Python: Penetration Testing for Developers
by Christopher Duffy, Mohit, Cameron Buchanan, Terry Ip, Andrew Mabbitt, Benjamin May, Dave Mound
Attacking one-time pad reuse
The concept of a one-time pad was a fundamental core to early cryptography. Basically, a phrase is memorized by the various parties and when a message is sent, it is shifted with that phrase for each step. For example, if the phrase is apple and the message is i like them, then we add a to i to get j and so on to eventually receive the encoded message.
More recently, a lot of malware engineers and bad software engineers used XORing to perform the same activity. Where the vulnerability lies and where we can create scripts to be useful is where the same key has been used multiple times. If multiple ascii-based strings have been XORed with the same ascii-based strings, we can brute the strings at the same time by XORing ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access