Skip to content
This repository

CryptOMG is a configurable CTF style test bed that highlights common flaws in cryptographic implementations.

branch: master
README.txt
CryptOMG
Released on SpiderLabs Anterior <blog.spiderlabs.com>
Andrew Jordan <AJordan@trustwave.com>
https://www.trustwave.com

INTRODUCTION
============

***
WARNING: CryptOMG IS AN INTENTIONALLY VULNERABLE APPLICATION. IT SHOULD 
ONLY BE INSTALLED ON A TRUSTED WEB ENVIRONMENT. IT SHOULD NOT BE PUBLISHED
ON A PRODUCTION SERVER AND SHOULD NOT BE ACCESSIBLE THROUGH THE INTERNET.
***

CryptOMG is a configurable CTF style test bed that highlights common
flaws in cryptographic implementations. Most of the challenges are
designed to be cipher independent and to illustrate this, configuration
options are provided that allow you to change the algorithm in use as 
well as the type of encoding.

Cool Stuff Includes:
o Cryptographic Oracles
o Side Channel Attacks
o Electronic Code Book Flaws
o Configuration options for cipher and encoding

REQUIREMENTS
============

A webserver running PHP 5.x
MySQL
libmcrypt4

PHP Modules/Libraires:
php5-mysql
php5-mcrypt

USAGE
=====
Place the CryptOMG source files somewhere in your webroot. Modify
/includes/db.inc.php with the settings for your database server.

COPYRIGHT
=========

CryptOMG - A configurable CTF style test bed.
Andrew Jordan
Copyright (C) 2012 Trustwave Holdings, Inc.

This program is free software: you can redistribute it and/or modify it 
under the terms of the GNU General Public License as published by the 
Free Software Foundation, either version 3 of the License, or (at your 
option) any later version.

This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of 
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General 
Public License for more details.

You should have received a copy of the GNU General Public License along 
with this program. If not, see <http://www.gnu.org/licenses/>.
Something went wrong with that request. Please try again.