Posts List

Automate Manual Static Code Analysis

Automate Manual Static Code Analysis

Antlr: Automate Manual SAST Activity I came across this wonderful which can understand any grammar and can be very helpful for people who do lot of manual source code analysis. This unlike the common grepping allows you to find specifics by programming it in many languages. Just to showcase the power of tool, I will be using antlr in python to find uninitialized varaibles in java code base. So before I get started you need to download the latest copy of antlr jar and install python library.

CTF: Cracking RSA Encryption

CTF: Cracking RSA Encryption

Crypt: Crack Poor RSA Challenge: N = 58900433780152059829684181006276669633073820320761216330291745734792546625247 C = 56191946659070299323432594589209132754159316947267240359739328886944131258862 e = 65537 Reverse encrypted text C to plain text Below is my code to crack RSA with given N, C & e. {works on py2+} from Crypto.PublicKey import RSA import gmpy2 def int2Text(number, size): text = "".join([chr((number >> j) & 0xff) for j in reversed(range(0, size << 3, 8))]) return text.lstrip("\x00") N = 58900433780152059829684181006276669633073820320761216330291745734792546625247 C = 56191946659070299323432594589209132754159316947267240359739328886944131258862 e = 65537L #http://factordb.

CTF: Back in Time

CTF: Back in Time

Crypt: Back in Time Challenge: I always hated history class. I thought history would never come in handy. With challenge there are two files: 1: encrypt.py 2: cipheretext.txt Below is the content of encrypt.py file import random alpha = "abcdefghijklmnopqrstuvwxyz" key = ''.join(random.sample(alpha,len(alpha))) print key assert(len(alpha) == 26) plaintext = open("plaintext.txt").read() ciphertext = "" sub_dict = {} for i in range(len(alpha)): sub_dict[alpha[i]] = key[i] for i in range(len(plaintext)): if plaintext[i] in alpha: ciphertext += sub_dict[plaintext[i]] else: ciphertext += plaintext[i] open("ciphertext.

Quadratic Blowup Attack

Quadratic Blowup Attack

Attack An XML quadratic blowup attack is similar to a Billion Laughs attack. Essentially, it exploits the use of entity expansion. Instead of deferring to the use of nested entities, it replicates one large entity using a couple thousand characters repeatedly. These attacks exists becasue applications often need to transform data in and out of the XML format by using an XML parser. It may be possible for an attacker to inject data that may have an adverse effect on the XML parser when it is being processed.