completed set 2 challenge 13

1 files changed, 53 insertions, 0 deletions

diff --git a/set2/task13.c b/set2/task13.c
new file mode 100644
index 0000000..3b4a7ef
--- /dev/null
+++ b/set2/task13.c
@@ -0,0 +1,53 @@
+#include "../lib/lib2.h"
+#include "../lib/lib.h"
+
+
+/**
+  * One can request profiles by calling the function profile_for.
+  * This function ensures, that all created profiles are user profiles
+  * Since the profiles are encrypted and only the other side knows the
+  * key one cannot change the profile normally.
+  *
+  * But by making to special requst and combine them one can get a profile
+  * with the role admin (since it is encrypted with ECB mode)
+  *
+  * First Request: 
+  * Create a profile such that one blocks ends with role=
+  * Create profile for bobi@test.com results in:
+  *	email=bobi@test.com&uid=10&role=user
+  * Encrypted this results in three blocks
+  * The first encrypted block ist:
+  *	email=bobi@test.
+  * The sencond is:
+  *	com&uid=10&role=
+  * The third is not interesting for us
+  *
+  * Second Request:
+  * Create a profile such that a block start with admin. Combine it with
+  * the block which ends with role= concat them an we are admin!
+  * Create profile for bobi@test.admin
+  * First block is agian:
+  *	email?bpbo@test.
+  * Second block is:
+  *	admin&uid=10&rol
+  *
+  * When using a strict paser he maybe would not accept the string
+  * because of the second role=user
+  *
+  */
+
+int main(int argc, char **argv)
+{
+	// initialize key
+	generate_random_bytes(key, 16);
+	
+	char *encrypted_user1 = profile_for("bobi@test.com");
+	char *encrypted_user2 = profile_for("bobi@test.admin");
+	char admin_user[50];
+	// create new user from the two above
+	memcpy(admin_user, encrypted_user1, 32);
+	memcpy(&admin_user[32], &encrypted_user2[16], 16);
+
+	// send new user to server
+	send_user(admin_user, 48);
+}