1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
|
#include "../lib/lib2.h"
#include "../lib/lib.h"
/**
* produces an identical bit error in the following block
* this means: we can control the whole content of the following
* block, when the counterpart decrpyts it
* If there is a 0 in the second block and we want a 1, then flip
* the bit in the prior block at the same position
* If there is a 0 and we want a null, than do nothing
* For one respectivally.
*
* Since ; and = are escaped we need charecters so that with one flip
* we can get ; and =.
* for ; use : in the plaintext. in the ciphtertext we need to flip the
* last bit of : and the resulting plaintext get ;
* for = we use <. we also need to flip the last bit
*
* so out plaintext we give the orcale function is :admin<true:
*
*
*
*/
int main(int argc, char **argv)
{
// initialize key
generate_random_bytes(key, 16);
memset(iv, 0, 16);
//generate_random_bytes(iv, 16);
char *encrypted;
// one block of our input
int length = challenge16_encrypt(":admin<true:", &encrypted, 1);
printf("first the unchanged string:\n");
challenge16_decrypt(encrypted, length, 1);
/**
* change ciphertext here
* we now that our text start a the third block, because the
* challenge16_encrypt function prepends a string
* we need to flip three bits, the 8th bit, 56th bit and the
* 96th bit
*/
encrypted[32-16] ^= 0x01;
encrypted[38-16] ^= 0x01;
encrypted[43-16] ^= 0x01;
printf("now the changed string:\n");
challenge16_decrypt(encrypted, length, 1);
}
|
