{"id":20450157,"url":"https://github.com/kishanbagaria/padding-oracle-attacker","last_synced_at":"2025-04-06T22:07:47.260Z","repository":{"id":34880863,"uuid":"184933759","full_name":"KishanBagaria/padding-oracle-attacker","owner":"KishanBagaria","description":"🔓 CLI tool and library to execute padding oracle attacks easily, with support for concurrent network requests and an elegant UI.","archived":false,"fork":false,"pushed_at":"2023-02-03T04:52:47.000Z","size":1396,"stargazers_count":204,"open_issues_count":7,"forks_count":35,"subscribers_count":6,"default_branch":"main","last_synced_at":"2025-03-30T21:07:02.870Z","etag":null,"topics":["aes","cbc","cipher-block-chaining","crypto","cryptography","decryption","encryption","padding-oracle","padding-oracle-attack","padding-oracle-attacks"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/KishanBagaria.png","metadata":{"files":{"readme":"readme.md","changelog":null,"contributing":null,"funding":null,"license":"license.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-05-04T19:00:24.000Z","updated_at":"2025-03-21T00:57:16.000Z","dependencies_parsed_at":"2023-02-18T03:15:43.493Z","dependency_job_id":null,"html_url":"https://github.com/KishanBagaria/padding-oracle-attacker","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/KishanBagaria%2Fpadding-oracle-attacker","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/KishanBagaria%2Fpadding-oracle-attacker/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/KishanBagaria%2Fpadding-oracle-attacker/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/KishanBagaria%2Fpadding-oracle-attacker/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/KishanBagaria","download_url":"https://codeload.github.com/KishanBagaria/padding-oracle-attacker/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247557767,"owners_count":20958047,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aes","cbc","cipher-block-chaining","crypto","cryptography","decryption","encryption","padding-oracle","padding-oracle-attack","padding-oracle-attacks"],"created_at":"2024-11-15T10:50:56.679Z","updated_at":"2025-04-06T22:07:47.241Z","avatar_url":"https://github.com/KishanBagaria.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# padding-oracle-attacker\n\nCLI tool and library to execute [padding oracle attacks](https://en.wikipedia.org/wiki/Padding_oracle_attack) easily, with support for concurrent network requests and an elegant UI.\n\n\u003cimg alt=\"poattack decrypt demo\" src=\"media/poattack-decrypt.gif\" width=\"734\" height=\"492\" /\u003e\n\n[![Build Status](https://api.travis-ci.com/KishanBagaria/padding-oracle-attacker.svg)](https://travis-ci.com/KishanBagaria/padding-oracle-attacker)\n\n## Install\n\nMake sure [Node.js](https://nodejs.org/) is installed, then run\n\n```sh\n$ npm install --global padding-oracle-attacker\n```\nor\n```sh\n$ yarn global add padding-oracle-attacker\n```\n\n## CLI Usage\n\n```\nUsage\n $ padding-oracle-attacker decrypt \u003curl\u003e hex:\u003cciphertext_hex\u003e \u003cblock_size\u003e \u003cerror\u003e [options]\n $ padding-oracle-attacker decrypt \u003curl\u003e b64:\u003cciphertext_b64\u003e \u003cblock_size\u003e \u003cerror\u003e [options]\n\n $ padding-oracle-attacker encrypt \u003curl\u003e \u003cplaintext\u003e \u003cblock_size\u003e \u003cerror\u003e [options]\n $ padding-oracle-attacker encrypt \u003curl\u003e hex:\u003cplaintext_hex\u003e \u003cblock_size\u003e \u003cerror\u003e [options]\n\n $ padding-oracle-attacker analyze \u003curl\u003e [\u003cblock_size\u003e] [options]\n\nCommands\n decrypt Finds the plaintext (foobar) for given ciphertext (hex:0123abcd)\n encrypt Finds the ciphertext (hex:abcd1234) for given plaintext (foo=bar)\n analyze Helps find out if the URL is vulnerable or not, and\n how the response differs when a decryption error occurs\n (for the \u003cerror\u003e argument)\n\nArguments\n \u003curl\u003e URL to attack. Payload will be inserted at the end by default. To specify\n a custom injection point, include {POPAYLOAD} in a header (-H),\n request body (-d) or the URL\n \u003cblock_size\u003e Block size used by the encryption algorithm on the server\n \u003cerror\u003e The string present in response when decryption fails on the server.\n Specify a string present in the HTTP response body (like PaddingException)\n or status code of the HTTP response (like 400)\n\nOptions\n -c, --concurrency Requests to be sent concurrently [default: 128]\n --disable-cache Disable network cache. Saved to [default: false]\n poattack-cache.json.gz.txt by default\n -X, --method HTTP method to use while making request [default: GET]\n -H, --header Headers to be sent with request.\n -H 'Cookie: cookie1' -H 'User-Agent: Googlebot/2.1'\n -d, --data Request body\n JSON string: {\"id\": 101, \"foo\": \"bar\"}\n URL encoded: id=101\u0026foo=bar\n Make sure to specify the Content-Type header.\n\n -e, --payload-encoding Ciphertext payload encoding for {POPAYLOAD} [default: hex]\n base64 FooBar+/=\n base64-urlsafe FooBar-_\n hex deadbeef\n hex-uppercase DEADBEEF\n base64(xyz) Custom base64 ('xyz' represent characters for '+/=')\n\n --dont-urlencode-payload Don't URL encode {POPAYLOAD} [default: false]\n\n --start-from-1st-block Start processing from the first block instead [default: false]\n of the last (only works with decrypt mode)\n\nExamples\n $ poattack decrypt http://localhost:2020/decrypt?ciphertext=\n hex:e3e70d8599206647dbc96952aaa209d75b4e3c494842aa1aa8931f51505df2a8a184e99501914312e2c50320835404e9\n 16 400\n $ poattack encrypt http://localhost:2020/decrypt?ciphertext= \"foo bar 🦄\" 16 400\n $ poattack encrypt http://localhost:2020/decrypt?ciphertext= hex:666f6f2062617220f09fa684 16 400\n $ poattack analyze http://localhost:2020/decrypt?ciphertext=\n\nAliases\n poattack\n padding-oracle-attack\n```\n\n## Library API\n\n```js\nconst { decrypt, encrypt } = require('padding-oracle-attacker')\n// or\nimport { decrypt, encrypt } from 'padding-oracle-attacker'\n\nconst { blockCount, totalSize, foundBytes, interBytes } = await decrypt(options)\n\nconst { blockCount, totalSize, foundBytes, interBytes, finalRequest } = await encrypt(options)\n```\n\n#### `decrypt(options: Object): Promise`\n#### `encrypt(options: Object): Promise`\n\n##### Required options\n\n###### `url: string`\nURL to attack. Payload will be appended at the end by default. To specify a custom injection point, include `{POPAYLOAD}` in the URL, a header (`requestOptions.headers`) or the request body (`requestOptions.data`)\n\n###### `blockSize: number`\nBlock size used by the encryption algorithm on the server.\n\n###### `isDecryptionSuccess: ({ statusCode, headers, body }) =\u003e boolean`\nFunction that returns true if the server response indicates decryption was successful.\n\n###### `ciphertext: Buffer` (`decrypt` only)\nCiphertext to decrypt.\n\n###### `plaintext: Buffer` (`encrypt` only)\nPlaintext to encrypt. Padding will be added automatically. Example: `Buffer.from('foo bar', 'utf8')`\n\n---\n\n##### Optional options\n\n###### `concurrency: number = 128`\nNetwork requests to be sent concurrently.\n\n###### `isCacheEnabled: boolean = true`\nResponses are cached by default and saved to `poattack-cache.json.gz.txt`. Set to `false` to disable caching.\n\n###### `requestOptions: { method, headers, data }`\n###### `requestOptions.method: string`\nHTTP method to use while making the request. `GET` by default. `POST`, `PUT`, `DELETE` are some valid options.\n\n###### `requestOptions.headers: { string: string }`\nHeaders to be sent with request. Example: `{ 'Content-Type': 'application/x-www-form-urlencoded' }`\n\n###### `requestOptions.body: string`\nRequest body. Can be a JSON string, URL encoded params etc. `Content-Type` header has to be set manually.\n\n###### `logMode: 'full'|'minimal'|'none' = 'full'`\n`full`: Log everything to console (default) \n`minimal`: Log only after start and completion to console \n`none`: Log nothing to console\n\n###### `transformPayload: (ciphertext: Buffer) =\u003e string`\nFunction to convert the `ciphertext` into a string when making a request. By default, `ciphertext` is encoded in hex and inserted at the injection point (URL end unless `{POPAYLOAD}` is present).\n\n---\n##### Optional options (`decrypt` only)\n\n###### `alreadyFound: Buffer`\nPlaintext bytes already known/found that can be skipped (from the end). If you provide a `Buffer` of ten bytes, the last ten bytes will be skipped.\n\n###### `initFirstPayloadBlockWithOrigBytes: boolean = false`\nInitialize first payload block with original `ciphertext` bytes instead of zeroes. \nExample: `abcdef12345678ff 1111111111111111` instead of `00000000000000ff 1111111111111111`\n\n###### `startFromFirstBlock: boolean = false`\nStart processing from the first block instead of the last.\n\n###### `makeInitialRequest: boolean = true`\nMake an initial request with the original `ciphertext` provided and log server response to console to allow the user to make sure network requests are being sent correctly.\n\n---\n##### Optional options (`encrypt` only)\n\n###### `makeFinalRequest: boolean = true`\nAfter finding the `ciphertext` bytes for the new `plaintext`, make a final request with the found bytes and log the server response to console.\n\n###### `lastCiphertextBlock: Buffer`\nCustom ciphertext for the last block. Last block is just zeroes by default (`000000000000000`).\n\n## Developing\n\n`padding-oracle-attacker` is written in TypeScript. If you'd like to modify the source files and run them, you can either compile the files into JS first and run them using node, or use [ts-node](https://www.npmjs.com/package/ts-node). \nExample: `yarn build` then `node dist/cli ...` or simply `ts-node src/cli ...`\n\n##### `yarn build` or `npm run build`\nBuilds the TypeScript files inside the `src` directory to JS files and outputs them to the `dist` directory.\n\n##### `yarn clean` or `npm run clean`\nDeletes the `dist` directory.\n\n##### `yarn lint` or `npm run lint`\nLints the files using eslint.\n\n##### `yarn test` or `npm run test`\nLints and runs the tests using ava.\n\n##### `node test/helpers/vulnerable-server.js`\nRuns the test server which is vulnerable to padding oracle attacks at \u003chttp://localhost:2020\u003e\n\n## Related\n\n* [PadBuster](https://github.com/AonCyberLabs/PadBuster) (Perl)\n* [Padding Oracle Attack](https://github.com/mpgn/Padding-oracle-attack) (Python)\n* [python-paddingoracle](https://github.com/mwielgoszewski/python-paddingoracle) (Python)\n* [Poracle](https://github.com/iagox86/poracle) (Ruby)\n* [GoPaddy](https://github.com/glebarez/GoPaddy) (Go)\n* [pax](https://github.com/liamg/pax) (Go)\n* [padre](https://github.com/glebarez/padre) (Go)\n* [Padantic](https://github.com/sum-catnip/padantic) (Rust)\n* [Padoracle](https://github.com/imyelo/padoracle) (JavaScript)\n\n## License\n\nMIT © [Kishan Bagaria](https://kishanbagaria.com)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkishanbagaria%2Fpadding-oracle-attacker","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkishanbagaria%2Fpadding-oracle-attacker","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkishanbagaria%2Fpadding-oracle-attacker/lists"}