Third laboratory for the Computer Network Security (CNS) course at Tor Vergata during scholar year 2022-2023.
In the laboratory we implemented the classical CBC padding oracle over padding scheme PKCS#7 that was introduced by Serge Vaudenay in his seminal paper “CBC Padding: Security Flaws in SSL, IPSEC, WTLS”. In order to understand how to implement the attack we have used a CTF-like challenge made up of a server TCP written in python.
Links to the material of the lecture:
Resources and references:
For any doubts feel free to contact me.
Thank you.