Collaborate Disseminate
I am currently trying to solve an exercise where I should look at a TLS 1.2 handshake trace while having access to pre and both randoms (server random and client random).
In order to decrypt application data, I need to rebuild the master … Continue reading TLS 1.2. Handshake: Where do Client and Server negotiate how the master key is built from randoms and pre?
I am unsure about how extensions are handled in TLS v1.2.
During the handshake, the client is able to add some extensions during ClientHello. As far I understood, the server can pick arbitrary subsets from this list in Serv… Continue reading TLS 1.2 Handshake: Does the server have to take all extensions sent by the Client?
I am currently studying the most widely known encryption algorithms and methodologies. For practice purposes, I want to implement everything from ECB to RSA as some kind of a C crypto library. How would I generate a secure ke… Continue reading How do I program a function to generate a secure Block Cipher Encryption-Key?
When I try to save a file containing code exploiting a well-known vulnerability (link redirects to an example git-hub code), windows alerts, that a virus was found and a few seconds later, the file is gone.I was wondering now… Continue reading What process inside Windows recognizes exploits?
I am working on a presentation and want to copy an old exploit code (github-file) to a file in Sublime3 with nice syntax, highlighting, and so on.
But when I try to save the file, Windows automatically detects the malicious … Continue reading How can I prevent Windows from automatically deleting malicious files? [migrated]
Here there is a thorough description of the exploit I am talking about. There is this step:
var x1 = new Array();
for (i = 0; i < 200; ++i) {
x1[i] = document.createElement(“COMMENT”);
x1[i].data=”abc”;
};
var e1 … Continue reading Why does hydraqs exploit put "abc" in its x1 array?