Giter Site home page Giter Site logo

exercises's People

Contributors

lvh avatar

Stargazers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

Watchers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

exercises's Issues

Timing attack exercise

Demonstrate why doing a byte-by-byte comparison of two values which terminates as soon as the two differentiate is vulnerable to timing attacks.

return "digest_abc" == "digest_xyz"

Broken password store (HMAC-SHA256, per-user salts)

So, basically, prove that per-user salts and using HMAC instead of whatever still doesn't fix anything.

Example text:


A company's intranet login (accessible at hmac-password-store-intranet) was recently compromised with a SQL injection attack. They have fixed the issue since then, but the breach resulted in a complete user table dump. You can access it at hmac-password-store-csv-dump.

Fortunately, they didn't store the passwords in plaintext. It even appeared to tick all the right boxes.

  • they used a cryptographically secure hash function (SHA-256).
  • they used a per-user salt.
  • they used HMAC to mix the salt with the password (with the salt as the key).

Log in as the admin user.


Guest list (prefix MAC) length extension attack

Here's an example exercise text:


There's a guest list for a cool party that you really want to get in to. The party has a guest list on a website. You can access it as guest-list. The website shows the current guest list, and lets you upload a new one. The guest list is a newline-separated list of people.

The party organizers only want people who know the secret password to be able to update the list. Because one of them is very smart, they didn't want to just make you submit the password, where anyone could intercept it. Instead, you have to produce a signature like so:

signature = sha256(password + guest_list)

Add the e-mail address you used to register to the end of the list.


Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.