Show HN: VulnTLS a TLS server that can be hacked
github.comVulnTLS is currently a small set of TLS vulnerabilities that can be exploited to learn. Most of the vulnerabilities were already present in common TLS implementations. VulnTLS is based on AnotherTLS, a TLS implementation that I implemented from scratch for this purpose (see in the README).
Currently there are only three: - Psychic signatures: Bypass the client certificate authentication! - Timing issues: Get the private key of the server! - Dual_EC: Decrypt the captured connection!
No comments yet.