Cousin Wu Ka Lok

PhD Candidate in the Computer Science Department at Stony Brook University. CTF, Maths enthusiast. A member of the Black Bauhinia (blackb6a) CTF team based in Hong Kong.

An interactive browser-side visualization of Vaudenay's padding oracle attack against AES-128-CBC with PKCS#7 padding, generated by GPT5 and Claude Design because I certainly can't make it look that nice.

The demo generates a hidden AES key and one captured ciphertext block in your browser, then exposes a padding oracle. You can manipulate the IV bytes by hand, brute-force positions, record plaintext guesses.

Click on the + and - buttons to increment/decrement the byte value of the "to flip" row to flip bits in the IV and observe how the padding oracle responds. You can also click the "Brute Force Next Byte" button to let the computer try all possible byte values for you, and it will stop when it finds a valid padding. After you are confident of the value of a byte of plaintext, click on "P (working copy)" to enter your guess and click the + and - button to manipulate the IV based on your guess, and to manipulate the plaintext in a predictable way.

There is also a Python panel where you can write your own attack code and run it in the browser with Pyodide, and the code will have access to the same oracle as the interactive demo. A pre-written attack code is also provided as a reference, but I encourage you to try writing your own code first.