Domovská stránka Prehľadávať Pomoc
Prihlásiť sa
msc
/
PaddingOracles
1
0
Fork 0
Súbory Issues 0 Pull requesty 0 Wiki
Strom: b40543da0e
Branche Tagy
PaddingOracles
/
lab
/
cookie_handler.py

cookie_handler.py 2.8 KB
História Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788 
  1. from crypt import *
    2. 

  2. from base64 import b64encode,b64decode
    3. 

  3. from config import *
    4. 

  4. from time import sleep
    5. 

  5. import urllib
    6. 

  6. from flask import render_template
    7. 

  7. 

  8. 

  9. secret_msg =  {
    10. 

  10.         1337:"Welcome Back Administrator, Secret Key: %s" % (FLAGS['po2']),
    11. 

  11.         1000:"Superb!"
    12. 

  12. }
    13. 

  13. 

  14. def validate_cookie_po1(cookie):
    15. 

  15.     print("validating cookie: %s" % cookie)
    16. 

  16.     msg = decrypt(b64decode(cookie))
    17. 

  17.     if msg == False:
    18. 

  18.         return '{"Error":"PaddingError"}'
    19. 

  19.     else:
    20. 

  20.         print('Debug: decryped cookie: %s' % msg)
    21. 

  21. 

  22.         username,pwhash,ar,flag = msg.split(':')
    23. 

  23.         ar = int(ar)
    24. 

  24. 

  25.         for user in app_users:
    26. 

  26.             if user.username == username and user.pwhash == pwhash:
    27. 

  27.                 # the cookie got a valid username and password
    28. 

  28.                 return render_template("welcome_ch1.html", username=username, rights=ar, secret=secret_msg.get(ar, "--- no message for you ---"))
    29. 

  29.         else:
    30. 

  30.             return "<h5>An Error occured.</h5>"
    31. 

  31. 

  32. 

  33. def validate_cookie_po2(cookie):
    34. 

  34.     print("validating cookie: %s" % cookie)
    35. 

  35.     msg = decrypt(b64decode(cookie))
    36. 

  36.     if msg == False:
    37. 

  37.         return '{"Error":"PaddingError"}'
    38. 

  38.     else:
    39. 

  39.         print('Debug: decryped cookie: %s' % msg)
    40. 

  40. 

  41.         username,pwhash,ar,flag = msg.split(':')
    42. 

  42.         ar = int(ar)
    43. 

  43. 

  44.         for user in app_users:
    45. 

  45.             if user.username == username and user.pwhash == pwhash:
    46. 

  46.                 # the cookie got a valid username and password
    47. 

  47.                 return render_template("welcome_ch2.html", username=username, rights=ar, secret=secret_msg.get(ar, "--- no message for you ---"))
    48. 

  48.         else:
    49. 

  49.             return "<h5>An Error occured.</h5>"
    50. 

  50. 

  51. def validate_cookie_po3(cookie):
    52. 

  52.     msg = decrypt(b64decode(cookie))
    53. 

  53.     if msg == False:
    54. 

  54.         # just pretend to have a longer timing
    55. 

  55.         sleep(1)
    56. 

  56.         return ''
    57. 

  57.     else:
    58. 

  58.         print('Debug: decryped cookie: %s' % msg)
    59. 

  59.         username,pwhash,ar,flag = msg.split(':')
    60. 

  60.         ar = int(ar)
    61. 

  61. 

  62.         for user in app_users:
    63. 

  63.             if user.username == username and user.pwhash == pwhash:
    64. 

  64.                 # the cookie got a valid username and password
    65. 

  65.                 return render_template("welcome_ch3.html", username=username, rights=ar, secret=secret_msg.get(ar, "--- no message for you ---"))
    66. 

  66.         else:
    67. 

  67.             return "<h5>An Error occured.</h5>"
    68. 

  68. 

  69. def validate_cookie_po4(cookie):
    70. 

  70.     pass
    71. 

  71. 

  72. def create_cookie_po1(user_obj):
    73. 

  73.     print('Debug: user_obj: %s' %user_obj)
    74. 

  74.     user_obj.flag = FLAGS['po1']
    75. 

  75. 

  76.     cookie = b64encode(encr(str(user_obj)))
    77. 

  77.     return cookie
    78. 

  78. def create_cookie_po2(user_obj):
    79. 

  79.     print('Debug: user_obj: %s' %user_obj)
    80. 

  80.     user_obj.flag = "P{Its-not-that-easy!;)}"
    81. 

  81.     cookie = b64encode(encr(str(user_obj)))
    82. 

  82.     return cookie
    83. 

  83. 

  84. def create_cookie_po3(user_obj):
    85. 

  85.     print('Debug: user_obj: %s' %user_obj)
    86. 

  86.     user_obj.flag = FLAGS['po3']
    87. 

  87.     cookie = b64encode(encr(str(user_obj)))
    88. 

  88.     return cookie
    89.