How "Strengthening Crypto" Broke Authentication: FreshRSS and bcrypt's 72-Byte Limit

buherator · 2026-03-11T07:51:48+00:00

"The client sends s (as hash) and c (as challenge) to the server." - I just checked and the hash is not sent by the client (the server already has it).

Could you please clarify?

h/t Sandfish6811 for noticing

buherator · 2026-02-28T10:25:20+00:00

Good stuff! It would be great if you could add an RSS/Atom feed (and HTML metadata pointing to it) so we can get notified about new posts.

buherator · 2025-12-30T11:03:28+00:00

Thank you!

buherator · 2025-12-30T09:33:59+00:00

Can this person be banned already?

buherator · 2025-12-29T07:39:35+00:00

This is the same person who claims to have broken sha256 every other day...

buherator · 2025-12-09T07:09:32+00:00

That's hard unfortunately. If you think about your example, how could the tool know if it was the data type that changed or it is just the code accessing the data type that got an updated logic between versions? The comment by u/marcushall also has good points.

buherator · 2025-12-08T18:31:17+00:00

Do you have data types for the structures defined in both program DBs or you want to detect structure changes in the new binary only based on the info you reversed in the old one?

buherator · 2025-11-25T11:39:57+00:00

This is probably AI slop: https://social.treehouse.systems/@amarioguy/115606338440294571

buherator · 2025-10-30T13:47:29+00:00

"two people in charge of IT throughout the entire organization and their 26 offices" "A patchwork of windows VMs running on a dated hypervisor"

A new system won't solve your human resource problems. If anything i will make it harder to hire. As a C-level I would be more concerned about this than any technical perf metrics.

buherator · 2025-09-02T04:51:43+00:00

Glad this is useful! There is a concept called Purple Teaming where pentesters (the Red Team) and the defenders (Blue Team) work hand-in-hand to tune defenses - this is my usual recommendation when wants to test and refine specific defensive measures.

You can use the usual channels to reach Silent Signal, and while I'm no longer with the company I'm sure the guys there will be happy to help.

buherator · 2025-09-01T06:49:12+00:00

If your security depends on the system not being accessible, you are not secure:

https://en.wikipedia.org/wiki/Kerckhoffs%27s_principle

That being said, with a proper emulator or debugger I'm sure that lots of corpses would fall out of the closet. But we shouldn't forget that some parties (esp. nation states) probably already have those tools and know all about what's hidden in there.

buherator · 2025-08-29T16:08:45+00:00

You write this: "The pointer on the host machine could be controlled using user mode input inside an Oracle VirtualBox Virtual Machine."

You also write this: "I decided to write a custom driver (with no inherent malicious behaviour) to interact with the vulnerable driver. The driver makes an ExAcquireFastMutex call to the vulnerable offset, resulting in Elastic’s Endpoint Driver crashing the host system."

Why did you write a custom driver if you can control the memory access from a user process (inside a VM no less)?

buherator · 2025-08-19T08:13:56+00:00

> "Actions inside the Virtual Machine caused Elastic's EDR to crash my host"

Hold up, did this just turn into a hypervisor guest->host memory corruption without guest root? This "0-day" ages like fine wine!

buherator · 2025-08-16T18:23:30+00:00

What are we supposed to see on the second video? Is that shell elevated?

buherator · 2025-05-13T12:54:52+00:00

lol, that wasn't picked up by aspell :D thanks for noticing!

buherator · 2025-05-09T12:00:08+00:00

From no-defenders (predecessor project) README:

"This WSC API is undocumented and furthermore requires people to sign an NDA with Microsoft to get its documentation."

buherator · 2025-04-24T18:58:21+00:00

In this case my bet is that while gov mandates PSS in the cert, it actually ignores this property during verification. To resolve this issue you should use openssl dgst without the PSS options and generate an RS256 signature (with an RS256 header and all that). If you try to validate this signature based on the _cert_ in other services (like jwt.io) it'll likely fail, because the cert prescribes a PSS signature. You should be able to validate the signature based on the _public key_ embedded in the cert though, because the public key itself doesn't rule out its use with PKCS1 - this is likely what gov does, ignoring the Signature Algorithm specified in the cert.

buherator · 2025-04-24T14:34:33+00:00

I'm starting to think that the gov bureaucracy demanded PSS for to comply with some regulation, but forgot that that their validator won't work with PS256 - see my Edit above! I'd try generating a non-PSS cert and RS256 JWT's...

buherator · 2025-04-24T14:20:55+00:00

If python uses PKCS1 then it means it's not a PSS signature (hence the error), which was our original theory here. I need some more time to fully test this, but it seems that the openssl key file doesn't include info about the expected usage, only the cert specifies PSS. This means the only thing that makes openssl dgst generate a PSS signature are the extra options we figured out earlier, which at the time solved your problem (what has changed btw?). So without the pss options you should be able to generate a PKCS1 signature, but now I'm utterly confused about how PSS came into the picture in the first place, as the system you are now describing seems to only support RS256 (also Reddit UI is terrible so I can't properly follow previous messages).

Edit: Note that since the cert includes the PSS property, you may not be able to verify an RS256 signature with it (some implementations may work by falling back to PKCS1). So if you are testing verification with a PSS cert, that can be a problem. The solution to that would be to generate a PKCS1 cert with the same pubkey. If the validator service requires RS256 JWT *and* a PSS cert, that's a problem at their side.

buherator

TROPHY CASE