Padding Oracle: Chosen Ciphertext Attack

If viewing on mobile device please use landscape view for best results

Comments

Post a Comment

Popular posts from this blog

Defending Attacks Part 1: Password Cracking With Hydra and John The Ripper

Image
    This is my first post in my series "Defending Attacks". In this series I will break down real world attacks, explaining how they occur, why they matter, and what you can do to protect yourself. Some initial thoughts     We like to think that we choose good passwords when we create new accounts. In some cases we choose passwords that are quite secure. In other cases we unfortunately do not. When it comes to password attacks the attacker has very little to lose, and a lot to gain. Poorly chosen passwords can lead to drastic outcomes such as an organization falling victim to ransomware, identity theft, and many other unpleasant situations. In this article I will cover what password attacks look like, distinguishing between a weak and strong password, as well as some additional defensive measures that can mitigate attacks.   What is a password attack?     A password attack is as simple as it sounds. For this article we will assume the attacke...
Read more

Rust: Eliminating Use After Free Issues by Default

Image
    std::string s = “frayed knot”; For those unfamiliar with C++ this is essentially assigning a string to the variable “s”. After the above line executes a snapshot of memory is as follows: ( Image Credit to : “ Programming Rust, Second Edition by Jim Blandy, Jason Orendorff, and Leonora F.S. Tindall (O’Reilly). Copyright 2021 Jim Blandy, Leonora F.S. TIndall, and Jason Oredorff,  978-1-492-05259-3.”) The actual variable “s” lives on the stack. It consists of 3 words: the pointer to its heap buffer, the capacity  of the string (its maximum size), and the length of the string (its current size). This is great, nothing wrong  with this at all. The problem is when a temporary pointer to this string is created and this temporary pointer outlives the  variable “s”. In C++ it is valid to create a pointer to a character on the string’s heap buffer. So suppose we have a variable “s_ptr” that points to the letter “f” on the heap buffer above: We could get thi...
Read more