Handle case where valid and invalid padding lead to empty response

GovTech-CSG · Jul 9, 2024 · ba1f412 · ba1f412
1 parent af52787
commit ba1f412
Showing 1 changed file with 6 additions and 2 deletions.
diff --git a/padding_oracle_hunter.py b/padding_oracle_hunter.py
@@ -165,17 +165,21 @@ def Test_PKCS7(self, encrypted_string):
         if len(resCount)==2:
             validPadRes = ""
             invalidPadRes = ""
+            isValidPadResFound = False
+            isInvalidPadResFound = False
             for response in resCount:            
                 # if there is 1 unique response, it is likely the valid padding response           
-                if(resCount[response]==1):                
+                if(resCount[response]==1):
+                    isValidPadResFound = True                
                     validPadRes = response
 
                 # there should be 255 same reponses for invalid padding
                 elif(resCount[response]==255):
+                    isInvalidPadResFound = True
                     invalidPadRes = response
 
             # check and print the result
-            if(validPadRes!="" and invalidPadRes!=""):
+            if(isValidPadResFound==True and isInvalidPadResFound==True):
                 self.__jTextAreaOutputPKCS7.setForeground(Color(255, 0, 0))
                 key_list = list(self.gresDictPKCS7.keys())
                 val_list = list(self.gresDictPKCS7.values())