static string function2(byte[] data)
{
//Static values for decryption.
byte[] IV = new byte[] { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
byte[] key = new byte[] { 10, 11, 23, 44, 51, 23, 34,
89, 101, 65, 43, 71, 92, 41, 85, 03 };
//Brute force each possible byte combination until we come up with a valid answer.
for (int a = 0; a < 255; a++)
{
int holder1 = a;
data[36] = (byte)holder1;
string holdByte = CryptoHelpers.Base64ToAscii(
CryptoHelpers.ByteArrayToBase64String(CryptoHelpers.CbcDecrypt(data, key, IV)));
if (holdByte.Contains(";admin"))
{
break;
}
}
for (int a = 0; a < 255; a++)
{
int holder2 = a;
data[42] = (byte)holder2;
string holdByte = CryptoHelpers.Base64ToAscii(
CryptoHelpers.ByteArrayToBase64String(CryptoHelpers.CbcDecrypt(data, key, IV)));
if (holdByte.Contains(";admin=true"))
{
break;
}
}
for (int a = 0; a < 255; a++)
{
int holder3 = a;
data[47] = (byte)holder3;
string holdByte = CryptoHelpers.Base64ToAscii(
CryptoHelpers.ByteArrayToBase64String(CryptoHelpers.CbcDecrypt(data, key, IV)));
if (holdByte.Contains(";admin=true;"))
{
break;
}
}
return(CryptoHelpers.Base64ToAscii(
CryptoHelpers.ByteArrayToBase64String(CryptoHelpers.CbcDecrypt(data, key, IV))));
}
static string challenge13()
{
//Static values to be used.
string keyText = "AAAAAAAAAAAAAAAA";
//padding so the block starting with admin decrypts correctly.
byte[] padBytes = new byte[] { 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10 };
string padding = Encoding.Default.GetString(padBytes);
//1's used to ensure "admin" is the start of a
//block and "role=" is the end of a block
string email = "1111111111admin" + padding +
"[email protected]";
//Construct cookie string
string cookieString = profile_for(email);
//Convert cookie string to bytes
byte[] key = Encoding.ASCII.GetBytes(keyText);
byte[] cookie = Encoding.ASCII.GetBytes(cookieString);
//Encrypt bytes with key under ecb
byte[] encryptedCookie = CryptoHelpers.EcbEncrypt(cookie, key);
byte[] editedCookie = new byte[encryptedCookie.Length - 16];
byte[] adminByte = new byte[16];
//get encrypted bytes for admin string
for (int a = 16; a < 32; a++)
{
adminByte[a - 16] = encryptedCookie[a];
}
//Copy the encrypted bytes in the appropriate order into a new byte array.
Array.Copy(encryptedCookie, 0, editedCookie, 0, 16);
Array.Copy(encryptedCookie, 32, editedCookie, 16, encryptedCookie.Length - 32);
Array.Copy(adminByte, 0, editedCookie, 64, adminByte.Length);
Console.WriteLine(
CryptoHelpers.Base64ToAscii(
CryptoHelpers.ByteArrayToBase64String(
CryptoHelpers.EcbDecrypt(editedCookie, key))));
return("");
}