[SECURITY] Develop TLS 1.0/1.1 client with invalid CBC padding
$30-250 SGD
Suljettu
Julkaistu noin 9 vuotta sitten
$30-250 SGD
Maksettu toimituksen yhteydessä
Tool Nature:
Simple TLS client that connects to TLS server using TLS 1.0 and TLS 1.1 with incorrect CBC padding. And it must be able to send HTTP request to get HTTP response from the server.
Develop proof-of-concept tool in Java for POODLE v2. Your tool result must be fully aligned with results from [login to view URL]
Background:
Poodle v2
It has been recently discovered that the POODLE vulnerability affects more than simply SSL 3.0. Improper checking of TLS “padding” means that the vulnerability may also be used to exploit TLS 1.0 and TLS 1.1.