The topic entails the following
1. Intro- cryptography and pentester
2. Integrity check against CBC algos
3. Manipulating the IV
4. Privilege escalation via CBC bit flipping
5. Hash length extension attacks
6. Padding Oracle attack
7. Decrypting a CBC block with padbuster.

All the above mentioned attacks would be backed by a demo

The test beds that I'll be using are:
1. CryptOMG Vulnerable Web App
2. Mutillidae II


Mihir Shah


Starts at Saturday March 16 2019, 12:30 PM. The sessions runs for about 1 hour.