(ECB) Electronic Code Book - symmetric encryption scheme which replaces each block of the clear text by the block of ciphertext. It is the simplest encryption scheme. The main idea is to split the clear text into blocks of N bits (depends on the size of the block of input data, encryption algorithm) and then to encrypt (decrypt) each block of clear text using the only key.
Using ECB has multiple security implications:
Blocks from encrypted message can be removed
Blocks from encrypted message can be moved around
Imagine you login into an application several times and you always get the same cookie. This is because the cookie of the application is
Then, you generate to new users, both of them with the same long password and almost the same username.
You find out that the blocks of 8B where the info of both users is the same are equals. Then, you imagine that this might be because ECB is being used.
Like in the following example. Observe how these 2 decoded cookies has several times the block
\x23U\xE45K\xCB\x21\xC8\x23U\xE45K\xCB\x21\xC8\x04\xB6\xE1H\xD1\x1E \xB6\x23U\xE45K\xCB\x21\xC8\x23U\xE45K\xCB\x21\xC8+=\xD4F\xF7\x99\xD9\xA9\x23U\xE45K\xCB\x21\xC8\x23U\xE45K\xCB\x21\xC8\x04\xB6\xE1H\xD1\x1E \xB6\x23U\xE45K\xCB\x21\xC8\x23U\xE45K\xCB\x21\xC8+=\xD4F\xF7\x99\xD9\xA9
This is because the username and password of those cookies contained several times the letter "a" (for example). The blocks that are different are blocks that contained at least 1 different character (maybe the delimiter "|" or some necessary difference in the username).
Now, the attacker just need to discover if the format is
<password><delimiter><username>. For doing that, he can just generate several usernames with similar and long usernames and passwords until he find the format and the length of the delimiter:
Cookie's length (after decoding):
Knowing the format of the cookie (
<username>|<password>), in order to impersonate the username
admin create a new user called
aaaaaaaaadmin and get the cookie and decode it:
We can see the pattern
\x23U\xE45K\xCB\x21\xC8 created previously with the username that contained only
Then, you can remove the first block of 8B and you will et a valid cookie for the username
In many databases it is the same to search for
WHERE username='admin'; or for
WHERE username='admin '; (Note the extra spaces)
So, another way to impersonate the user
admin would be to:
Generate a username that:
len(<username>) + len(<delimiter) % len(block). With a block size of
8B you can generate username called:
username , with the delimiter
| the chunk
<username><delimiter> will generate 2 blocks of 8Bs.
Then, generate a password that will fill an exact number of blocks containing the username we want to impersonate and spaces, like:
The cookie of this user is going to be composed by 3 blocks: the first 2 is the blocks of the username + delimiter and the third one of the password (which is faking the username):
Then, just replace the first block with the last time and will be impersonating the user