diff options
author | Jesse Luehrs <doy@tozt.net> | 2019-04-09 04:40:00 -0400 |
---|---|---|
committer | Jesse Luehrs <doy@tozt.net> | 2019-04-09 04:40:00 -0400 |
commit | 70cd550be6f30ba9c67abd7235377e9496cb290f (patch) | |
tree | b42162957542a9c5d75701dab9bd2f9c9bdcc819 /src | |
parent | 4c12a9eed43b6c0a2c3b194a7201ba25e0b8432b (diff) | |
download | matasano-70cd550be6f30ba9c67abd7235377e9496cb290f.tar.gz matasano-70cd550be6f30ba9c67abd7235377e9496cb290f.zip |
add a web server that's weak to timing attacks
Diffstat (limited to 'src')
-rw-r--r-- | src/bin/timing_attack.rs | 61 |
1 files changed, 61 insertions, 0 deletions
diff --git a/src/bin/timing_attack.rs b/src/bin/timing_attack.rs new file mode 100644 index 0000000..ffcfac9 --- /dev/null +++ b/src/bin/timing_attack.rs @@ -0,0 +1,61 @@ +use rand::RngCore; +use serde_derive::Deserialize; + +#[derive(Deserialize)] +struct Info { + file: String, + signature: String, +} + +fn gen_key() -> Vec<u8> { + let mut key = [0u8; 80]; + rand::thread_rng().fill_bytes(&mut key); + key.to_vec() +} + +fn insecure_compare(a: &[u8], b: &[u8]) -> bool { + if a.len() != b.len() { + return false; + } + + for i in 0..a.len() { + if a[i] != b[i] { + return false; + } + std::thread::sleep(std::time::Duration::from_millis(50)); + } + + true +} + +fn index(info: actix_web::Query<Info>, key: &[u8]) -> String { + let hmac = matasano::sha1_hmac(&info.file.clone().into_bytes(), key); + if insecure_compare( + &hex::decode(info.signature.clone()).unwrap(), + &hmac[..], + ) { + "true".to_string() + } else { + "false".to_string() + } +} + +fn main() { + let sys = actix::System::new("timing_attack"); + + let key = gen_key(); + println!("{}", hex::encode(&key)); + + actix_web::server::HttpServer::new(move || { + let key = key.clone(); + actix_web::App::new().resource("/", |r| { + r.method(actix_web::http::Method::GET) + .with(move |info: actix_web::Query<Info>| index(info, &key)) + }) + }) + .bind("127.0.0.1:9000") + .unwrap() + .start(); + + let _ = sys.run(); +} |