A CTF suite in progress.

Run these commands in bash to setup a virtual enviroment and install the neccessary requirements.

python3 -m venv exploit-env source exploit-env/bin/activate pip install -r requirements.txt deactivate 

All commands can be run without the virtual enviorment activated and from anywhere. This is due to the shebang.

#!/usr/bin/perl -e$_=$ARGV[0];exec(s{\w+$}{../exploit-env/bin/python3}r,@ARGV) 

The enviroment is selected relative to the script being called - so be sure to create your enviroment in the exploit (top level) folder. However if you are not on linux you may have to take a more traditional approach.

This attack is useful for the decryption and encryption of urls that exhibit a padding error due to the encryption operating in CBC mode and a clear response difference when padding is correct and when it is not (in this case status code and response length is the differentiator).

This method of attack was implemented from this post on the GDS blog and inspired by the padBuster software.

This implementation has the advantage of running the requests concurrently vastly improving performance.

./padding-oracle/pad_breaker http://path_to_attack_vector/?post= 'encrypted_part_of_URL' block_size 

./padding-oracle/pad_encrypter http://path_to_attack_vector/?post= 'encrypted_part_of_URL' block_size 'message_that_you_want_to_encrypt'