1 #![feature(macro_rules)]
4 extern crate serialize
;
9 use end_point
::{ Client
, Server
};
17 const PORT
: u16 = 4221;
19 fn do_oracle_attack(address
: &str, variant
: packet
::Variant
) {
20 // 16 bytes encrypted data from 'Packet::random_packet_data([4])'.
21 let cipher_block
= [191, 192, 149, 84, 202, 163, 109, 230, 173, 249, 170, 248, 83, 60, 228, 111]; // Known by the attacker.
22 let xor_operand
= [213, 29, 217, 187, 93, 103, 76, 129, 233, 142, 98, 83, 69, 50, 97, 91]; // This is the IV or the previous 16 bytes cipherblock. In our case we took the previous block.
23 let expected_plain_block
= [242, 93, 12, 22, 8, 164, 4, 77, 200, 120, 189, 71, 75, 189, 2, 2]; // To be found by the attacker.
25 /* Another sample with an IV instead of a previous block.
26 let cipher_block: [u8, ..16] = [254, 9, 228, 149, 60, 42, 165, 34, 233, 75, 112, 57, 37, 9, 116, 103];
27 let xor_operand: [u8, ..16] = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3]; IV.
28 let expected_plain_block: [u8, ..16] = [44, 92, 31, 98, 220, 84, 226, 53, 58, 94, 45, 25, 242, 6, 199, 1];
31 match oracle_machine
::decipher(address
, PORT
, &xor_operand
, &cipher_block
, variant
) {
32 Some(ref deciphered
) if deciphered
.as_slice() == expected_plain_block
=> {
33 println!("The oracle machine has found the plain block!:");
34 println!(" Expected block: {}", expected_plain_block
.to_vec());
35 println!(" Decrypted block: {}", deciphered
)
38 println!("The oracle machine hasn't found the plain block: {}", other
),
40 println!("The oracle machine hasn't found the plain block"),
46 r
"{} [genkey | tests | oracle-weak | oracle-fixed]
47 genkey: Generate a 256 bits key
48 tests: launch some tests between a client and a weak server
49 oracle-weak: launch a padding oracle attack against a weak server
50 oracle-fixed: launch a padding oracle attack against a fixed server",
65 let args
= os
::args();
67 if args
.iter().any(|a
| a
.as_slice() == "--help" || a
.as_slice() == "-h") {
74 match args
[1].as_slice() {
75 "genkey" => Mode
::GenKey
,
76 "tests" => Mode
::Tests
,
77 "oracle-weak" => Mode
::OracleWeak
,
78 "oracle-fixed" => Mode
::OracleFixed
,
79 _
=> Mode
::ServerAlone
,
88 Mode
::Help
=> print_usage(),
90 match crypto
::generate_key(256 / 8) {
91 Ok(key
) => println!("key: {}", key
),
92 Err(e
) => println!("Unable to generate a key. Error: {}", e
)
96 println!("Starting server on [{}]:{}...", address
, PORT
);
98 match Server
::new(address
, PORT
, match mode
{ Mode
::OracleFixed
=> packet
::Variant
::Fixed
, _
=> packet
::Variant
::Weak
}) {
100 println!("Server started");
103 Mode
::Tests
=> Client
::start_tests(address
, PORT
, packet
::Variant
::Weak
),
104 Mode
::OracleWeak
=> do_oracle_attack(address
, packet
::Variant
::Weak
),
105 Mode
::OracleFixed
=> do_oracle_attack(address
, packet
::Variant
::Fixed
),
107 println!("Press any key to quit");
108 io
::stdin().read_line().ok().expect("Failed to read line");
112 server
.close().ok().expect("Failed to close the server");
115 println!("Unable to create a new server. Error: {}", e
)