OWASP Security Shepherd Project - Insecure Cryptographic Storage Lesson
What is Insecure Cryptographic Storage Vulnerability/Threat?
The most common issue in cryptographic storage is simply not encrypting data that deserves encryption. When encryption is employed, unsafe key generation and storage, not rotating keys and weak algorithm usage is common. Use of weak or unsalted hashes to protect passwords is also common. These mistakes can compromise all of the data that should have been encrypted. Typically this information includes sensitive data such as health records, credentials, personal data, credit cards, etc.Lesson
In this lesson, we could just use Decoder of BurpSuite to decrypt the base64.
The result key is base64isNotEncryptionBase64isEncodingBase64HidesNothingFromYou.
p.s. Base64 is too weak to be treated as an encryption algorithms.
留言
張貼留言
Welcome to share your comments or questions : -)
Enjoy life!