# Documentation of the Training Source-Code

This project is written in python. The Framework _flask_ is used for the web application. The following part will describe how the code is structred.

## main.py

This file contains the basic server functionality of the application.
Every resource and the requests to this resource is handled in this file

Available resources are:

```
/ # or /dashboard to access the challange description
```

```
/po1 # First Challange - simple CBC Challange where the attacker must decrypt the cookie via a simple CBC Padding Oracle
```

```
/po2 # Second Challange - more advanced CBC Challange where the attacker must decrypt the cookie and then change some values.
```

```
/po3 # Third Challange - First RSA Padding Oracle Attack, implements a PKCS #1 v1.5 cookie encryption
```

```
/po4 # Fourth Challange - Timing is everything... CBC Padding Oracle Attack via Timing Side Channel. Timing is increased using sleep() to simplify the attack.
```


## crypto.py

This file implements every cryptographic function used for the challanges.