diff --git a/src/main.rs b/src/main.rs index 9e1d86b..88442d6 100644 --- a/src/main.rs +++ b/src/main.rs @@ -15,9 +15,9 @@ fn main() { // set1::challenge6(); // set1::challenge7(); // set1::challenge8(); - // set2::challenge9(); - // set2::challenge10(); - // set2::challenge11(); - // set2::challenge12(); + set2::challenge9(); + set2::challenge10(); + set2::challenge11(); + set2::challenge12(); set2::challenge13(); } diff --git a/src/set2.rs b/src/set2.rs index ce646db..ae9b19d 100644 --- a/src/set2.rs +++ b/src/set2.rs @@ -216,9 +216,43 @@ pub fn challenge13() { parser::parse_key_value(&c.to_utf8()) } + fn attack(key: &Bytes) -> Bytes { + // Using only the user input to profile_for() (as an oracle to generate + // "valid" ciphertexts) and the ciphertexts themselves, make a + // role=admin profile. + // (FelixM) I assume ECB and block_size = 16; we could figure + // it out easily my adding enough 'a' to the email + let mut r = vec![]; + + // ________________________________ + // 0..34..78..bc..f0..34..78..bc..f0..34..78..bc..f + // email=aaaaa@a.com&uid=1337&role=user + let p = profile_for("aaaaa@a.com", &key); + r.append(&mut p.0[0..32].to_vec()); + + // ---------------- + // 0..34..78..bc..f0..34..78..bc..f0..34..78..bc..f + // email=aaaaaaa@a.admin&uid=1337&role=user + let p = profile_for("aaaaaaa@a.admin", &key); + r.append(&mut p.0[16..32].to_vec()); + + // ---------------- + // 0..34..78..bc..f0..34..78..bc..f0..34..78..bc..f + // email=aaaaaaaa@a.admin&uid=1337&role=user + let p = profile_for("aaaaaaaa@a.admin", &key); + r.append(&mut p.0[32..48].to_vec()); + + Bytes(r) + } + let key = Bytes::random(16); // consistent but unknown key - let profile = profile_for("omgitsme@gmail.com", &key); + let profile = attack(&key); let dict = decrypt(&key, &profile); - println!("{:?}", dict); - println!("[xxxx] Challenge 13: TBD"); + let role = dict.get("role").unwrap(); + assert_eq!(role, "admin"); + println!("[done] Challenge 13: role={}", role); +} + +pub fn challenge14() { + println!("[xxxx] Challenge 14:"); }