Skip to content

Instantly share code, notes, and snippets.

@lawrencejones

lawrencejones/crypto.js

Created March 10, 2016 20:24
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save lawrencejones/e89142b9c46e03a68cc5 to your computer and use it in GitHub Desktop.
Save lawrencejones/e89142b9c46e03a68cc5 to your computer and use it in GitHub Desktop.
Download ZIP
Exploitable crypto js code. Three exploits, one if you can load code before this module, one if you control the parameter passed to CryptoAPI.sha1.hash, and one if you can load code after this module
Raw
crypto.js
var CryptoAPI = (function() {
var encoding = {
a2b: function(a) { },
b2a: function(b) { }
};
var API = {
sha1: {
name: 'sha1',
identifier: '2b0e03021a',
size: 20,
block: 64,
hash: function(s) {
var len = (s += '\x80').length,
blocks = len >> 6,
chunk = len & 63,
res = "",
i = 0,
j = 0,
H = [0x67452301, 0xEFCDAB89, 0x98BADCFE, 0x10325476, 0xC3D2E1F0],
w = [];
while (chunk++ != 56) {
s += "\x00";
if (chunk == 64) {
blocks++;
chunk = 0;
}
}
for (s += "\x00\x00\x00\x00", chunk = 3, len = 8 * (len - 1); chunk >= 0; chunk--) {
s += encoding.b2a(len >> (8 * chunk) & 255);
}
for (i = 0; i < s.length; i++) {
j = (j << 8) + encoding.a2b(s[i]);
if ((i & 3) == 3) {
w[(i >> 2) & 15] = j;
j = 0;
}
if ((i & 63) == 63) CryptoAPI.sha1._round(H, w);
}
for (i = 0; i < H.length; i++)
for (j = 3; j >= 0; j--)
res += encoding.b2a(H[i] >> (8 * j) & 255);
return res;
}, // End "hash"
_round: function(H, w) { }
} // End "sha1"
}; // End "API"
return API; // End body of anonymous function
})(); // End "CryptoAPI"
module.exports = CryptoAPI;
@enricotoso96
Copy link

Could you please elaborate on the exploits? Thanks!

@Thil4n
Copy link

Thil4n commented Feb 27, 2020

I could find one vulnerability and the exploit.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment