Get the length of the Instagram encrypted password

Overview

instagram-weak-encryption

Get the length of the Instagram encrypted password

Introduction

Instagram and Facebook encrypt the password submitted at login to sending this to the server, but the encryption has not padding so it's easy to exctract the password length from the ciphertext.

Encryption phases

Instagram use AES256-GCM to encrypt the password in this with an 12 byte IV and a timestamp as AD.

We can see the current Instagram encryption configurations at this endpoint. For example:

"encryption": {
  "key_id": "251",
  "public_key": "64c25328c4ba5e40f4e249310b861aa616488e096d4de6f2018c3c33c5e6d75c",
  "version": "10"
  }

This is a ciphertext example: #PWD_INSTAGRAM_BROWSER:10:1633796717:AY5QAElzjWV0j+OJ+qAnNXpQjZ6TN7A980Y2RMlrl63z80AkALvvb1IHYpzDXeX5w/Mf1jxTbF2PVJRh/Q99+J7FXkgmnE9qOhatEbKkdyoatN952Dee/PC8CiWLJTcoFDiCFovU9uwijaIDycIQ7w==

We can se that it have a fixed structure that can be expressed like this:

: : :

In addiction we know the ciphertext structures:

key_id|encrypted_key|tag|aes_output

This is an encryption preudo-code example.

int[32] key = create_random_key();
int[12] iv = create_random_iv();
int[16] tag;
byte[] ad = get_timestamp();
string plaintext = password;

ciphertext = encrypt_aes_256_gcm(
  iv,
  key,
  tag,
  plaintext,
  ad 
);

The problem

By collecting two or more ciphertexts we can see that the ciphertext length depends on the plaintext length so there is not any padding applied to the plaintext. For example:

Password length 8: #PWD_INSTAGRAM_BROWSER:10:1633796644:AY5QAOHhnlwGkvikhrThjD0/XSZAVlJ+dFBGNAtG4JhnP5c42slFXO0H0xpE3W2JSlcdjDEDI1O/CioKL5zXhXCfkRpL+ItOqUB0jhpl/D3EcTEI9iTq0XSpmGDvxb7fwaCvNFv2xFj4lvsv

Password length 12: #PWD_INSTAGRAM_BROWSER:10:1633796717:AY5QAElzjWV0j+OJ+qAnNXpQjZ6TN7A980Y2RMlrl63z80AkALvvb1IHYpzDXeX5w/Mf1jxTbF2PVJRh/Q99+J7FXkgmnE9qOhatEbKkdyoatN952Dee/PC8CiWLJTcoFDiCFovU9uwijaIDycIQ7w==

Therefore we need to setup a way to extract the password length from the ciphertext

Calculate the length

It's very easy to calculate the password length simply by count the ciphertext length and see the base64 padding. We need to calculate:

  1. The base64 blocks number
  2. How many '=' base64 pad there are
  3. The difference between the ciphertext length and a one char password ciphertext length (136 chars)

I combined these points to create a simple Python script to calculate the exact length of a password:

c = enc.split(':')[3] if ':' in enc else enc
cl = len(c)
pad = (int)((cl / 4) - 36)
pad1 = 1 if c[-1] == '=' else 0
pad2 = 1 if c[-2] == '=' else 0
pl = (len(c) - 136 - pad - pad1 - pad2)
print(pl)

Impact

To exploit this you need to read the comminication between the client and server. I have imaginad three possibile scenario:

  1. An attacker have physical access to the victim machine
  2. MITM attack
  3. Bad VPN that can read the traffic
Owner
Giuseppe Criscione
MSc in "Network and Security Systems" at University of Catania. Cyber Security Engineer && Android Developer
Giuseppe Criscione
Python App To Encrypt Data (image, text, all data)

Python App To Encrypt Data (image, text, all data)

1 Oct 29, 2021
gcrypter: an encryption algorithm based on bytes and their correspondent numbers to encode strings

gcrypter: an encryption algorithm based on bytes and their correspondent numbers to encode strings

Nuninha-GC 1 Jan 10, 2022
DIY gravity falls cryptograms made with python

ciphers-cryptograms some diy code to implementing ciphers-cryptograms from gravity falls with python, it's fun tho Algorithm or ciphers list Caesar At

Muhammad Asthi Seta Ari Yuwana 3 Jun 26, 2022
Cyber Security Starter Kit Platform

Cyber Security Starter Kit Platform (CSSKP) allows to instantiate new self-assessment products such as Fit4Cybersecurity, Fit4Privacy, Fit4Contract and the like.

CASES Luxembourg 3 Oct 21, 2021
Zach Brewer 1 Feb 18, 2022
The (Python-based) mining software required for the Game Boy mining project.

The (Python-based) mining software required for the Game Boy mining project.

Ghidra Ninja 31 Nov 04, 2022
Crypto-curriences analysis

Crypto_analysis Discription: simple streamlit(screener) app to make MMA and OSC analysis for cyrpto-currenices, and gives resaults for which coins are

13 Nov 01, 2021
Tracking (of choice) cryptocurrencies' daily prices and moving average.

Crypto-price-moving_average Tracking (of choice) cryptocurrencies' daily prices and moving average. About Alpha Vantage The Alpha Vantage library (htt

Thong Huynh 2 Jan 22, 2022
Random Pasword Generator Sezar Crypto

Random_Pasword_Generator_Sezar_Crypto Simple Work Main design available in ana_sayfa.ui / ana_sayfa2.py Popup design available in popup.ui / anahtarp

Ahmet Gündoğdu - DRAGO 2 Dec 19, 2021
How to setup a multi-client ethereum Eth1-Eth2 merge testnet

Mergenet tutorial Let's set up a local eth1-eth2 merge testnet! Preparing the setup environment In this tutorial, we use a series of scripts to genera

Diederik Loerakker 24 Jun 17, 2022
Microllect - Fully automated btc wallet hack,using advanced protocols

Microllect - Fully automated btc wallet hack,using advanced protocols

Arya kaghazkanani 40 Dec 17, 2022
In this repository there are two types of code files

encryption-decryption In this repository there are two types of code files Me Friend Code in the 'Me' file can use for encryption and Code in the 'Fri

Vicksura Dulhan Perera 1 Nov 22, 2021
Recover bitcon brainwallet

Bitcoin brainwallet recovery tool If you like it give it a star Programmed in Python | PySimpleGUI How it works From seed phrase create bitcoin privat

Adrijan 20 Dec 15, 2022
Pythonic Smart Contract Language for the EVM

Introduction orfipy is a tool written in python/cython to extract ORFs in an extremely and fast and flexible manner. Other popular ORF searching tools

Vyper 4.4k Dec 30, 2022
😈 Shining is a tool that enables engineers to remotely pull smart contract code in multi-file situations.

👑 Shining 😈 Shining is a tool that enables engineers to remotely pull smart contract code in multi-file situations. Shining is the name of one of my

xxxeyJ 15 Jun 17, 2022
A hybrid(AES + RSA) encryptor in python.

python-file-encryptor A hybrid(AES + RSA) encryptor in python. Tasted on Windows and Linux(Kali). Install Requirements Use the package manager pip to

Alireza Kalhor 8 Jun 24, 2022
Python ASN.1 library with a focus on performance and a pythonic API

asn1crypto A fast, pure Python library for parsing and serializing ASN.1 structures. Features Why Another Python ASN.1 Library? Related Crypto Librari

Will Bond 282 Dec 11, 2022
🔑 Password manager and password generator

Password-Manager Create Account Quick Login Generate Password Save Password Offline App Passwords are stored on your system and no one has access to t

Abbas Ataei 41 Nov 09, 2022
Pogramme de chiffrement et déchiffrement césar d'un message en python3.

Chiffrement Cesar En Python3 Pogramme de chiffrement et déchiffrement césar d'un message en python3. Explication du chiffrement César avec complexité

Malik Makkes 1 Mar 26, 2022
Using with Jupyter making live crypto currency action

Make-Live-Crypto-Currency-With-Python Using with Jupyter making live crypto currency action 1.Note: 💣 You must Create a Binance account and also clic

Mahmut Can Gönül 5 Dec 13, 2021