diff options
| author | Louis Burda <quent.burda@gmail.com> | 2021-10-30 18:46:32 +0200 |
|---|---|---|
| committer | Louis Burda <quent.burda@gmail.com> | 2021-10-30 18:46:32 +0200 |
| commit | 8743161eb4454ed73094fde1789d77e704d5a3f1 (patch) | |
| tree | d65c109aa2686f350e89e5eb3a5d839613fc19bc | |
| parent | fd20ccb63da8aa1c56794701a2fbaca1fdea368a (diff) | |
| download | bambi6-service-postit-8743161eb4454ed73094fde1789d77e704d5a3f1.tar.gz bambi6-service-postit-8743161eb4454ed73094fde1789d77e704d5a3f1.zip | |
| -rw-r--r-- | README.md | 9 |
1 files changed, 7 insertions, 2 deletions
@@ -9,8 +9,8 @@ RSA signatures, checked with strcmp in C * terminal-based "Post-Its" * register with name and public key * get all user names -* to add a note, sign the sha512-value with your private key -* requests notes for a user: +* to add a note, sign the challenge with your private key +* request posts for a user: * get the public key and a token to sign * if signature correct, get all messages from that user @@ -19,3 +19,8 @@ short messages (but not 512 bits). signature = ceil((m + \x00 * foo) ^ (1/e)) When checking: signature^e = m + \x00 + ..., and strcmp accepts + +## Exploits + +Check out the exploit implementation in `checker/src/checker.py`. + |