Syntax Error Nullification and Coding Analytics Workgroup alt text here

access

MATLAB Does Add Up – A 64bit Response

May 4th, 2010
by admin.
No comments yet

Matlab and Octave DO support 64 bit unsigned numbers, they don’t support any mathematical operations on them. Computations in matlab/octave are limited as follows because they follow the IEEE standard for binary arithmetic:

  1. matlab does compute64 bits are allocated to a number,
  2. The LSB is N1 (to match with Matlab/Octave nomenclature), MSB is N64
  3. Then N1 is used as a sign bit
  4. N2-N13 are used to store the exponent (ranging from -1021 to 1024)
  5. The remaining bits 52 are used to store the mantissa (the fractional component)

There is no way to perform computations on unsigned 64 bit number – doing so will result in truncation. If your unsigned number exceeds 53bits you’ll begin seeing truncation of your least significant bits.

Here is one cheesy way to do it:

Create a set of functions which convert numbers to string and perform operations on those string (Next Two Code Sources from J. Franco):

Converting to a big int:

[code language="cpp"] function number = toBigInt(n);
number = '';
while n ~= 0
number = [char(mod(n,10)+'0') number];
n = floor(n/10);
end
end[/code]

Adding two big ints:

[code language="cpp"]function s3 = addBigInt(s1,s2);

if length(s1) < 1 && length(s2) < 1 s3 = '0';  % if s1,s2 == [] answer = 0
elseif length(s1) < 1 s3 = s2;        % if s1 == [] then s2 is the answer
elseif length(s2) < 1 s3 = s1;        % if s2 == [] then s1 is the answer
else
carry = 0;                         % define the carry
s3 = '';                           % define the answer
dh = max(length(s1),length(s2));   % maximum number of digits to worry about

% From least significant digit, change digit chars to numbers, add with
% carry to get new carry and new digit, convert new digit back to char
% and stick into solution.  If a number runs out of digits, use 0.
for i=1:dh
if i <= length(s1) n1 = s1(length(s1)+1-i)-'0'; else n1 = 0; end
if i <= length(s2) n2 = s2(length(s2)+1-i)-'0'; else n2 = 0; end
n = n1 + n2 + carry;            % add the ith digits of s1, s2 and carry
carry = floor(n/10);            % save the carry
s3 = [char(mod(n,10)+'0') s3];  % compute the answer digit
end
% If there is a carry at the end, change to char and stick it at front
if carry > 0 s3 = [char(carry+'0') s3]; end
end
[/code]

Get it? – perform your your operations on strings,  when necessary,  split the strings into manageable chunks and change them back to numbers with the correct exponentiation.

It’s possible to do this cleaner and more efficient– this is just a quick and dirty solution.

XML signature HMAC truncation authentication bypass

Aug 11th, 2009
by admin.
No comments yet

s2avatarsetting

standards

by
Singh Ryu

SENCAW | AUTHOR
The XML Signature specification allows for HMAC truncation, which may allow a remote attacker to bypass authentication.
XML Signature Syntax and Processing (XMLDsig) is a W3C recommendation for providing integrity, message authentication, and/or signer authentication services for data. XMLDsig is commonly used by web services such as SOAP. The XMLDsig recommendation includes support for HMAC truncation, as specified in RFC2104. However, the XMLDsig specification does not follow the RFC2104 recommendation to not allow truncation to less than half of the length of the hash output or less than 80 bits. When HMAC truncation is under the control of an attacker this can result in an effective authentication bypass. For example, by specifying an HMACOutputLength of 1, only one bit of the signature is verified. This can allow an attacker to forge an XML signature that will be accepted as valid.
This vulnerability can allow an attacker to bypass the authentication mechanism provided by the XML Signature specification.
Solution:
Apply an update
Please check with your vendor for available updates. Erratum E03 for the XMLDsig recommendation has been added, which specifies minimum values for HMAC truncation.
HMAC truncationThe XML Signature specification allows for HMAC truncation, which may allow a remote attacker to bypass authentication.
XML Signature Syntax and Processing (XMLDsig) is a W3C recommendation for providing integrity, message authentication, and/or signer authentication services for data. XMLDsig is commonly used by web services such as SOAP. The XMLDsig recommendation includes support for HMAC truncation, as specified in RFC2104. However, the XMLDsig specification does not follow the RFC2104 recommendation to not allow truncation to less than half of the length of the hash output or less than 80 bits. When HMAC truncation is under the control of an attacker this can result in an effective authentication bypass. For example, by specifying an HMACOutputLength of 1, only one bit of the signature is verified. This can allow an attacker to forge an XML signature that will be accepted as valid.
This vulnerability can allow an attacker to bypass the authentication mechanism provided by the XML Signature specification.
Solution:
Apply an update
Please check with your vendor for available updates. Erratum E03 for the XMLDsig recommendation has been added, which specifies minimum values for HMAC truncation.

Simple Perl Sniffer

Jul 30th, 2009
by admin.
No comments yet

    Here’s a simple example of a script that sniffs an ethernet line for all TCP/IP packets bound to/from a particular host and dumps out the source/destination IP address/port and a hex dump of the packet’s contents:

perl snifferHere’s a simple example of a script that sniffs an Ethernet line for all TCP/IP packets bound to/from a particular host and dumps out the source/destination IP address/port and a hex dump of the packet’s.

#!/usr/bin/perl -w
use strict;
use Net::PcapUtils;
use NetPacket::Ethernet;
use NetPacket::IP;
use NetPacket::TCP;
use Data::HexDump;
Net::PcapUtils::loop(\&process_pkt, FILTER => 'ip host 192.168.1.252')
+;
my $i=0;
sub process_pkt {
  my ($user_data,$hdr,$pkt)=@_;
  my $eth=NetPacket::Ethernet->decode($pkt);
  if($eth->{type} == 2048){
    my $ip=NetPacket::IP->decode($eth->{data});
    if($ip->{proto} == 6){
      my $tcp=NetPacket::TCP->decode($ip->{data});
      print "\n\n$i $ip->{src_ip}($tcp->{src_port}) -> $ip->{dest_ip}(
+$tcp->{dest_port})\n";
      print HexDump $ip->{data};
      $i++;
    }
  }
}

Federal Information Security Management Act (FISMA)

Jul 30th, 2009
by admin.
No comments yet
NIST

NIST

The National Institute of Standards and Technology (NIST) developed this document in furtherance of its statutory responsibilities under the Federal Information Security Management Act (FISMA) of 2002, Public Law 107-347.

NIST is responsible for developing standards and guidelines, including minimum requirements, for providing adequate information security for all agency operations and assets, but such standards and guidelines shall not apply to national security systems. This guideline is consistent with the requirements of the Office of Management and Budget (OMB) Circular A-130, Section 8b(3), “Securing Agency Information Systems”, as analyzed in A-130, Appendix IV: Analysis of Key Sections. Supplemental information is provided in A-130, Appendix III.
This guideline has been prepared for use by Federal agencies. It may be used by nongovernmental organizations on a voluntary basis and is not subject to copyright, though attribution is desired. Nothing in this document should be taken to contradict standards and guidelines made mandatory and binding on Federal agencies by the Secretary of Commerce under statutory authority, nor should these guidelines be interpreted as altering or superseding the existing authorities of the Secretary of Commerce, Director of the OMB, or any other Federal official. More