What is it? Block Cipher is an algorithm that uses a symmetric key to encrypt fixed-length plaintext blocks of, say, n-bits to produce ciphertext blocks of n-bits each. The encryption function (E) turns plaintext blocks (P) into ciphertext blocks (C) using a secret key (k). The decryption function (D) turns ciphertext blocks (C) into plaintext blocks (P) using the same secret key (k) that was used to encrypt the block.

If you did attend the ‘Appsec Pitstop’ at Rootconf 2018 (on 10th and 11th of May), then whatever follows is something that you are already well familiar with. Go ahead and setup your local vulnerable virtual box (make sure it’s an isolated environment) for Mutillidae II and DVNA. Put your creative minds at work! Use the below steps as a reference and get started. Pre-requisite Setup Mutillidae II in your local machine.

COMMON TERMS: What is a Kernel? It’s a piece of software that handles interactions between the hardware and the end-user applications. What is Linux? It’s just the name for a kernel. What is a Linux Distribution? The term refers to a complete operating system that’s built on top of the Linux kernel. What is Debian GNU/Linux? It’s a leading generic Linux distribution, known for its quality and stability.

Quite often we come across hyperlinks with catchy text (or images), and we are tempted to click on them. Next time, be careful with your clicks. Even when you trust the website you are browsing, you might become a victim and lose sensitive information to malicious users if your trusted website allows unvalidated or open redirects. THE CHALLENGE: Tamper with the original redirect URL, which is protected by a hash, and make it point to an arbitrary (malicious) URL.

I rushed back to my room and, once again, started going through Vivek Ramachandran’s tutorial videos. This had become a norm for me. Everytime I watched him speak with elegance and style, I was filled with hope and amazement. I have curiousity; and, Vivek’s videos seem to provide just the right amount of guidance that I have always craved for. It was 6:00pm and I glanced at my phone. I was about to reach for my phone, when it started ringing.