| Line | |
|---|
| 1 | Near Term |
|---|
| 2 | ========= |
|---|
| 3 | |
|---|
| 4 | * Ciphertext block brute-force classes |
|---|
| 5 | |
|---|
| 6 | * A stream ciphertext probe tool to build a map of different error messages |
|---|
| 7 | |
|---|
| 8 | * A tool that behaves like http2py, but generates a POA script |
|---|
| 9 | |
|---|
| 10 | |
|---|
| 11 | |
|---|
| 12 | Future |
|---|
| 13 | ====== |
|---|
| 14 | |
|---|
| 15 | * Generalize CBC-R methods to support any block decryption oracle |
|---|
| 16 | http://blog.spiderlabs.com/2013/06/cbc-r-its-not-just-for-padding-oracles.html |
|---|
| 17 | |
|---|
| 18 | * Codetective |
|---|
| 19 | Consider using parts of this, if useful |
|---|
| 20 | https://github.com/blackthorne/Codetective |
|---|
| 21 | |
|---|
| 22 | * nextrand |
|---|
| 23 | - Expand capabilities to handle nextInt calls with arguments |
|---|
| 24 | - Transition code to a library that could be called by Python |
|---|
| 25 | |
|---|
| 26 | * Consider using an SMT solver for certain problems (linear PRNGs?) |
|---|
| 27 | http://en.wikipedia.org/wiki/Satisfiability_Modulo_Theories |
|---|
| 28 | |
|---|
| 29 | * Add tools for testing and conducting hash length-extension attacks. |
|---|
| 30 | One tool: https://github.com/bwall/HashPump |
|---|
| 31 | |
|---|
| 32 | * Add tool to test for LCG without knowing LCG parameters |
|---|
| 33 | See: Inferring Sequences Produced by Pseudo-Random Number Generators by JOAN BOYAR |
|---|
| 34 | |
|---|
| 35 | * Add Mersenne Twister attack tool |
|---|
| 36 | See: http://seclists.org/fulldisclosure/2012/Oct/190 |
|---|
| 37 | |
|---|
| 38 | * Add tools for helping one determine the character set used by |
|---|
| 39 | randomly generated passwords, as well as determining the mapping |
|---|
| 40 | from numbers to characters |
|---|
Note: See
TracBrowser
for help on using the repository browser.
