Filed under: Crypto, Hacking
Early last week, I posted a blog about padding oracle attacks. I explained them in detail, as simply as I could (without making diagrams, I suck at diagrams). I asked on Reddit about how I could make it easier to understand, and JoseJimeniz suggested working through an example. I thought that was a neat idea, [...]
Read More
Permalink Comments (3) Ron Bowes Jan 7, 2013
Filed under: Conferences, Crypto, Hacking, Tools
This post is about padding oracle vulnerabilities and the tool for attacking them - "Poracle" I'm officially releasing right now. You can grab the Poracle tool on Github! At my previous job — Tenable Network Security — one of the first tasks I ever had was to write a vulnerability check for MS10-070 — a [...]
Read More
Permalink Comments (14) Ron Bowes Jan 2, 2013
