CBC Padding Oracle Visualized
The following image visualizes how the CBC padding oracle attack works, and aims to provide an intuitive sense for why padding information is leaked when a chosen-ciphertext attacker can distinguish between valid and invalid paddings. In this example an attacker is attempting to recover the last byte of a block of ciphertext.
