Shulou(Shulou.com)05/31 Report--

Weak encryption implementation Detection Tools DamnVulnerableCryptoApp how to use, I believe that many inexperienced people are helpless about this, this article summarizes the causes of the problem and solutions, through this article I hope you can solve this problem.

DamnVulnerableCryptoApp

DamnVulnerableCryptoApp is an application that implements a variety of weak encryption. Researchers can use DamnVulnerableCryptoApp to view, test, or exploit weak encryption implementations of target application clocks, and cryptography beginners can use the tool to learn more about cryptography without having to understand the math behind encryption.

If you want to learn more about encryption, if you want to know how encryption attacks are performed, if you want to protect your code, but you are tired of the math behind encryption algorithms, DamnVulnerableCryptoApp is the best choice for you.

Note: The project is currently under intense development, so some features may be incomplete or unstable!

tool properties

An encryption attack sample closest to the real attack scenario is provided.

No need to write additional, complex exploit code;

Each cryptographic attack challenge provides a corresponding solution;

Provide easy to understand reference documents, no complex mathematical content, no complex formulas, only simple text;

Support testing various encryption attack vectors;

It can help every user easily understand encryption, attacks and related defense schemes;

Straight to the point, each attack challenge is the most direct exploit scenario;

tool download

Researchers can clone the project source code locally using the following command:

git clone https://github.com/DamnVulnerableCryptoApp/DamnVulnerableCryptoApp.git Project Build

Before you build your project, make sure you have your Node environment installed and configured. Next, run the following code in your local project directory:

npm run build-with-deps

Alternatively, if you have already installed the dependency component, you can run the following command:

npm run build troubleshooting

If you encounter a hash error while running your tests, you may need to modify your git line ending style:

git config --global core.eol lfgit config --global core.autocrlf input tool run npm run start

You can modify the port on which the tool runs using the following environment variables:

PORT=4000 npm run startDocker usage Get from DockerHub

Researchers can download the latest version of Docker images using the following command:

docker pull damnvulnerability scriptoapp 1/damnvulnerability scriptoapp Project Construction

If you want to build your own Docker image, run the following command:

npm build:dockerDocker run

Docker exports port 8081 by default, so we can map it to our own port:

docker run -p 8081:8081 Feature development

If you want to develop your own functionality, or run the tool without building code, you can run the following command:

npm run install-deps

But at this point you need to run the front-end and back-end apps separately.

back-end cd backendyarn start

If you want to modify the default backend port 1234, you can set it using the following environment variables:

PORT=5000 yarn start front-end cd frontyarn start

If you want to change the default front-end port 4000, you can set it using the following environment variables:

PORT=3000 yarn start

If you want to modify the server port, you need to specify the port by modifying the environment variable before opening the front end:

REACT_APP_SERVER_PORT=5000 yarn start tool running screenshot

After reading the above content, do you know how to use the weak encryption implementation Detection Tools DamnVulnerableCryptoApp? If you still want to learn more skills or want to know more related content, welcome to pay attention to the industry information channel, thank you for reading!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.