Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

Drama... a popular programming book author (Zed Shaw) called out the Soatok in a mean and crud way. So, Soatok fought back by finding a collection of 0-days in his software. Just be nice to people and life is better!

Secure Remote Password (SRP) is an early Password-Authenticated Key Exchange algorithm often integrated with TLS (to form TLS-SRP).

Using this algorithm requires a few things:

• A secure random number generator
• The usage of a Sophie-Germain prime and N be its corresponding Safe Prime.
• Validate the numbers being sent in.

The implementation of the library uses TrueRand, which is known to not be cryptographically secure. This is bad because salts and private keys become more predictable.

Additionally, the implementation uses the wrong set of primes. This compromises some aspects of the math for a ring, resulting in less security crypto. As a result, this could leak the client password.

Finally, the verification steps do not happen as they should. This allows for trivial impersonation of the server by a different client.

At the end, the author writes "Salts and private keys are predictable, the hard-coded parameters allow passwords to leak, and you can impersonate clients through active attacks.". Sounds like this is a problem.