18d52c2667bd10bb9a02056b493
+  data.tar.gz: 129d788d0a7139a2e2399c496cb83522ead7ff6c6f6c61530bb1c1576f7ec8f41277b7378e9ea5ae289c59db4563e35978cd47d372fb818ebf0227cae7efa597

data/lib/crypto-toolbox/analyzers/padding_oracle/analyzer.rb ADDED Viewed

@@ -0,0 +1,102 @@
+require 'crypto-toolbox/analyzers/padding_oracle/oracles/http_oracle.rb'
+require 'crypto-toolbox/analyzers/padding_oracle/oracles/tcp_oracle.rb'
+module Analyzers
+  module PaddingOracle
+    class Analyzer
+      class FailedAnalysis < RuntimeError; end
+      attr_reader :result
+      def initialize(oracle_class = ::Analyzers::PaddingOracle::Oracles::TcpOracle)
+        @result      = [ ]
+        @oracle      = oracle_class.new
+      end
+      def analyze(cipher)
+        blocks = CryptBuffer.from_hex(cipher).chunks_of(16)
+        # start with the second to last block to manipulate the final block ( cbc xor behaviour )
+        (blocks.length - 1).downto(1) do |block_index|
+          result_part = []
+          # manipulate each byte of the 16 byte block
+          1.upto(blocks[block_index -1 ].length) do |pad_index|
+            @oracle.connect
+            jot("processing byte #{pad_index} in block: #{block_index - 1} => #{block_index}",debug: true)
+            byte = read_byte(pad_index,result_part,blocks,block_index)
+            result_part.unshift byte
+            @oracle.disconnect
+          end
+          result.unshift result_part
+        end
+        jot(CryptBuffer(result.flatten).chars.inspect,debug: false)
+        jot("stripping padding!",debug: true)
+        jot(CryptBuffer(result.flatten).strip_padding.str,debug: false)
+      end
+      private
+      def jot(message, debug: false)
+        if debug == false || ENV["DEBUG_ANALYSIS"]
+          puts message
+        end
+      end
+      def apply_found_bytes(buf,cur_result,pad_index)
+        # first we have to apply all the already found bytes
+        # NOTE: to easily xor all already found byte and the current padding value
+        # We build up a byte-array with all the known values and "left-pad" them with zeros
+        other = ([0] * ( buf.length - cur_result.length)) + cur_result.map{|x| x ^ pad_index }
+        # => [0,0,0,...,cur[n] ^ pad_index,... ]
+        buf.xor(other)
+      end
+      def read_byte(pad_index,cur_result,blocks,block_index)
+        #iv, first, second, last
+        jot(cur_result.inspect,debug: true)
+        # create a copy to mess with without changing to current block
+        forge_buf = blocks[block_index - 1].dup
+        forge_buf = apply_found_bytes(forge_buf,cur_result,pad_index)
+        1.upto 256 do |guess|
+          bytes = forge_buf.bytes.dup
+          new_byte  = forge_buf[-1 * pad_index] ^ guess ^ pad_index
+          bytes[-1 * pad_index] = new_byte
+          oracle_blocks = blocks[0,block_index+1].map(&:bytes)
+          oracle_blocks[block_index -1 ] = bytes
+          input =  oracle_blocks.flatten
+          # skip the first correct guess on the first iteration of the first block
+          # otherwise the resulting ciphertext would eq the original input
+          #next if input == blocks.map(&:bytes).flatten
+          next if guess == pad_index && guess == 1 && block_index == 2
+          block_amount = block_index + 1
+          if @oracle.valid_padding?(input,block_amount)
+            return guess
+          end
+        end
+        raise FailedAnalysis, "No padding found... this should neve happen..."
+      end
+    end
+  end
+end

data/lib/crypto-toolbox/analyzers/padding_oracle/oracles/http_oracle.rb ADDED Viewed

@@ -0,0 +1,37 @@
+module Analyzers
+  module PaddingOracle
+    module Oracles
+      class HttpOracle
+        def initialize
+          require 'net/http'
+          @domain   = "crypto-class.appspot.com"
+          @uri_base = "/po?er="
+          @port     = 80
+        end
+        def connect
+          true
+        end
+        def disconnect
+          true
+        end
+        def valid_padding?(input,block_amount)
+          uri = @uri_base + input.hex
+          Net::HTTP.start(@domain,@port) do |http|
+            res   = http.request(Net::HTTP::Get.new(uri))
+            code  = res.code.to_i
+            sleep 0.001
+            #   -> howto check this ? (block_index == 3 && pad_index == 9 && code == 200 )
+            (code == 404 || code == 200)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/crypto-toolbox/analyzers/padding_oracle/oracles/tcp_oracle.rb ADDED Viewed

@@ -0,0 +1,51 @@
+#!/usr/bin/env ruby
+require 'crypto-toolbox'
+module Analyzers
+  module PaddingOracle
+    module Oracles
+      class TcpOracle
+        def initialize
+          require "socket"
+          require_relative "./tcp_oracle.rb"
+          @hostname  = '54.165.60.84'
+          @port      = 80
+          @socket    = nil
+        end
+        def connect
+          @socket = TCPSocket.open(@hostname,@port)
+        end
+        def disconnect
+          if @socket
+            @socket.close
+          end
+        end
+        def valid_padding?(input,block_amount)
+          ret = send_msg(input, block_amount)
+          !ret.zero?
+        end
+        private
+        def send_msg(input,block_amount)
+          connect unless connected?
+          msg = ([block_amount] + input + [0]).map(&:chr)
+          @socket.write(msg.join(""))
+          @socket.read(2).to_i
+        end
+        def connected?
+          !!@socket
+        end
+      end
+    end
+  end
+end

data/lib/crypto-toolbox/analyzers/padding_oracle.rb ADDED Viewed

	@@ -0,0 +1 @@
1	+ require 'crypto-toolbox/analyzers/padding_oracle/analyzer.rb'

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: crypto-toolbox
 version: !ruby/object:Gem::Version
-  version: 0.1.6
+  version: 0.1.7
 platform: ruby
 authors:
 - Dennis Sivia
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2015-04-20 00:00:00.000000000 Z
+date: 2015-04-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aes
@@ -48,6 +48,10 @@ extra_rdoc_files: []
 files:
 - bin/break-vigenere-xor
 - lib/crypto-toolbox.rb
+- lib/crypto-toolbox/analyzers/padding_oracle.rb
+- lib/crypto-toolbox/analyzers/padding_oracle/analyzer.rb
+- lib/crypto-toolbox/analyzers/padding_oracle/oracles/http_oracle.rb
+- lib/crypto-toolbox/analyzers/padding_oracle/oracles/tcp_oracle.rb
 - lib/crypto-toolbox/analyzers/vigenere_xor.rb
 - lib/crypto-toolbox/ciphers/caesar.rb
 - lib/crypto-toolbox/ciphers/rot13.rb