stephenbradshaw / hlextend Goto Github PK

It would be much more convenient to have the return type be a bytestring. This way we won't have to unescape the extra bytes that are added when padding.

In my code I had to do

extended_query = sha.extend('&filename=' + HIDDEN_FILE, file_query, KEY_SIZE, MAC)
extended_query = bytes(extended_query, 'utf-8').decode("unicode_escape") # unescape bytes
forged_filename = urllib.parse.quote(extended_query, safe='?&=').replace('%C2', '') # conver to url remove garbage %C2
querystring = '?' + forged_filename + '&mac=' + forged_mac # create query

According to the README.md, shouldn't this line be sh.update(secret + appendVal) instead?

Please also update testscript.py to python3, it throws a lot of errors if i try to run it

Hi, I tried to use your small example in order to create a proof of concept for myself of how an attack would work.

So I made this small script:

import hlextend
import hashlib


def hash(message, secret):
    payload = secret + message
    hash_object = hashlib.sha1(bytes(payload,"utf-8"))
    return hash_object.hexdigest()


message = "hello"
secret = "secret1234"

### First, we create our own hash
print(hash(message, secret)) 

# 52e98441017043eee154a6d1af98c5e0efab055c


## We then try to make a forged hash, using length extension, where we try to append the word "file"
sha = hlextend.new('sha1')
forged = sha.extend("file", message, 10,'52e98441017043eee154a6d1af98c5e0efab055c')
print(forged)
print(sha.hexdigest())


## and now we check if our forged signature makes is correct:

print(hash(forged,secret))

But this does not work, currently, the last line is 876d8406a52c71321930e99ac44740ccaea3d080, while it should be c60fa7de0860d4048a3bfb36b70299a95e6587c9, as described in your readme
Have I misunderstoof something about how your libary works?

Still trying to wrap my head around this, so apologies in advance and I appreciate anything you can toss my way! But I had 3 questions for you.

1. If I wanted to hash "hello" with your script, how would I call that?
2. Can your script then return the original text if I have the hashed key from (1) and the length of the text? So can I get back to 'hello'?
3. If two is yes, how would you suggest going about it?

Traceback (most recent call last):
File "hasher.py", line 5, in
data = sha.extend('O:6:"Hacker":2:{s:17:" Hacker show_flag";b:1;s:16:" Hacker username";s:10:"hacker1337";}', 'O:6:"Hacker":2:{s:17:" Hacker show_flag";b:0;s:16:" Hacker username";s:10:"hacker1337";}', 8, '367f4643e26f0820db070629f43a5e6a614d778a5f1fd68d1fe1ce2d00b3934d')
File "C:\Users\Shawn Lee\Downloads\hlextend-master\hlextend-master\hlextend.py", line 118, in extend
self.__setStartingHash(startHash)
File "C:\Users\Shawn Lee\Downloads\hlextend-master\hlextend-master\hlextend.py", line 154, in __setStartingHash
hashVals = [ int(startHash[a:a+self._b1],base=16) for a in range(0,len(startHash), self._b1) ]
TypeError: 'float' object cannot be interpreted as an integer