class CryptoToolbox::Analyzers::CbcMutatingEncryption

Attributes

oracle[R]

Public Class Methods

new(oracle) click to toggle source
# File lib/crypto-toolbox/analyzers/cbc_mutating_encryption.rb, line 5
def initialize(oracle)
  @oracle = oracle
end

Public Instance Methods

assemble_attack_message() click to toggle source
# File lib/crypto-toolbox/analyzers/cbc_mutating_encryption.rb, line 9
def assemble_attack_message
  # we are lazy thus we use 0 as a byte which is neutral to xor,
  # thus we dont have to cancel it before adding admin=true.
  input = "\0" * 32
  blocks = @oracle.encrypted_message_for(input).chunks_of(16)
  fake   = blocks[2].xor(";admin=true;",expand_input: false )
  blocks[2] = fake
  ciphertext = blocks.map(&:str).join
end