Get the length of the Instagram encrypted password

Related tags

Cryptographyinstagramfacebookencryptionvulnerabilitypaddingpenetration-testing-tools
Overview

instagram-weak-encryption

Get the length of the Instagram encrypted password

Introduction

Instagram and Facebook encrypt the password submitted at login to sending this to the server, but the encryption has not padding so it's easy to exctract the password length from the ciphertext.

Encryption phases

Instagram use AES256-GCM to encrypt the password in this with an 12 byte IV and a timestamp as AD.

We can see the current Instagram encryption configurations at this endpoint. For example:

"encryption": {
  "key_id": "251",
  "public_key": "64c25328c4ba5e40f4e249310b861aa616488e096d4de6f2018c3c33c5e6d75c",
  "version": "10"
  }

This is a ciphertext example: #PWD_INSTAGRAM_BROWSER:10:1633796717:AY5QAElzjWV0j+OJ+qAnNXpQjZ6TN7A980Y2RMlrl63z80AkALvvb1IHYpzDXeX5w/Mf1jxTbF2PVJRh/Q99+J7FXkgmnE9qOhatEbKkdyoatN952Dee/PC8CiWLJTcoFDiCFovU9uwijaIDycIQ7w==

We can se that it have a fixed structure that can be expressed like this:

: : :

In addiction we know the ciphertext structures:

key_id|encrypted_key|tag|aes_output

This is an encryption preudo-code example.

int[32] key = create_random_key();
int[12] iv = create_random_iv();
int[16] tag;
byte[] ad = get_timestamp();
string plaintext = password;

ciphertext = encrypt_aes_256_gcm(
  iv,
  key,
  tag,
  plaintext,
  ad 
);

The problem

By collecting two or more ciphertexts we can see that the ciphertext length depends on the plaintext length so there is not any padding applied to the plaintext. For example:

Password length 8: #PWD_INSTAGRAM_BROWSER:10:1633796644:AY5QAOHhnlwGkvikhrThjD0/XSZAVlJ+dFBGNAtG4JhnP5c42slFXO0H0xpE3W2JSlcdjDEDI1O/CioKL5zXhXCfkRpL+ItOqUB0jhpl/D3EcTEI9iTq0XSpmGDvxb7fwaCvNFv2xFj4lvsv

Password length 12: #PWD_INSTAGRAM_BROWSER:10:1633796717:AY5QAElzjWV0j+OJ+qAnNXpQjZ6TN7A980Y2RMlrl63z80AkALvvb1IHYpzDXeX5w/Mf1jxTbF2PVJRh/Q99+J7FXkgmnE9qOhatEbKkdyoatN952Dee/PC8CiWLJTcoFDiCFovU9uwijaIDycIQ7w==

Therefore we need to setup a way to extract the password length from the ciphertext

Calculate the length

It's very easy to calculate the password length simply by count the ciphertext length and see the base64 padding. We need to calculate:

  1. The base64 blocks number
  2. How many '=' base64 pad there are
  3. The difference between the ciphertext length and a one char password ciphertext length (136 chars)

I combined these points to create a simple Python script to calculate the exact length of a password:

c = enc.split(':')[3] if ':' in enc else enc
cl = len(c)
pad = (int)((cl / 4) - 36)
pad1 = 1 if c[-1] == '=' else 0
pad2 = 1 if c[-2] == '=' else 0
pl = (len(c) - 136 - pad - pad1 - pad2)
print(pl)

Impact

To exploit this you need to read the comminication between the client and server. I have imaginad three possibile scenario:

  1. An attacker have physical access to the victim machine
  2. MITM attack
  3. Bad VPN that can read the traffic
Owner
Giuseppe Criscione
MSc in "Network and Security Systems" at University of Catania. Cyber Security Engineer && Android Developer
Giuseppe Criscione
GitHub Repository
SysWhispers integrated shellcode loader w/ ETW patching & anti-sandboxing

TymSpecial Shellcode Loader Description This project was made as a way for myself to learn C++ and gain insight into how EDR products work. TymSpecial

Nick Frischkorn 145 Dec 20, 2022
PySETO is a PASETO (Platform-Agnostic SEcurity TOkens) implementation written in Python

A Python implementation of PASETO.

Ajitomi, Daisuke 33 Dec 17, 2022
Vaulty - Encrypt/Decrypt with ChaCha20-Poly1305

Vaulty Encrypt/Decrypt with ChaCha20-Poly1305 Vaulty is an extremely lightweight encryption/decryption tool which uses ChaCha20-Poly1305 to provide 25

Chris Mason 1 Jul 04, 2022
Python ASN.1 library with a focus on performance and a pythonic API

asn1crypto A fast, pure Python library for parsing and serializing ASN.1 structures. Features Why Another Python ASN.1 Library? Related Crypto Librari

Will Bond 282 Dec 11, 2022
This demo is an on-chain NFT auction using smart contracts on the Algorand blockchain.

Algorand Auction Demo This demo is an on-chain NFT auction using smart contracts on the Algorand blockchain. Usage The file auction/operations.py prov

1 Jan 27, 2022
A bot written in Python to automatically buy tokens on the Binance Smart Chain as soon as liquidity is provided

A bot written in Python to automatically buy tokens on the Binance Smart Chain as soon as liquidity is provided. If you’ve found this bot useful and have profited from it please consider donating any

473 Dec 25, 2022
Get the length of the Instagram encrypted password

instagram-weak-encryption Get the length of the Instagram encrypted password Introduction Instagram and Facebook encrypt the password submitted at log

Giuseppe Criscione 19 Dec 09, 2022
I coded the sha256 algorithm into python without using any modules.

sha256.py I coded the sha256 algorithm in python without using any modules. The purpose of the code was to better understand the algorithm and learn h

4 Dec 12, 2022
Secure open-source password manager.

aes256_passwd_store This script securely encrypts or decrypts passwords on disk within a custom database file. It also features functionality to retri

14 Nov 15, 2022
Active github repos of all cryptocurrencies

This repo is to maintain the list of active repositories for all cryptocurrencies that https://codemask.org uses. The active list will be automaticall

CodeMask 5 May 20, 2022
A bot for FaucetCrypto a cryptocurrency faucet. The bot can currently claim PTC ads, main reward and all the shortlinks except exe.io and fc.lc.

A bot for the high paying popular cryptocurrency faucet Faucet Crypto. The bot is built using Python and Selenium, currently it is under active develo

Sourav R S 81 Dec 19, 2022
Salted Crypto Python library

Salted Crypto Python library. Allows to encrypt and decrypt files and directories using popular cryptographic algorithms with salty key(s).

7 Jul 18, 2022
ETHGreen blockchain is a fork from STAI and Chia blockchain including features implemented by Covid blockchain.

Welcome to ETHGreen Blockchain ETHGreen blockchain is a fork from STAI and Chia blockchain including features implemented by Covid blockchain. About t

11 Dec 23, 2022
High Performance Blockchain Deserializer

bitcoin_explorer is an efficient library for reading bitcoin-core binary blockchain file as a database (utilising multi-threading).

Congyu 2 Dec 28, 2021
Elgamal-and-peer2peer-communication - This project simulates the message transportation between two clients using elgamal cryptography

elgamal-and-peer2peer-communication This project simulates the message transport

Buckley 2 Jul 24, 2022
theHasher Tool created for generate strong and unbreakable passwords by using Hash Functions.Generate Hashes and store them in txt files.Use the txt files as lists to execute Brute Force Attacks!

$theHasher theHasher is a Tool for generating hashes using some of the most Famous Hashes Functions ever created. You can save your hashes to correspo

SR18 6 Feb 02, 2022
Python FFI bindings for libsecp256k1 (maintained)

secp256k1-py Python FFI bindings for libsecp256k1 (an experimental and optimized C library for EC operations on curve secp256k1). Previously maintaine

Rusty Russell 29 Dec 29, 2022
That Hash will name that hash type! Identify MD5, SHA256 and 300+ other hashes Comes with

Call for translators! We're looking for translators to help translate this spec for everyone! Read this documentation in the following languages 한국어 中

All Contributors 6.8k Jan 05, 2023
A simple script useful to switch from Dashlane to Bitwarden by converting the password file to the right format.

A simple script useful to switch from Dashlane to Bitwarden by converting the password file to the right format.

3 May 06, 2022
Coins farmer for dank memer

Created by TheRider#5308 [feel free to drop by to talk]. Note to some Dank Memer staff reading this: Nah I don't self bot, already got banned for that

Siddhant Kumar 3 Nov 10, 2021