Get the length of the Instagram encrypted password

Related tags

Cryptographyinstagramfacebookencryptionvulnerabilitypaddingpenetration-testing-tools
Overview

instagram-weak-encryption

Get the length of the Instagram encrypted password

Introduction

Instagram and Facebook encrypt the password submitted at login to sending this to the server, but the encryption has not padding so it's easy to exctract the password length from the ciphertext.

Encryption phases

Instagram use AES256-GCM to encrypt the password in this with an 12 byte IV and a timestamp as AD.

We can see the current Instagram encryption configurations at this endpoint. For example:

"encryption": {
  "key_id": "251",
  "public_key": "64c25328c4ba5e40f4e249310b861aa616488e096d4de6f2018c3c33c5e6d75c",
  "version": "10"
  }

This is a ciphertext example: #PWD_INSTAGRAM_BROWSER:10:1633796717:AY5QAElzjWV0j+OJ+qAnNXpQjZ6TN7A980Y2RMlrl63z80AkALvvb1IHYpzDXeX5w/Mf1jxTbF2PVJRh/Q99+J7FXkgmnE9qOhatEbKkdyoatN952Dee/PC8CiWLJTcoFDiCFovU9uwijaIDycIQ7w==

We can se that it have a fixed structure that can be expressed like this:

: : :

In addiction we know the ciphertext structures:

key_id|encrypted_key|tag|aes_output

This is an encryption preudo-code example.

int[32] key = create_random_key();
int[12] iv = create_random_iv();
int[16] tag;
byte[] ad = get_timestamp();
string plaintext = password;

ciphertext = encrypt_aes_256_gcm(
  iv,
  key,
  tag,
  plaintext,
  ad 
);

The problem

By collecting two or more ciphertexts we can see that the ciphertext length depends on the plaintext length so there is not any padding applied to the plaintext. For example:

Password length 8: #PWD_INSTAGRAM_BROWSER:10:1633796644:AY5QAOHhnlwGkvikhrThjD0/XSZAVlJ+dFBGNAtG4JhnP5c42slFXO0H0xpE3W2JSlcdjDEDI1O/CioKL5zXhXCfkRpL+ItOqUB0jhpl/D3EcTEI9iTq0XSpmGDvxb7fwaCvNFv2xFj4lvsv

Password length 12: #PWD_INSTAGRAM_BROWSER:10:1633796717:AY5QAElzjWV0j+OJ+qAnNXpQjZ6TN7A980Y2RMlrl63z80AkALvvb1IHYpzDXeX5w/Mf1jxTbF2PVJRh/Q99+J7FXkgmnE9qOhatEbKkdyoatN952Dee/PC8CiWLJTcoFDiCFovU9uwijaIDycIQ7w==

Therefore we need to setup a way to extract the password length from the ciphertext

Calculate the length

It's very easy to calculate the password length simply by count the ciphertext length and see the base64 padding. We need to calculate:

  1. The base64 blocks number
  2. How many '=' base64 pad there are
  3. The difference between the ciphertext length and a one char password ciphertext length (136 chars)

I combined these points to create a simple Python script to calculate the exact length of a password:

c = enc.split(':')[3] if ':' in enc else enc
cl = len(c)
pad = (int)((cl / 4) - 36)
pad1 = 1 if c[-1] == '=' else 0
pad2 = 1 if c[-2] == '=' else 0
pl = (len(c) - 136 - pad - pad1 - pad2)
print(pl)

Impact

To exploit this you need to read the comminication between the client and server. I have imaginad three possibile scenario:

  1. An attacker have physical access to the victim machine
  2. MITM attack
  3. Bad VPN that can read the traffic
Owner
Giuseppe Criscione
MSc in "Network and Security Systems" at University of Catania. Cyber Security Engineer && Android Developer
Giuseppe Criscione
GitHub Repository
Highly decentralized and censorship-resistant way to store key data

Beacon coin Beacon coin is a Chia singelton coin that can store data that needs to be: always available censorship resistant versioned potentially imm

Sebastjan Trepca 24 Oct 04, 2022
Coins farmer for dank memer

Created by TheRider#5308 [feel free to drop by to talk]. Note to some Dank Memer staff reading this: Nah I don't self bot, already got banned for that

Siddhant Kumar 3 Nov 10, 2021
This is a Sharding Simulator to study blockchain scalability

Sharding Simulator This is a Sharding Simulator to study blockchain scalability. How to run on Ubuntu First make sure you have the header file for Pyt

1 Jan 23, 2022
Simple crypto & blockchain implementation written in Python

JaamoCoin - simple Python blockchain example This is a very simple blockchain example written in Python. Based on this tutorial: https://medium.com/co

Jaakko Alajoki 1 Jan 07, 2022
Privfiles - Encrypted file storage using Fernet with zero Javascript

Privfiles - Encrypted file storage using Fernet with zero Javascript Source code for the onion service: l3n6v6dm63frml22tlmzacnasvp7co7wylu4hhcs34ukxe

5 Jul 30, 2022
Bot to trade crypto trading ranges

crypto-trading-bot Crypto bot with DCA or GRID trading strategy Sends notifictions to telegram chat Crypto bot with webhook feature which can be used

3 Jun 18, 2021
A simple web application with tools of cryptography, made with Flask and Cryptography.

Crypto Tools A web application made with Flask that allows the use of some cryptography tools like message digest, RSA key pair generation and a decip

Felipe Valentin 0 Jan 20, 2022
Tools for running airdrop and token distribution campaigns on the Solana blockchain.

Overview This repository contains some of the scripts we have used for running our airdrop campaigns and other distributions. Initially, all of these

147 Nov 17, 2022
Arithmos Cipher is a simple Cryptography that I created myself in Python

Arithmos Cipher is a simple Cryptography that I created myself in Python

LyQuid :3 3 Oct 19, 2022
A curated list of resources dedicated to reinforcement learning applied to cyber security.

Awesome Reinforcement Learning for Cyber Security A curated list of resources dedicated to reinforcement learning applied to cyber security. Note that

Kim Hammar 212 Jan 02, 2023
A tool used to encrypt Python scripts version < 2.7 and version < 3.9

A tool used to encrypt Python scripts version 2.7 and version 3.9

Fajar Kim 1 Dec 14, 2021
Tink is a multi-language, cross-platform, open source library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse.

Tink A multi-language, cross-platform library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse. Ubuntu

Google 12.9k Jan 05, 2023
Generate Random ETH addresses and Private Keys and Saved to file.

ethgen.py Generate Random ETH addresses and Private Keys and Saved to file. ETH address the file is stored in ETH-address.txt. ETH private keys the fi

deanondroid 2 Dec 21, 2021
Tracking (of choice) cryptocurrencies' daily prices and moving average.

Crypto-price-moving_average Tracking (of choice) cryptocurrencies' daily prices and moving average. About Alpha Vantage The Alpha Vantage library (htt

Thong Huynh 2 Jan 22, 2022
TON Command Line Interface - easy smart contract manipulation

toncli The Open Network cross-platform smart contract command line interface. Easy to deploy and interact with TON smart contracts. Installation Toncl

Disintar IO 100 Dec 18, 2022
s-pass is a program that creates strong passwords and then encrypts the password and saves it to a file. To see the encrypted password, execute the decrypt.py file and paste the password in the txt file into the incoming question.

s-pass v1.1 s-pass is a program that creates strong passwords and then encrypts the password and saves it to a file. To see the encrypted password, ex

Alpkunt 9 Sep 09, 2022
Algo-burner - Burner account for the Algorand blockchain

algo-burner Burner address for Algorand's blockchain Apparently it was a problem

1 Jan 12, 2022
Salted Crypto Python library

Salted Crypto Python library. Allows to encrypt and decrypt files and directories using popular cryptographic algorithms with salty key(s).

7 Jul 18, 2022
Vaulty - Encrypt/Decrypt with ChaCha20-Poly1305

Vaulty Encrypt/Decrypt with ChaCha20-Poly1305 Vaulty is an extremely lightweight encryption/decryption tool which uses ChaCha20-Poly1305 to provide 25

Chris Mason 1 Jul 04, 2022
Learn Blockchains by Building One, A simple Blockchain in Python using Flask as a micro web framework.

Blockchain ✨ Learn Blockchains by Building One Yourself Installation Make sure Python 3.6+ is installed. Install Flask Web Framework. Clone this repos

Vaibhaw 46 Jan 05, 2023