This is the implementation of the attack done in the paper by Serge Mister & Robert Zuccherato.
Please note that the original paper had a mistake in the general case when the attacker knows the first two bytes of some message block. Refer to the corrected version of the paper in the following book page 87
The project requires Python 3.5 or later and the following libraries:
- Sandra
- pycrypto
- pandas