this challenge was a server that let us decrypt some messages and if we able to encrypt message and send it to the server and when server decrypt it find the word "EG-CERT." in the plain text then the server will send us the flag
"We must send message in this format "Decrypt:hexOfTheCipherText" "
How to Analysis the system
1- first I checked the M/C pair we have
M = Hello World C = 2a0854e64ff993e17f9dbc05c514cb32
it's one block for plain text and one block for cipher text, so if it's encryption it would be ECB and it will not be any mode with IV
"this claim was wrong, not because how the cipher works, but we had to do more analysis to figure out the mode of encryption"
2- maybe it's not encryption and it's just MAC and we will try to do length extension attack, I thought about that because the Cipher text was 128 bit
so I sent many hashes to the server and the server could decrypt some of them.
of course to garbage but it could decrypt some of them, so for sure it's not hash extension
i found that all the hashes that could be decrypted had an end "01" in hex
0x0A is just for new line
so i tough again about padding oracle
the server respond with server error usually, and plain text when it has an end 0x01
but how padding oracle and this mode is not CBC!!!
actually it was CBC and the IV was hard coded in the code and the server didn't send it with the pair we have, and this point was the main problem I faced HOW!!!!
so I said I will try padding Oracle on CBC, anyway I don't need IV to do Padding Oracle for Encryption
I needed to write my own code because Pad Puster works on web pages and all other tools I found online
this is the code snippet
if you don't understand Padding Oracle in Encryption Review those 2 Links
