WebApp Sec mailing list archives
RE: Encoding Schemes
From: "David Knapman" <davidk () cccs co uk>
Date: Wed, 9 Nov 2005 14:02:07 -0000
If we're trying to fathom this out from first principals, I don't think there's enough here to get started. At the moment, all we know is that the second hex digit of every byte comes out the same in both sequences. However, since both sequences share the same low-order nibbles when encoded in hex, that doesn't necessarily help yet. Next thing to look at is - is position important. If you rotate one of the sequences (say, try putting through BCDEFA, CDEFAB, etc), does the encoded output just rotate, or is it completely transformed. Finally, chuck through the complete upper and lowercase alphabets, so that we have all of the low-order nibble posibilities, and some more material to work with. -----Original Message----- From: Jason binger [mailto:cisspstudy () yahoo com] Sent: 09 November 2005 04:42 To: webappsec () securityfocus com Subject: Encoding Schemes Hi, I am reviewing a web app and I would like to know what encoding scheme they are using to encode their parameters. 123456 encodes to B8DCCEA11586 ABCDEF encodes to C8ACBED165F6 Any help would be appreciated. Cheers. __________________________________ Yahoo! Mail - PC Magazine Editors' Choice 2005 http://mail.yahoo.com VISIT OUR WEBSITE AT http://www.cccs.co.uk --------------------------------------------------------------------- This email message is intended for the individual to whom it’s addressed and may contain information that is privileged and confidential. If you are not the intended recipient, you are hereby notified that any use or dissemination of this communication is strictly prohibited. If you have received this information in error, please return it to us immediately and delete it from your computer. The contents or opinions expressed within this email are not intended to represent the views of CCCS unless specifically stated to be so. This email is not guaranteed to be free from any computer viruses, although it has been checked using the Trend Virus Suite. You should check this email and any attachments for the presence of viruses before downloading any files.
Current thread:
- Encoding Schemes Jason binger (Nov 09)
- Re: Encoding Schemes Rogan Dawes (Nov 09)
- Re: Encoding Schemes Marcus Williams (Nov 09)
- Re: Encoding Schemes ilaiy (Nov 09)
- Re: Encoding Schemes Peter Conrad (Nov 09)
- Re: Encoding Schemes Vasiliy (Nov 09)
- <Possible follow-ups>
- RE: Encoding Schemes David Knapman (Nov 09)
- RE: Encoding Schemes Griffiths, Ian (Nov 09)
- Re: Re: Encoding Schemes cisspstudy (Nov 09)
- RE: Re: Encoding Schemes Lyal Collins (Nov 09)
- Re: Encoding Schemes Haroon Meer (Nov 09)
- Re: Encoding Schemes Byron L. Sonne (Nov 09)