-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Made it so i can delete Notes and made it so that there are 2 sites 1…
… for authorized 1 for unauthorized access
- Loading branch information
1 parent
1b4eeed
commit e4e808e
Showing
8 changed files
with
159 additions
and
3 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
from Crypto.Cipher import AES | ||
from Crypto.Random import get_random_bytes | ||
from Crypto.Util.Padding import pad, unpad | ||
import random | ||
import time | ||
import datetime | ||
|
||
|
||
#Patch would be to change the seed to a random value or use a secure random number generator | ||
|
||
current_time = datetime.datetime.now().time() | ||
time_str = str(current_time) | ||
time = time_str.split(':') | ||
seed = time[0] + time[1] | ||
random.seed(seed) | ||
print("Seed:", seed) | ||
|
||
def not_so_random(): | ||
random_number = random.randint(0, 2**128 - 1) | ||
return random_number.to_bytes(16, byteorder='big') | ||
|
||
key = not_so_random() | ||
nonce = not_so_random() | ||
print("Key:", key) | ||
print("Nonce:", nonce) | ||
|
||
def insecure_aes_encrypt(plaintext): | ||
cipher = AES.new(key, AES.MODE_GCM, nonce=nonce) | ||
plaintext_bytes = plaintext.encode() | ||
padded_plaintext = pad(plaintext_bytes, AES.block_size) | ||
ciphertext = cipher.encrypt(padded_plaintext) | ||
return ciphertext | ||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
from Crypto.Cipher import AES | ||
from Crypto.Random import get_random_bytes | ||
from Crypto.Util.Padding import pad, unpad | ||
import random | ||
import datetime | ||
|
||
def key_exploit(seed): | ||
random.seed(seed) | ||
def not_so_random(): | ||
random_number = random.randint(0, 2**128 - 1) | ||
return random_number.to_bytes(16, byteorder='big') | ||
|
||
key = not_so_random() | ||
nonce = not_so_random() | ||
return key, nonce | ||
|
||
|
||
|
||
|
||
def insecure_aes_decrypt(ciphertext): | ||
current_time = datetime.datetime.now().time() | ||
time_str = str(current_time) | ||
time = time_str.split(':') | ||
initial_time = time[0] | ||
seed = time[0] | ||
for i in range(1, 60): | ||
seed += str(i) | ||
key, nonce = key_exploit(seed) | ||
try: | ||
cipher = AES.new(key, AES.MODE_GCM, nonce=nonce) | ||
padded_plaintext = cipher.decrypt(ciphertext) | ||
plaintext = unpad(padded_plaintext, AES.block_size) | ||
if b'ENO' in plaintext: | ||
print("Seed:", seed) | ||
break | ||
except Exception as e: | ||
#Print the error message | ||
#print("An error occurred:", e) | ||
pass | ||
seed = initial_time | ||
#return plaintext | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
19 changes: 19 additions & 0 deletions
19
service/src/FlaskWebsite/website/templates/group_page_unauthorized.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
{% extends "base.html" %} {% block title %}Home{% endblock %} {% block content | ||
%} | ||
<h1 align="center">Notes</h1> | ||
<ul class="list-group list-group-flush" id="notes"> | ||
{% for note in notes %} | ||
<li class="list-group-item"> | ||
{{ note.encrypted_data }} | ||
{{ note.time }} | ||
</li> | ||
{% endfor %} | ||
</ul> | ||
<form method="POST"> | ||
<textarea name="note_of_group" id="note_of_group" class="form-control"></textarea> | ||
<br /> | ||
<div align="center"> | ||
<button type="submit" class="btn btn-primary">Add Note</button> | ||
</div> | ||
</form> | ||
{% endblock %} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters