“#Hash Length Extension Attack” on YouTube
#Hash Length Extension AttackLEA vulnerability occurs when algorithms such as md5, sha128, sha256, sha512 are used to create a Signature. Also add the data you want, for example if a vulnerable hash function (such as md5, sha-256) is used to create an Access Token with the guest access level as shown below,t1 = hash (secret + "_guest") + "_guest"You can create an admin token without having a secret (as described above). This token is created…
You must be logged in to post a comment.