few minor updates

kojenov · kojenov · commit a2e53a325898 · 2020-05-21T13:33:25.000-07:00
diff --git a/2 - stream key reuse/README.md b/2 - stream key reuse/README.md
@@ -9,17 +9,17 @@ head -c 21 /dev/zero | ./encrypt.py "Super secret key" > cipher2
 ```
 ./encryptimage.py alexei.png smile.png
 ```
-Then open in GIMP and layer difference
+Then open the resulting images in Krita and XOR layers (In GIMP, you can use layer difference but it's not quite the same)
 
+You can also use a coomand line tool:
 `sudo apt install gmic`
 
 https://stackoverflow.com/a/40049271
 ```
-gmic alexei-encrypted.png smile-encrypted.png -blend xor -o xor1.png
-gmic alexei-encrypted.png smile-encrypted.png smile.png -blend xor -o xor2.png
+gmic alexei-enc.png smile-enc.png -blend xor -o xor1.png
+gmic alexei-enc.png smile-enc.png smile.png -blend xor -o xor2.png
 ```
 
-
 Images:
 
 - https://www.publicdomainpictures.net/en/view-image.php?image=128827&picture=clip-art-smiley-face
diff --git a/4 - key as IV/README.md b/4 - key as IV/README.md
@@ -21,13 +21,12 @@ pip install pycryptodome
 
 Run the application
 ```
-export FLASK_APP=server.py
-flask run
+FLASK_RUN_PORT=5004 FLASK_APP=server.py flask run
 ```
 
 ## Use the application
 
-Navigate to http://localhost:5000, start browser developer tools, and examine the session cookie
+Navigate to http://localhost:5004, start browser developer tools, and examine the session cookie
 
 
 ## Break the session cookie encryption key
diff --git a/5 - padding oracle/README.md b/5 - padding oracle/README.md
@@ -21,22 +21,21 @@ pip install pycryptodome
 
 Run the application
 ```
-export FLASK_APP=server.py
-flask run
+FLASK_RUN_PORT=5005 FLASK_APP=server.py flask run
 ```
 
 ## Use the application
 
-Navigate to http://localhost:5000 and see what's going on
+Navigate to http://localhost:5005 and see what's going on
 
 
 ## Padding oracle attack
 
 See what the app tells you. Then try to go the URL with a valid message and with an invalid one, e.g.
 
-http://localhost:5000/send?msg=deadbeef
+http://localhost:5005/send?msg=deadbeef
 
-http://localhost:5000/send?msg=296729c7564ad3198f686f24850a16647d2a269a96d21148c1be75f45768a809396db14ddb0dc6ae1f6ee9ebe49eb49e
+http://localhost:5005/send?msg=296729c7564ad3198f686f24850a16647d2a269a96d21148c1be75f45768a809396db14ddb0dc6ae1f6ee9ebe49eb49e
 
 (your ciphertext will be different!)
 
@@ -45,5 +44,5 @@ Notice the app returns different code depending on the validity.
 Now run the exploit (your ciphertext will be different)
 
 ```
-$ ./exploit.py http://localhost:5000/send?msg=36289eda81e4895db64c84bae1468eb21b122cebcaf1b0d81232a496d77a3238df444a038398693869ac3c598b434c59
+$ ./exploit.py http://localhost:5005/send?msg=36289eda81e4895db64c84bae1468eb21b122cebcaf1b0d81232a496d77a3238df444a038398693869ac3c598b434c59
 ```
diff --git a/5 - padding oracle/server/templates/index.html b/5 - padding oracle/server/templates/index.html
@@ -1,9 +1,9 @@
 <html>
 <head><title>Padding oracle</title></head>
 <body>
+  <p>Hello human!</p>
   <p>Send me an encrypted message using <a href="send?msg=">http://{{host}}/send?msg=</a></p>
-  <p>for example:<br/>
-  <a href="send?msg={{msg}}">http://{{host}}/send?msg={{msg}}</a><br/>
-  (you can't decrypt since you don't have the key, loser)</p>
+  <p>for example: <a href="send?msg={{msg}}">http://{{host}}/send?msg={{msg}}</a></p>
+  <p><em>Note: only I can decrypt the message (you don't have the key!)</em></p>
 </body>
 </html>
diff --git a/5 - padding oracle/server/templates/send.html b/5 - padding oracle/server/templates/send.html
@@ -1,6 +1,6 @@
 <html>
 <head><title>Thank you</title></head>
 <body>
-  <p>Thank you for your message! We'll get back to you soon.</p>
+  <p>Thank you for your message! I'll get back to you soon.</p>
 </body>
 </html>
diff --git a/6 - stream integrity/README.md b/6 - stream integrity/README.md
@@ -21,13 +21,12 @@ pip install pycryptodome
 
 Run the application
 ```
-export FLASK_APP=server.py
-flask run
+FLASK_RUN_PORT=5006 FLASK_APP=server.py flask run
 ```
 
 ## Use the application
 
-Navigate to http://localhost:5000, start browser developer tools, and examine the session cookie
+Navigate to http://localhost:5006, start browser developer tools, and examine the session cookie
 
 
 ## Bit flipping attack
@@ -56,9 +55,9 @@ Putting everything together:
 
 
 ```
-$ ./flip.py 'j/3zPw9KCchD8ofdX/EaH8BNQuPhWG0x/IG3mZa67rA17FAMygLR' '{"user": "guest", "date": "2020-01-29"}' '{"user": "admin"}'
+$ ./flip.py '9G/ySV3Ry9E=.j/3zPw9KCchD8ofdX/EaH8BNQuPhWG0x/IG3mZa67rA17FAMygLR' '{"user": "guest", "date": "2020-01-29"}' '{"user": "admin"}'
 
-j/3zPw9KCchD8oHMV+sAH5E=
+9G/ySV3Ry9E=.j/3zPw9KCchD8oHMV+sAH5E=
 ```
 
 Now, replace the encrypted part with the new value in the session cookie, refresh the page and behold the admin session!
diff --git a/7 - block integrity/README.md b/7 - block integrity/README.md
@@ -21,13 +21,12 @@ pip install pycryptodome
 
 Run the application
 ```
-export FLASK_APP=server.py
-flask run
+FLASK_RUN_PORT=5007 FLASK_APP=server.py flask run
 ```
 
 ## Use the application
 
-Navigate to http://localhost:5000, start browser developer tools, and examine the session cookie
+Navigate to http://localhost:5007, start browser developer tools, and examine the session cookie
 
 
 ## Bit flipping attack
diff --git a/README.md b/README.md
@@ -1,8 +1,6 @@
 # Offensive Help: Crypto Mistakes ON demand! (OH C'MON!)
 
-These examples are written in Python 3 and require a couple of modules to be installed:
-
-`pip3 install pycryptodome numpy`
+These examples are written in Python 3 and may require additional modules to be installed.
 
 See the readmes in each directory for guidance.
 
diff --git a/runflask b/runflask
@@ -4,4 +4,4 @@ python3 -m venv venv
 source venv/bin/activate
 pip install Flask
 pip install pycryptodome
-FLASK_APP=server.py flask run --port $1
+FLASK_RUN_PORT=$1 FLASK_APP=server.py flask run
