Skip to content
master
Go to file
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 

README.md

Allied Irish Banks have web and mobile portals providing the usual sorts of services that we have come to expect our banks to provide online.

For the newer mobile API, the bank has gone to some trouble to obfuscate it, using a custom Diffie-Hellman implementation. The scripts in this repository give details on how to deal with this.

I created this repository to highlight AIB's online security problems when I wrote about them here and here. The good news is that some time in early-to-mid 2016, the bank closed the loophole highlighted in the second of these posts.

The scripts here should enable anyone to write their own front end for the bank's API.

About

Security theatre at Allied Irish Banks: a demonstration in python

Resources

Releases

No releases published

Languages

You can’t perform that action at this time.