_lcg(state): return (1103515245*state + 12345) % (2**31) def lcg_generator(seed): state = seed while True: state = _lcg(state) yield state with open('/dev/urandom', 'rb') as f: seed, = struct.unpack('I', f.read(4)) gen = lcg_generator(seed) [ ] See - my PRNG is initialized using super secure seed! [ ] First value of the PRNG is: 123456 [+] Your task is to predict the second value of my LCG PRNG: https://pragmaticcrypto.herokuapp.com/exercise1/
PRNG code: def _lcg(state): return (1103515245*state + 12345) % (2**31) def lcg_generator(seed): state = seed while True: state = _lcg(state) yield state with open('/dev/urandom', 'rb') as f: seed, = struct.unpack('I', f.read(4)) gen = lcg_generator(seed) [ ] Second value of the PRNG is: 12345 [+] Your task is to recover the first value of my LCG PRNG:
generated a password. [ ] You will never crack it! [ ] Oh, I used python random module, and I initialized the [ ] seed like python does on some platforms: random.seed(int(time.time() * 256)) [ ] The password was generated like that: secret = ''.join(random.choice(string.ascii_letters) for i in range(12)) [+] Your task is to guess the password: https://pragmaticcrypto.herokuapp.com/exercise3/
[ ] I have a small hash table implemented here: hash_table = [[] for i in range(1023)] [ ] I save the string like that: hash, = struct.unpack('I', hashlib.md5(string.encode('ascii')).digest()[:4]) bucket = hash_table[hash % 1023] if string not in bucket: bucket.append( string ) [ ] It's using md5! It's super secure for hash table! [ ] BTW, I also clean up the hash table once in a while [ ] to make sure I don't crash due to excessive memory usage! [+] Your task is to guess to overflow a bucket and DOS me. https://pragmaticcrypto.herokuapp.com/exercise4/
the implementation of a hash/dictionary in your favourite programming language is vulnerable to hash-flooding. 2) Implement a single round of siphash in your favoirite programming language. 3) As a bonus point - implement full siphash algorithm! https://pragmaticcrypto.herokuapp.com/exercise5/
checksum: 0b4e7a0e5fe84ad35fb5f95b9ceeac79 [ ] Original string is a 6 character string, [ ] composed from characters from range [a-z0-9]. [+] The original string is: https://pragmaticcrypto.herokuapp.com/exercise6/ Solution: $ echo 0b4e7a0e5fe84ad35fb5f95b9ceeac79 > passwd.raw-md5 $ ./john -i=alnum --format=raw-md5 passwd.raw-md5 $ ./john --format=raw-md5 --show passwd.raw-md5
hashes for me [+] as I can't afford a computer. BTW. the passwords are [+] composed of excatly 7 characters of digits. [ ] Unsalted ("raw-sha1"): bf683bc25f36e05825647b8e2869bb141a7ef3ed [...] [ ] Salted ("sha1-gen"): $SHA1p$4290117$5d20ebba87900c454a0ab21c81e5ce7185ac59da [...] [ ] Weakly salted ("sha1-gen"): $SHA1p$aaaa$177ab675c3c0aef6a6850b9530da20f8f4d63bdf [...] https://pragmaticcrypto.herokuapp.com/exercise9/
password: e860e0aba15c89b31448d0d20625a2c7... [ ] The secret is composed of 4 concatenated lowercase words. [ ] My vocabolary is quite bad, so I used a dictionary [ ] to help me generate a memorizable password: http://www.englishclub.com/vocabulary/common-words-100.htm [+] The original string is: https://pragmaticcrypto.herokuapp.com/exercise8/
with MD5() or SHA1() is bad (salted or not) • Rephrase: hash functions are not constructed to store your passwords • Hash functions come and go and are optimized for speed • Humans are bad at memorizing passwords • Considering number of sites using MD5 consider not reusing passwords • Beware hash flooding attacks