"And I will steal the code that was written previously, because I am a man of class" - John Hammond

I liked that John from the future.

The reason I love this guy so much is because he is not a tool addict

Hey John, just wanna say your videos are literally the best in this sector of youtube. Its just doesn't get boring and is really informative. Thank you so much for your content!

Amazing video as always! Love to see 'em notifications when you upload a video. Thank you for these absolutely great videos John!

I don't think that this is a hacky way. It's more that it's a good way of visualizing why you should not be using the DECRYPTION function of a block cipher for ENCRYPTING anything. I am pretty sure that is the source of the incorrect behavior here. One of the special characteristics of the CFB mode of operation is that it's decryption phase can be parallelized, because the blocks do not depend on each other. They do when the encryption function is used, but not when decrypting. This means that if you can provide the IV as well as the ciphertext being decrypted, identical blocks will decrypt to identical plaintext. Essentially, what is happening here is that the whole chaining of blocks is lost, and you are essentially "encrypting" as if you used ECB as the mode of operation, which suffers from the same issue. That issue being that identical blocks of plaintext encrypt to identical blocks of ciphertext, and thus patterns in the plaintext are preserved in the ciphertext. Edit: Actually, I want to expand this explanation with an important remark. The decryption function produces identical blocks in this case, because the entire input, the 69 byte-long array of IV + token, is made up of identical bytes. This is important because decryption in CFB mode is done in the following way: 1. Feed IV into AES encryption (important!) function, with some key K. 2.a XOR the output with the first block of the ciphertext, let's call it Ci_1. 2.b Result of 2.a is first block of plaintext. 3. Feed Ci_1 into AES encryption (important!) function, with some key K. 4.a XOR the output with the second block of the ciphertext, let's call it Ci_2. 4.b Result of 4.a is the second block of the plaintext. etc. etc. These steps are repeated for each block of ciphertext, increasing the index of Ci by 1 each time, until everything is processed. However, if IV = Ci_1 = Ci_2 = Ci_3 = ... = Ci_n for n blocks of ciphertext, then we are simply doing the exact same operation over and over again, a total of n times. Let us call this special case of IV Ci_0, and keep the property that Ci_0 = Ci_1 = Ci_2 = ... = Ci_n. Then the process becomes: 1. Feed Ci_0 into AES encryption (important!) function, with some key K. 2.a XOR the output with the first block of the ciphertext, which is Ci_1. But since Ci_1 = Ci_0, we actually simply XOR with Ci_0. 2.b Result of 2.a is one block of the plaintext. Iterate n times to generate all blocks of the plaintext. Now it is easy to see that running Ci_0 through AES with the same key, which we neither know nor need, and then XOR:ing the result with the input, Ci_0, n times will give us the exact same output n times. Alas, we will get a "password", that is comprised of the exact same bytes repeated 53 times in the challenge.

"...so it's going to stomp over errors in a weird way... in a normal way, not weird at all, but..." - John Hammond, 2021

Absolutely love your content John!

Great video man! Was kinda hoping you'd talk about the similarities of this challenge and the ZeroLogon vulnerability, since both are vulnerable due to the use of the CFB library.

Hi John, I hope you will share with us all the remaining challanges in this cathegory :P Super dooper interesting! Cheers

So many things I didn’t understand in such a short time

its interesting and amazing.

Love your content! Can you make a video on how to efficiently take notes? I’m struggling to find a good way ti keep notes on commands and tactics

yes, it is

Best video

Great work I aspire to be like you in the future

More please

I love your content. Keep it up.

Hey John, What did you study to be well versed in these topics? Certifications or degree plans? Im just breaking into the industry, thanks!

Your fan

I find it interesting that brute force is even possible - many CTFs I've used explicitly set challenges so that BF is not the answer.

Love from india

Hohn Jammond xD

hi so umm just wanted to ask if you will be doing videos on that guidepoint august ctf

Like.

you’re using a live vm ?

Considering the processing power of modern computers, does

Which os you are using sir.....

From where did you learned python

I hope you have a "1337 h4xx0r" Sticker somewhere on your equipment. Since, if not you, who else?

What is your Linux distro? 🚶

Pretty sure this is a bug in how the crypto library they were using implemented CFB mode.

Please add subtitle @johnhammond

liked your tryhackme throwback T-shirt ...... keep it up sir ..... great efforts

iPhone or Android?

Could you create malware for a 3D printer?

Given how much you use sublime it should not be unregistered

Discord invite not working

Ads by aws 😁

Please help us

this first comment?

Damn, you can really use a computer

"I will use a shebang line because I am a man of class" - Don't you mean you're a man IN a class??

nice vid matey, im in same boat id love to work in this area, anyone want to try creating a new UK team for some adventures and some proper learning, give me mesage ppl cheers, ex RAF with cyber quals:) subscribed matey nice work

parrot os securty ka full tutorial video banye youtube par full tutorial koey bhi nahi banaya hi sir

Can someone confrim this? (I'm retarded) Basically step 1: he reversed engineered and found out the output is a stream of the same character step2: he tried to login with all possibilities step3: worked

jesus christ stop typing so fast 😂

Can you show us how to hack ECC so I can hack bitcoin addresses?