source: trunk/doc/TODO

Last change on this file was 52, checked in by tmorgan, 11 years ago

fixed an off-by-one

File size: 1.2 KB
RevLine 
[21]1Near Term
2=========
[19]3
[21]4* Ciphertext block brute-force classes
[3]5
[21]6* A stream ciphertext probe tool to build a map of different error messages
[19]7
[21]8* A tool that behaves like http2py, but generates a POA script
9
10
11
[19]12Future
13======
14
[52]15* Generalize CBC-R methods to support any block decryption oracle
16  http://blog.spiderlabs.com/2013/06/cbc-r-its-not-just-for-padding-oracles.html
17
[10]18* Codetective
19  Consider using parts of this, if useful
20  https://github.com/blackthorne/Codetective
21
22* nextrand
23  - Expand capabilities to handle nextInt calls with arguments
24  - Transition code to a library that could be called by Python
[11]25
[15]26* Consider using an SMT solver for certain problems (linear PRNGs?)
27  http://en.wikipedia.org/wiki/Satisfiability_Modulo_Theories
28
29* Add tools for testing and conducting hash length-extension attacks.
30  One tool: https://github.com/bwall/HashPump
[19]31
32* Add tool to test for LCG without knowing LCG parameters
33  See: Inferring Sequences Produced by Pseudo-Random Number Generators by JOAN BOYAR
34
35* Add Mersenne Twister attack tool
36  See: http://seclists.org/fulldisclosure/2012/Oct/190
37
38* Add tools for helping one determine the character set used by
39  randomly generated passwords, as well as determining the mapping
40  from numbers to characters
Note: See TracBrowser for help on using the repository browser.