🔐 Pracivo Crypto Lab

PRACIVO LAB — INTENTIONALLY VULNERABLE
⚠️ Pracivo Security Lab — Cryptography vulnerabilities: ECB penguin attack, padding oracle, weak ciphers, SSL/TLS misconfig, JWT cracking.

ECB Mode — The Penguin Attack

BLOCK CIPHER WEAKNESS

ECB (Electronic Codebook) encrypts each 16-byte block independently with the same key. Identical plaintext blocks produce identical ciphertext blocks — pattern leakage.

# Why ECB is broken — visual proof:
# Encrypt a bitmap image with AES-ECB
# The Linux penguin (Tux) logo encrypted with ECB still shows the penguin shape
# This is called the "ECB Penguin" — patterns in data survive encryption

# Block structure:
# Plaintext:   [BLOCK 1: admin=false][BLOCK 2: user=ram  ][BLOCK 3: role=user ]
# ECB cipher:  [AAA...AAA           ][BBB...BBB           ][CCC...CCC          ]
# Identical blocks → identical ciphertext → attacker can copy/swap blocks

# Attack: Block Cutting and Pasting
# App encrypts: "username=ram&role=user"
# In ECB, you can swap the "role=user" block with a block containing "role=admin"
# if you can craft input that aligns blocks correctly

# Python demonstration:
from Crypto.Cipher import AES
import os

key = os.urandom(16)
cipher = AES.new(key, AES.MODE_ECB)

msg1 = b"role=user       "  # 16 bytes exactly
msg2 = b"role=admin      "  # 16 bytes exactly

enc1 = cipher.encrypt(msg1)
enc2 = cipher.encrypt(msg2)
print(enc1.hex())  # different
print(enc2.hex())  # different — but now you can splice enc2 into any ECB message

# Real exploit: if registration form encrypts username in ECB blocks,
# register as "AAAAAAAAAAAAAAAA" + "admin           " to get the
# ciphertext of the "admin" block alone, then paste it into your profile

# DETECTION:
# Look for repeated 16-byte blocks in ciphertext — dead giveaway of ECB
# Fixed: use AES-CBC or AES-GCM with a random IV