Skip to content
master
Switch branches/tags
Go to file
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
 
 
 
 
 
 

README.md

Schadcode - Schadenfreude for Hash Functions

Here you may find proofs of concept illustrating how the techniques developed at https://www.131002.net/siphash/ could have been realized in practice. The code presented here breaks MurmurHash 2 and 3 in real-life situations, serving as a scary example for how relatively easily countermeasures installed after the presentation of the original "hashDoS" vulnerability by Klink and Waelde at 28C3 can be circumvented, ultimately leading to valid DoS attacks on software being frequently used today. Find out more about the details here.

Purpose

The intention is to raise the level of awareness and to demonstrate that the threat is clear and present, one with possibly severe consequences.

Disclaimer

Do not use any of the material presented here to cause harm. I will find out where you live, I will surprise you in your sleep and I will tickle you so hard that you will promise to behave until the end of your days.

License

Copyright (c) 2012 Martin Boßlet. Distributed under the MIT License. See LICENSE for further details.

About

Schadcode that demonstrates a revisited hash-flooding DoS attack (cf. https://www.131002.net/siphash/).

Resources

License

Releases

No releases published

Packages

No packages published