feat: found the exploit in the code and attaced the server

2026-05-02 19:48:28 +02:00
parent a23ec65d30
commit 07568edbcd
2 changed files with 82 additions and 0 deletions
--- a/sheet03/a2/a.txt
+++ b/sheet03/a2/a.txt
@@ -0,0 +1,5 @@
+The Code uses unsalted hashes of the passwords.
+That way there is no random data added to the hashes and it is very easy to find identical hashes using
+pre-computed lookup tables.
+
+Using such a tool we found that the password admin123 has the same hash that is stored for the username admin.