hash attack

“#Hash Length Extension Attack” on YouTube

#Hash Length Extension AttackLEA vulnerability occurs when algorithms such as md5, sha128, sha256, sha512 are used to create a Signature.  Also add the data you want, for example if a vulnerable hash function (such as md5, sha-256) is used to create an Access Token with the guest access level as shown below,t1 = hash (secret + "_guest") + "_guest"You can create an admin token without having a secret (as described above).  This token is created…

Read More