Get the length of the Instagram encrypted password

Related tags

Cryptographyinstagramfacebookencryptionvulnerabilitypaddingpenetration-testing-tools
Overview

instagram-weak-encryption

Get the length of the Instagram encrypted password

Introduction

Instagram and Facebook encrypt the password submitted at login to sending this to the server, but the encryption has not padding so it's easy to exctract the password length from the ciphertext.

Encryption phases

Instagram use AES256-GCM to encrypt the password in this with an 12 byte IV and a timestamp as AD.

We can see the current Instagram encryption configurations at this endpoint. For example:

"encryption": {
  "key_id": "251",
  "public_key": "64c25328c4ba5e40f4e249310b861aa616488e096d4de6f2018c3c33c5e6d75c",
  "version": "10"
  }

This is a ciphertext example: #PWD_INSTAGRAM_BROWSER:10:1633796717:AY5QAElzjWV0j+OJ+qAnNXpQjZ6TN7A980Y2RMlrl63z80AkALvvb1IHYpzDXeX5w/Mf1jxTbF2PVJRh/Q99+J7FXkgmnE9qOhatEbKkdyoatN952Dee/PC8CiWLJTcoFDiCFovU9uwijaIDycIQ7w==

We can se that it have a fixed structure that can be expressed like this:

: : :

In addiction we know the ciphertext structures:

key_id|encrypted_key|tag|aes_output

This is an encryption preudo-code example.

int[32] key = create_random_key();
int[12] iv = create_random_iv();
int[16] tag;
byte[] ad = get_timestamp();
string plaintext = password;

ciphertext = encrypt_aes_256_gcm(
  iv,
  key,
  tag,
  plaintext,
  ad 
);

The problem

By collecting two or more ciphertexts we can see that the ciphertext length depends on the plaintext length so there is not any padding applied to the plaintext. For example:

Password length 8: #PWD_INSTAGRAM_BROWSER:10:1633796644:AY5QAOHhnlwGkvikhrThjD0/XSZAVlJ+dFBGNAtG4JhnP5c42slFXO0H0xpE3W2JSlcdjDEDI1O/CioKL5zXhXCfkRpL+ItOqUB0jhpl/D3EcTEI9iTq0XSpmGDvxb7fwaCvNFv2xFj4lvsv

Password length 12: #PWD_INSTAGRAM_BROWSER:10:1633796717:AY5QAElzjWV0j+OJ+qAnNXpQjZ6TN7A980Y2RMlrl63z80AkALvvb1IHYpzDXeX5w/Mf1jxTbF2PVJRh/Q99+J7FXkgmnE9qOhatEbKkdyoatN952Dee/PC8CiWLJTcoFDiCFovU9uwijaIDycIQ7w==

Therefore we need to setup a way to extract the password length from the ciphertext

Calculate the length

It's very easy to calculate the password length simply by count the ciphertext length and see the base64 padding. We need to calculate:

  1. The base64 blocks number
  2. How many '=' base64 pad there are
  3. The difference between the ciphertext length and a one char password ciphertext length (136 chars)

I combined these points to create a simple Python script to calculate the exact length of a password:

c = enc.split(':')[3] if ':' in enc else enc
cl = len(c)
pad = (int)((cl / 4) - 36)
pad1 = 1 if c[-1] == '=' else 0
pad2 = 1 if c[-2] == '=' else 0
pl = (len(c) - 136 - pad - pad1 - pad2)
print(pl)

Impact

To exploit this you need to read the comminication between the client and server. I have imaginad three possibile scenario:

  1. An attacker have physical access to the victim machine
  2. MITM attack
  3. Bad VPN that can read the traffic
Owner
Giuseppe Criscione
MSc in "Network and Security Systems" at University of Catania. Cyber Security Engineer && Android Developer
Giuseppe Criscione
GitHub Repository
Python wrapper for the Equibles cryptos API.

Equibles Cryptos API for Python Requirements. Python 2.7 and 3.4+ Installation & Usage pip install If the python package is hosted on Github, you can

Equibles 1 Feb 02, 2022
Blockchain Python Implementation

Blockchain Python Implementation

0918nobita 2 Nov 21, 2021
Generate simple encrypted messages!

Premio's Shift is a very simple text encryption, you can use it to send secret messages to your friends. Table of Content Table of Content How it work

Peterson Adami Candido 3 Aug 06, 2021
A python script for AES Angecryption in Steganography

Angecryption is an encryption or an decryption result from a file to create an other file with the same / or not type.

ISIS 3 Jul 25, 2022
Tools for running airdrop and token distribution campaigns on the Solana blockchain.

Overview This repository contains some of the scripts we have used for running our airdrop campaigns and other distributions. Initially, all of these

147 Nov 17, 2022
Gearbox-vyper-contracts - Auxillary contracts for the Gearbox Protocol written in Vyper

Gearbox Vyper Contracts Auxillary contracts for the Gearbox Protocol written in

Edward Amor 4 Jan 07, 2022
Active github repos of all cryptocurrencies

This repo is to maintain the list of active repositories for all cryptocurrencies that https://codemask.org uses. The active list will be automaticall

CodeMask 5 May 20, 2022
A bot that escrows crypto transactions on Reddit

EscrowBot I NEED BCH TESTNET FOR TESTING. Please send me some BCH testnet if you have some: bchtest:qz5eur3prqyvd8u77m6fzf9z6cruz9q7vq4qvgdnuk Depende

Nathan Lim 10 Nov 10, 2022
A simple Python tool to help anyone use Liquidity Pools on the BitShares blockchain.

ACCOUNT AND ACTIVE KEY ARE NOT PERSISTENT, YOU WILL NEED TO ENTER THEM EACH TIME YOU LAUNCH THE APP (but not every transaction. that's a win). If / wh

Brendan Jensen 17 Jun 15, 2022
smartpassgen - A cross-platform package of modules for generating, secure storage and recovery of complex, cryptographic, smart passwords on the fly.

smartpassgen - A cross-platform package of modules for generating, secure storage and recovery of complex, cryptographic, smart passwords on the fly.

4 Sep 04, 2021
theHasher Tool created for generate strong and unbreakable passwords by using Hash Functions.Generate Hashes and store them in txt files.Use the txt files as lists to execute Brute Force Attacks!

$theHasher theHasher is a Tool for generating hashes using some of the most Famous Hashes Functions ever created. You can save your hashes to correspo

SR18 6 Feb 02, 2022
Blockchain online Voting System

decentralized-voting-system A decentralized voting system where a user can walk into a government authorized center (Ex- banks, telecom companies etc.

Mahima Arora 1 Dec 28, 2021
Simple crypto & blockchain implementation written in Python

JaamoCoin - simple Python blockchain example This is a very simple blockchain example written in Python. Based on this tutorial: https://medium.com/co

Jaakko Alajoki 1 Jan 07, 2022
Lottery by Ethereum Blockchain

Lottery by Ethereum Blockchain Set your web3 provider url in .env PROVIDER=https://mainnet.infura.io/v3/YOUR-INFURA-TOKEN Create your source file .

John Torres 3 Dec 23, 2021
A Python library to wrap age and minisign to provide key management, encryption/decryption and signing/verification functionality.

A Python library to wrap age and minisign to provide key management, encryption/decryption and signing/verification functionality.

Vinay Sajip 3 Feb 01, 2022
Token drop template on Tezos blockchain, based on Merkle Tree Distribution mechanism.

🛬 Token Drop Template This is a template to perform token drops efficiently on Tezos blockchain. The drop is handled using Merkle Tree Distribution m

Anshu Jalan 5 Oct 11, 2022
Hide secret texts inside an image, optionally encrypt them with a password using AES-256.

Hide secret texts/messages inside an image. You can optionally encrypt your texts with a password using AES-256 before encoding into the image.

Teja Swaroop 97 Dec 29, 2022
G-Research-Crypto-Competition - Project for passing the ML exam. Dataset took from the competition on the kaggle

G-Research-Crypto-Competition Project for passing the ML exam. Dataset took from

5 Jan 09, 2022
Simple python program to encrypt files with AES-256 encryption

simple-enc Simple python program to encrypt files with AES-256 encryption Setup First install "pyAesCrypt" using pip. Thats it! Optionally you can add

Hashm 2 Jan 19, 2022
Python program that handles the creation, encryption and storage of log/journal files. Kinda works like a diary of sorts.

LucaSoft J.O.U.R.N.A.L The J.O.U.R.N.A.L (Just anOther User Redaction & Navigation Assistant by Lucaspec72) is a Python program that handles the creat

Lucaspec72 8 Oct 27, 2021