Length Extension Attacks

What Are Hash Functions and Why Do We Care?

Hash functions are one of those tools that might seem hidden in the background but are incredibly important for protecting data. They take any amount of input (whether it's a tiny file or a huge one) and generate a fixed-length output that represents the data. It's like taking a fingerprint of the data—no matter how big or small it is, the output (the hash) will always be the same size.

Even the smallest change to the input will create a completely different hash. This makes hashes perfect for checking whether something has been tampered with. If the hash changes, you know the data isn't the same anymore.

Objectives

By the end of this room, you'll:

1. Have a strong understanding of what cryptographic hash functions are and why they're essential for data security.
2. Learn how Length Extension Attacks exploit certain hash functions.
3. Explore scenarios where these attacks might be used in real-world systems.
4. Gain practical, hands-on experience in identifying and exploiting Length Extension vulnerabilities.

Prerequisites

Before getting started, make sure you're familiar with:

1. The basics of cryptographic hash functions and how they work.
2. Key properties like pre-image resistance, collision resistance, and second pre-image resistance.
3. Simple scripting (Python is a good tool for this) for cryptography-related tasks.
4. The fundamentals of cyber security attacks, especially those targeting cryptographic systems.

Starting the Machine

Deploy the target VM attached to this task by pressing the green Start Lab Machine button. After obtaining the machine's generated IP address, you can either use the AttackBox or your own VM connected to TryHackMe's VPN.

Add MACHINE_IP to your /etc/hosts file. For example:

MACHINE_IP    lea.thm

We will be using the web application running on this machine in the upcoming tasks.