Skip to content

Instantly share code, notes, and snippets.

Avatar
🔬

Taylor Hornby defuse

🔬
View GitHub Profile
@defuse
defuse / attack.php
Created Mar 14, 2015
Padding Oracle Attack
View attack.php
<?php
/*
* Padding oracle attack against https://github.com/keboola/php-encryption
* By: Taylor Hornby.
* Date: March 14, 2014.
*/
/* Download the two files and place in the same folder. */
require_once('EncryptorInterface.php');
@defuse
defuse / infoleak.php
Created Mar 1, 2015
PHP Exception Leaks Encryption Key
View infoleak.php
<?php
// Broken crypto code from https://github.com/slimphp/Slim/blob/develop/Slim/Crypt.php
function validateKeyLength($key, $module)
{
$keySize = strlen($key);
$keySizeMin = 1;
$keySizeMax = mcrypt_enc_get_key_size($module);
$validKeySizes = mcrypt_enc_get_supported_key_sizes($module);
if ($validKeySizes) {
if (!in_array($keySize, $validKeySizes)) {
@defuse
defuse / backdoored.php
Created Feb 28, 2015
Backdoored Crypto Code
View backdoored.php
<?php
/*
* Backdooring the constant-time comparison algorithm.
* Taylor Hornby. Feburary 28, 2015.
*
* THIS CODE IS INTENTIONALLY BACKDOORED. DO NOT USE IT!
*/
/* ========================================================================= */
View invoice.txt
George Carlin INVOICE
carlin@example.org
To: Invoice #6
Stephen Hawking Date: May 13, 2014
hawking@example.org
+-----------------------------------------------------------------+
| Quantity | Description | Unit Price | Total |
@defuse
defuse / constant.c
Last active Aug 29, 2015
Constant Time Array Lookup?
View constant.c
// WARNING! This code is untested and experimental. DO NOT USE IT.
// NOTE: If I knew of a way to do the "shift and OR" thing reliably with unsigned ints, the code could be simplified a lot.
// Will always be compiled with -std=c99
// Returns UINT32_MAX if a == b, 0 otherwise.
uint32_t invariant_time_integer_compare(uint32_t a, uint32_t b)
{
/* z will be zero if and only if a == b. */
View file_permissions.txt
# This is well-known behavior, it's just interesting.
$ mkdir a
$ echo "hello!" > a/file.txt
$ cat a/file.txt
hello!
$ chmod 000 a/file.txt
# Now I don't expect to be able to change a/file.txt...
$ echo "GOODBYE" > a/file.txt
bash: a/file.txt: Permission denied
# Okay, good, I can't modify the file directly.
@defuse
defuse / stats.txt
Created Apr 2, 2014
Statistical Test
View stats.txt
WARNING: This takes about 10-20 hours to run, depending on your system.
1%...
2%...
3%...
4%...
5%...
6%...
7%...
8%...
9%...
@defuse
defuse / algorithm.txt
Last active Aug 29, 2015
Random Characters to Random Bits
View algorithm.txt
Goal:
You're given a sequence of random alphanumeric characters (0-9a-zA-Z, 62
possible characters), for example from a password generator. Convert it into
a sequence of random *bits*.
The output should have the property:
The alphanumeric character RNG can be distinguished from random if and
only if the alphanumeric character RNG, with the conversion algorithm
attached, can be distinguished from random.
@defuse
defuse / paypal_process.rb
Created Mar 15, 2014
Paypal Download.csv processor
View paypal_process.rb
# WARNING! There is no warranty. This script might not work!
FILE = "Download.csv"
rows = []
File.open( FILE ) do |f|
rows = f.readlines()
end
rows = rows[1..-1]
@defuse
defuse / multitarget.rb
Created Mar 13, 2014
Multi-target guessing probability.
View multitarget.rb
# This script answers the following question:
# Alice chooses N random numbers between 1 and K.
# Bob chooses G random numbers between 1 and K.
# What is the probability that at least one number is chosen by both of them?
# Computes (K-N choose G) / (K choose G) in O(N)-ish time.
k = 1_000_000_000
n = 10_000
g = 100_000
You can’t perform that action at this time.