CS166 / CS162

This demo demonstrates the pitfalls of key re-use with one time pads. Download the script: pad.py

You can invoke the script like this: python pad.py <imageKey-path> <image1-path> <image2-path>

NOTE: You will need to install cv2 and numpy. If you have the pip installer for Python, you can install these as follows (note that you may need to install these as root (i.e., using sudo)):

pip install opencv-python pip install numpy

This demo demonstrates the pitfalls of using biased random number generators for creating one time pads. The program encrypts an image by generating a stream of pseudorandom pixels, and adding it to the image to obtain a ciphertext. You can set the bias of the pseudorandom number generator (PRNG) used to produce this stream using the slider bar. Download the script: stream.py

You can invoke the script like this: ./stream.py [--pre-cache] <jpeg>

Note that this program only works for JPEGs, and the encryption is very slow. Use it only on small images. The –pre-cache flag tells the program to first compute all of the encrypted images it will display before showing the UI so that the UI is more responsive once it loads.

NOTE: You will need to install scipy, numpy, and PIL. If you have the pip installer for Python, you can install these as follows (note that you may need to install these as root (i.e., using sudo)):

pip install scipy pip install numpy pip install PIL

This demo shows how you can run cryptography utilities right from the command line! Download the entire toolkit here: openSSL_2019.zip!

If you don’t yet have openSSL installed on you machine, you can get it using the instructions on their download page here. It is installed on the department machines already.

You can always use the man pages for each command to find what it does and what the arguments are. We provide the demos as a starting point and urge you to explore on your own! Also, as you may remember from CS33, to run any of these scripts, type ./ in the commandline.

This demo explores different kinds of web technology (HTTP Protocol, JavaScript, and Cookies). This is particularly useful as we transition into the web security part of the course. Click here to review the demo.

This demo shows how an attacker could use a victim’s cookie to gain access to their session, with the help of Burp Suite to intercept HTTP requests. Click here to review the demo.

This demo shows how an attack can use Hashcat, a free, fast password recovery tool, to recover plaintext passwords from insecure hash functions. Click here to review the demo.

You can download a Hashcat binary from the Hashcat website directly here. Hashcat is fast because it contains hand-optimized kernel code that allows it to permute and hash passwords very quickly, though newer versions of Hashcat allow you to run Hashcat on your computer’s GPU for even faster performance.

You may also look at the source code on Hashcat’s Github repository. If you have trouble using the GPU version of Hashcat on your computer, you might try using the CPU-only Hashcat Legacy, which can be found at the Hashcat Legacy repository. (Hashcat Legacy is the version we displayed during the demo, and it’s still extremely fast in terms of the number of passwords it can hash per second.)

Once you have Hashcat installed, make sure Hashcat has been properly set up by running the benchmarks: ./hashcat -b To perform the dictionary attacks from the demo, you’ll need rockyou.txt, a list of plaintext passwords recovered from the 2009 RockYou hack (download; warning, large file that might be flagged by anti-malware software). You can also try cracking some of the hashes in the eharmony.hash dataset from the 2012 eHarmony data breach (download; same warnings as previous download).

This demo shows the damage an attacker can cause with just 10 seconds of access to your CS account. Watch the video here. To perform the attack, the following commands were run: cp /bin/sh /home/kle2/public chmod 4777 /home/kle2/public/sh

Remember to log off your department machines!

This demo shows how we might craft an adversarial sample to fool a classifier. Check out the web app here.

In this demo, Olivia showed how to use Wireshark to sniff network traffic. We also explored using the TOR browser.