{"id":20110491,"url":"https://github.com/otsmr/vulntls","last_synced_at":"2025-05-06T10:31:53.136Z","repository":{"id":157124978,"uuid":"624396680","full_name":"otsmr/VulnTLS","owner":"otsmr","description":"Collection of TLS vulnerabilities ready to be exploited.","archived":false,"fork":false,"pushed_at":"2023-12-21T11:51:08.000Z","size":30,"stargazers_count":9,"open_issues_count":0,"forks_count":1,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-05-06T04:47:20.896Z","etag":null,"topics":["elliptic-curve-cryptography","timing-attacks","tls13"],"latest_commit_sha":null,"homepage":"","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/otsmr.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-04-06T11:28:57.000Z","updated_at":"2024-11-24T15:35:09.000Z","dependencies_parsed_at":"2023-12-21T13:26:24.584Z","dependency_job_id":"71415c87-6e13-4979-856e-1d1466b22e1d","html_url":"https://github.com/otsmr/VulnTLS","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/otsmr%2FVulnTLS","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/otsmr%2FVulnTLS/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/otsmr%2FVulnTLS/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/otsmr%2FVulnTLS/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/otsmr","download_url":"https://codeload.github.com/otsmr/VulnTLS/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252666077,"owners_count":21785192,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["elliptic-curve-cryptography","timing-attacks","tls13"],"created_at":"2024-11-13T18:12:10.154Z","updated_at":"2025-05-06T10:31:52.829Z","avatar_url":"https://github.com/otsmr.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"# VulnTLS\n\nVulnTLS is a series of CTF challenges. The series implements several\nvulnerabilities. Most of the vulnerabilities were already present in common TLS\nimplementations. The series provides a basic understanding of TLS and typical\nimplementation vulnerabilities, with a focus on cryptography.\n\nIn this repository there are different setups to exploit the different\nvulnerabilities. For this it uses the vulnerable implementation, which has its\nown [branch](https://github.com/otsmr/AnotherTLS/tree/vulntls) in the\nAnotherTLS repository.\n\n\n# Vulnerabilities\n\nThe vulnerabilities are marked with there difficulty (EASY, HARD, EXTREME). The\nevaluation is of course subjective and designed for a bachelor student.\n\n\n## Psychic signatures (EASY)\n\nBypass the client certificate authentication!\nRun the [challenge](./psychic_signatures/README.md).\n```sh\ncargo run --bin psychic_signatures\n```\n\n## Timing issues (HARD)\n\nGet the private key of the server!\nRun the [challenge](./timing_issues/README.md).\n```sh\ncargo run --bin timing_issues\n```\n\n## Dual_EC (HARD)\n\nDecrypt the captured connection!\nSee [challenge](./dual_ec/README.md) for more.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fotsmr%2Fvulntls","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fotsmr%2Fvulntls","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fotsmr%2Fvulntls/lists"}