Homec4science
Diffusion InfoSec (master) Browse

infosec/hw1
5739782483cbmaster

Compare
History

hw1

README.md
interceptor.py
sniffer.py
tokens.txt

README.md

Information Security and Privacy Homework README

Readme for Homework 1

Exercise 1

For this exercise I did not write any code. Beneath I explain how I received the token.

Steps

  1. I analysed the page's html code. Inside that code there was also javascript included. Thus the code for the validation of the password is visible.
  1. I copied the definition of the function `function superencryption(msg,key)` form the site and ran it in an online javascript editor with my email address as `msg`` and `key = "Never send a human to do a machine's job"`` because this is how the function is called in the script. This returned the correct password.

Exercise2

Beneath I again explain the steps I took for receiving the token.

Steps

  1. The website hints that cookies are used because the website can remeber the user.
  1. I logged in and pressed the "Hack and Spy" button. When inspecting the site on firefox I could see that pressing the button triggered an HTTP POST request which greceived an Error code as answer. The HTTP request sent has the cookie as payload, which tells us that the cookie is much liekly important for the verification.
  1. I assumed the cookie could be a hash or some encoding of the LogIn Data. When trying some different passwords for the LogIn I noticed that often they ended with "=". That hinted to the base64 encoding. I decoded the cookie with online base64 decoder
  1. After encoding the cookie with base64 I noticed it said "user" plus some other info. changing that to "admin" did not work. After some other experiments with the cookie changing "user" to "administer" (which is a weird choice), encoding the cookie again and clicking the button again lead me to the cookie. I used the Firefox AddOn EditThisCookie.

Exercise 3

For this exercise the following python script is used.

interceptor.py

Run the script like explained in the exercise sheet with the following command.

docker exec -it attacker python3 shared/interceptor.py

The script will print the received token and keep on running without printing anything else so make sure to interrupt by pressing

Ctrl + C

after the token appears. Then the token can be copied from the terminal.

Exercise 4

For this exercise the following python script is used.

sniffer.py

Run the script like explained in the exercise sheet with the following command.

docker exec -it attacker python3 shared/interceptor.py

The script will print the received token and keep on running without printing anything else so make sure to interrupt by pressing

Ctrl + C

after the token appears. Then the token can be copied from the terminal.

Author

Dennis Gankin

c4science · Help