AES CBC PKCS5Padding helper function update (#3287)

* Added DSL helper functions for CVE + misc * Added aes_cbc with pkcspadding * Misc * Misc * Misc * Removed debug statement * Misc * Misc * Fixed tests
2025-12-18 04:25:31 +00:00 · 2023-02-09 20:22:42 +05:30 · 2023-02-09 20:22:42 +05:30 · 7e7bb1ed0a
commit 7e7bb1ed0a
parent 518944f6e8
3 changed files with 17 additions and 19 deletions
--- a/v2/pkg/operators/common/dsl/dsl.go
+++ b/v2/pkg/operators/common/dsl/dsl.go
@ -773,22 +773,14 @@ func init() {
 				return argStr[start:end], nil
 			},
 		),
-		"aes_cbc": makeDslFunction(2, func(args ...interface{}) (interface{}, error) {
-			key := []byte(types.ToString(args[0]))
-			cleartext := []byte(types.ToString(args[1]))
-			block, _ := aes.NewCipher(key)
-			blockSize := block.BlockSize()
-			n := blockSize - len(cleartext)%blockSize
-			temp := bytes.Repeat([]byte{byte(n)}, n)
-			cleartext = append(cleartext, temp...)
-			iv := make([]byte, 16)
-			if _, err := crand.Read(iv); err != nil {
-				return nil, err
-			}
-			blockMode := cipher.NewCBCEncrypter(block, iv)
-			ciphertext := make([]byte, len(cleartext))
-			blockMode.CryptBlocks(ciphertext, cleartext)
-			ciphertext = append(iv, ciphertext...)
+		"aes_cbc": makeDslFunction(3, func(args ...interface{}) (interface{}, error) {
+			bKey := []byte(args[1].(string))
+			bIV := []byte(args[2].(string))
+			bPlaintext := pkcs5padding([]byte(args[0].(string)), aes.BlockSize, len(args[0].(string)))
+			block, _ := aes.NewCipher(bKey)
+			ciphertext := make([]byte, len(bPlaintext))
+			mode := cipher.NewCBCEncrypter(block, bIV)
+			mode.CryptBlocks(ciphertext, bPlaintext)
 			return ciphertext, nil
 		}),
 		"aes_gcm": makeDslFunction(2, func(args ...interface{}) (interface{}, error) {
@ -1199,6 +1191,12 @@ func toChunks(input string, chunkSize int) []string {
 	return chunks
 }

+func pkcs5padding(ciphertext []byte, blockSize int, after int) []byte {
+	padding := (blockSize - len(ciphertext)%blockSize)
+	padtext := bytes.Repeat([]byte{byte(padding)}, padding)
+	return append(ciphertext, padtext...)
+}
+
 type CompilationError struct {
 	DslSignature string
 	WrappedError error
--- a/v2/pkg/operators/common/dsl/dsl_test.go
+++ b/v2/pkg/operators/common/dsl/dsl_test.go
@ -93,7 +93,7 @@ func TestDslFunctionSignatures(t *testing.T) {
 }

 func TestGetPrintableDslFunctionSignatures(t *testing.T) {
-	expected := `	aes_cbc(arg1, arg2 interface{}) interface{}
+	expected := `	aes_cbc(arg1, arg2, arg3 interface{}) interface{}
 	aes_gcm(arg1, arg2 interface{}) interface{}
 	base64(arg1 interface{}) interface{}
 	base64_decode(arg1 interface{}) interface{}
@ -177,7 +177,7 @@ func TestGetPrintableDslFunctionSignatures(t *testing.T) {
 	assert.Equal(t, expected, signatures)

 	coloredSignatures := GetPrintableDslFunctionSignatures(false)
-	require.Contains(t, coloredSignatures, `[93maes_cbc[0m(arg1, arg2 [38;5;208minterface{}[0m)[38;5;208m interface{}[0m`, "could not get colored signatures")
+	require.Contains(t, coloredSignatures, `[93maes_cbc[0m(arg1, arg2, arg3 [38;5;208minterface{}[0m)[38;5;208m interface{}[0m`, "could not get colored signatures")
 }

 func TestDslExpressions(t *testing.T) {
--- a/v2/pkg/protocols/common/helpers/deserialization/java.go
+++ b/v2/pkg/protocols/common/helpers/deserialization/java.go
@ -135,7 +135,7 @@ func generateDNSPayload(URL string) []byte {
 	buffer.WriteString(string(rune(len(hostname))))
 	buffer.WriteString(hostname)

-	middle, _ := hex.DecodeString("74000071007E0005740005")
+	middle, _ := hex.DecodeString("74000071007E0005740004")
 	buffer.Write(middle)
 	buffer.WriteString(parsed.Scheme)