clarified api usage, and how to actually exploit a paddin oracle

mwielgoszewski · mwielgoszewski · commit 06d35378bd7b · 2013-01-08T22:24:37.000-05:00
diff --git a/docs/api.rst b/docs/api.rst
@@ -12,8 +12,8 @@ Padding Oracle Exploit API.
 Main Interface
 --------------
 
-Tool authors should subclass the :class:`PaddingOracle` class and implement :meth:`oracle`.
-A typical example may look like::
+Tool authors should subclass the :class:`PaddingOracle` class and implement
+:meth:`oracle`. A typical example may look like::
 
     from paddingoracle import PaddingOracle, BadPaddingException
 
@@ -27,6 +27,17 @@ A typical example may look like::
 
             raise BadPaddingException
 
+To exploit the padding oracle vulnerability, simply::
+
+    padbuster = PadBuster()
+    decrypted = padbuster.decrypt(encrypted_data)
+
+    print decrypted
+
+That's all!  The hard work of actually carrying out the attack is handled
+in the :meth:`PaddingOracle.bust` method (not documented), which in turns
+calls the :meth:`~PaddingOracle.oracle` method implemented by your code.
+
 .. autoclass:: PaddingOracle
     :members: decrypt, encrypt, oracle, analyze
 
