lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: dotslash at snosoft.com (KF) Subject: Supposed SaS "encryption" weak - Coments and Infor about wrong claims Heh watch out for that DMCA. -KF Lorenzo Hernandez Garcia-Hierro wrote: >Dear Paul, >I've testing your exploit ( good one ) for the supposed html encryption weak >of SaS. >I think yo toke the exploit/perl script from a developers site because SaS >is using an standard of encoding, >here is the proof : >variables for function _fwk_filter_encrypt($content) >$table = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ_@"; > $xor = 165; >as you see it's not encryption , so , you didn't cracked nothing.... >you decoded it ! >the script its not for protect sites information such as passwds or usrnames >, etc , it is stupid to use it for those things. >It is only a low protection for people that copy contents ( people that its >only interested in copying things ) and its not >for critical uses. >Another thing: >here is the code for prepare tables of encoding characters: >$table = array_keys(count_chars($table, 1)); > $i_min = min($table); > $i_max = max($table); > for ($c = count($table); $c > 0; $r = mt_rand(0, $c--)) > array_splice($table, $r, $c - $r, array_reverse(array_slice($table, $r, >$c - $r))); > >the encode sequence: > >$len = strlen($content); > $word = $shift = 0; > for ($i = 0; $i < $len; $i++) > { > $ch = $xor ^ ord($content[$i]); > $word |= ($ch << $shift); > $shift = ($shift + 2) % 6; > $enc .= chr($table[$word & 0x3F]); > $word >>= 6; > if (!$shift) > { > $enc .= chr($table[$word]); > $word >>= 6; > } > } > if ($shift) > $enc .= chr($table[$word]); > >--- THE FINAL DECODE SEQUENCE ---- >// Decode sequence > $tbl = array_fill($i_min, $i_max - $i_min + 1, 0); > while (list($k,$v) = each($table)) > $tbl[$v] = $k; > $tbl = implode(",", $tbl); > > $fi = ",p=0,s=0,w=0,t=Array({$tbl})"; > $f = "w|=(t[x.charCodeAt(p++)-{$i_min}])<<s;"; > $f .= "if(s){r+=String.fromCharCode({$xor}^w&255);w>>=8;s-=2}else{s=6}"; > >---- >You see ? >xD >So definately not encryption , >you are wrong.... >encoding , i know , is a shit form to protect things but its the easier and >fast form to bind a low protection system for contents. >here is the javascript used: >$r.= "function decrypt_p(x){"; > $r.= "var l=x.length,b=1024,i,j,r{$fi};"; > $r.= >"for(j=Math.ceil(l/b);j>0;j--){r='';for(i=Math.min(l,b);i>0;i--,l--){{$f}}do >cument.write(r)}"; > $r.= "}decrypt_p(\"{$enc}\")"; > >CONCLUSIONS: >- I think , i can be sure checking this later , you copied the exploit code >from a developers site. >- You were first wrong saying that the Encryption system is cracked , asyou >see you dind't cracked nothing !! >you decoded a simple xor sequence w00w! >- Your claims saying i have lots of free time for [-] other sites[-] its >completely inapropiatted, >first of all: >- i don't make these things for famous , just for fun and hobby >- i don't say false things >- sometimes i'm wrong ( i'm human ) or lots of times ! but the important >thing is that i recognice my errors. > >-- >Thank you and next time do a better research. >Best regards to all the members of Ful-Disclosure. >------------------------------- >0x00->Lorenzo Hernandez Garcia-Hierro >0x01->/* not csh but sh */ >0x02->$ PATH=pretending!/usr/ucb/which sense >0x03-> no sense in pretending! >__________________________________ >PGP: Keyfingerprint >4ACC D892 05F9 74F1 F453 7D62 6B4E B53E 9180 5F5B >ID: 0x91805F5B >********************************** >No Secure Root Group Security Research Team >http://www.nsrg-security.com >______________________ > > >_______________________________________________ >Full-Disclosure - We believe in it. >Charter: http://lists.netsys.com/full-disclosure-charter.html > > >
Powered by blists - more mailing lists