Skip to content

Instantly share code, notes, and snippets.


Royce Williams roycewilliams

Block or report user

Report or block roycewilliams

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile

Client-side software update verification failures

Exploitable vulnerabilities in client-side software update mechanisms that could have been mitigated by secure transport (TLS). Contributions welcome. All text taken from the vulnerability descriptions themselves, with additional emphasis mine.

In scope:

  • I consider exploitation or privilege escalation of the package tool/system itself (that would have been mitigated by secure transport) to be in scope.
  • Issues only described as being triggered by malicious mirrors are assumed to also be vulnerable to MITM.
  • Failure to verify the software update at all is currently provisionally in scope if it could have been mitigated by secure transport, but I'm waffling about it. Most of these are actual signature verification failures, and my original purpose was to highlight cases where claims of "It's OK to be HTTP because verification!" seem to me to be specious.

Out of scope:

  • Transport downgrade attacks - that force a connection from being e
roycewilliams / pwnedpasswords-v2-top20k.txt
Last active Jul 9, 2019
View pwnedpasswords-v2-top20k.txt
This file has been truncated, but you can view the full file.
# Top 20K hashes from the Troy Hunt / haveibeenpwned Pwned Passwords list v2 (2018-02-21)
# Original raw as published is at
roycewilliams / hashcat-markov-ends.txt
Last active Jul 8, 2019
A survey of the last string tried by hashcat's Markov for standard masks
View hashcat-markov-ends.txt
$ cat
# Ref:
echo "# A survey of the last string tried by hashcat's Markov for standard masks"
echo -n '# hashcat version: '
hashcat --version
[ -f hashcat-markov-ends.list ] && rm hashcat-markov-ends.list
roycewilliams / mdxfind-is-awesome.txt
Last active Jul 8, 2019
View mdxfind-is-awesome.txt
# The word 'password', hashed with many unsalted hash types, up to 5 iterations deep
# Courtesy MDXfind -
$ echo -n 'password' | mdxfind -h ALL -h '!salt,!user' -z -f /dev/null -i 5 stdin 2>&1| fgrep password | sort
BLAKE224x01 22203351651fef303ceb8adcfbfdd90a773ea6c0f388ce2441f380d9:password
BLAKE224x02 16dc83c641636911098c1981ce16a540abd77b3b995d122ec010bfbe:password
BLAKE224x03 8077f5d701e755474cd8fab0d9a5fab019ff8046c020f0c3802c8c17:password
BLAKE224x04 30f749a577f685801423e9434ab95610c8c8c5464d8865c62d379bc6:password
BLAKE224x05 e34ed3bdce2557bc6246f9a3cc50bbf6c78bdcefa5a8960f9cba8f04:password
roycewilliams / md5-10k-rounds-password.txt
Last active Jul 8, 2019
The first 10,000 rounds of MD5("password")
View md5-10k-rounds-password.txt
# Courtesy MDXfind -
$ echo -n 'password' | mdxfind -h '^MD5$' -z -f /dev/null -i 10000 stdin 2>&1 | fgrep password | sort -tx -n -k 2 | align
MD5x01 5f4dcc3b5aa765d61d8327deb882cf99:password
MD5x02 696d29e0940a4957748fe3fc9efd22a3:password
MD5x03 5a22e6c339c96c9c0513a46e44c39683:password
MD5x04 e777a29bee9227c8a6a86e0bad61fc40:password
MD5x05 7b3b4de00794a247cf8df8e6fbfe19bf:password
MD5x06 20ffe80a69fbe8ce4d848eef461b3e39:password
roycewilliams /
Created Jul 6, 2019
HEX-ify plains that need it
#!/usr/bin/env perl
# Created: 2017-11-21
# $Id: hexify,v 1.2 2017/11/22 06:29:35 root Exp root $
# FIXME - special cases:
# - Single \x0a is valid utf8, but should be hexed
while (<>) {
roycewilliams / bcrypt-ascending.txt
Last active Jun 1, 2019
bcrypt hashes for 'password', all costs (4 through 31)
View bcrypt-ascending.txt
# bcrypt hashes for the plain 'password', costs 4 through 31
# htpasswd version matters - this one is from apache2-utils (2.4.18-2ubuntu3.10)
# Note that the official Apache version now stops at bcrypt cost 18:
# I am not sure if the Ubuntu version is being modified downstream.
View bcrypt-example
$ cat ~/bcrypt.hash
$ cat ~/bcrypt.dict
$ ./hashcat64.bin -a 0 -m 3200 ~/bcrypt.hash ~/bcrypt.dict
hashcat (v3.10-143-g7f59a82) starting...
OpenCL Platform #1: NVIDIA Corporation
roycewilliams / nested-bcrypt-examples.txt
Last active Mar 23, 2019
View nested-bcrypt-examples.txt
# Examples of nested bcrypt
# using both binary (expected) and ASCII (naive) forms of each core hash
# Last updated 2019-03-23
Types most likely to encounter in the wild:
* bcrypt(base64(sha256_bin(password))) - passlib 'bcrypt-sha256' format
You can’t perform that action at this time.