diff --git a/conpot/protocols/ipmi/fakesession.py b/conpot/protocols/ipmi/fakesession.py index 0013be7b..5121bf48 100644 --- a/conpot/protocols/ipmi/fakesession.py +++ b/conpot/protocols/ipmi/fakesession.py @@ -28,7 +28,7 @@ import random import hmac import hashlib -from Crypto.Cipher import AES +from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes logger = logging.getLogger(__name__) @@ -122,10 +122,9 @@ def _ipmi20(self, rawdata): payload = data[16 : 16 + psize] if encryption_bit: iv = rawdata[16:32] - decrypter = AES.new(self.aeskey, AES.MODE_CBC, iv) - decrypted = decrypter.decrypt( - struct.pack("%dB" % len(payload[16:]), *payload[16:]) - ) + cipher = Cipher(algorithms.AES(self.aeskey), modes.CBC(iv)) + decryptor = cipher.decryptor() + decrypted = decryptor.update(struct.pack("%dB" % len(payload[16:]), *payload[16:])) + decryptor.finalize() payload = struct.unpack("%dB" % len(decrypted), decrypted) padsize = payload[-1] + 1 payload = list(payload[:-padsize]) @@ -315,10 +314,9 @@ def send_payload( iv = os.urandom(16) message += list(struct.unpack("16B", iv)) payloadtocrypt = self._aespad(payload) - crypter = AES.new(self.aeskey, AES.MODE_CBC, iv) - crypted = crypter.encrypt( - struct.pack("%dB" % len(payloadtocrypt), *payloadtocrypt) - ) + cipher = Cipher(algorithms.AES(self.aeskey), modes.CBC(iv)) + encryptor = cipher.encryptor() + crypted = encryptor.update(struct.pack("%dB" % len(payloadtocrypt), *payloadtocrypt)) + encryptor.finalize() crypted = list(struct.unpack("%dB" % len(crypted), crypted)) message += crypted else: diff --git a/requirements.txt b/requirements.txt index 7b729187..647600ed 100644 --- a/requirements.txt +++ b/requirements.txt @@ -25,6 +25,6 @@ tftpy # some freezegun versions broken freezegun!=0.3.13 pytest -pycrypto +cryptography sphinx_rtd_theme psutil