Gain insights into effective security techniques including patching, cryptography, and phishing prevention. Explore practices to make systems resistant and vulnerabilities more detectable, enhancing defense against attacks.

docker.tar.gz

network-commands

node

It seems like hardly a week goes by without a high-profile computer breach. Why do these happen? How can you prevent them? This course doesn’t have all the answers, but it does outline practices that make life harder for attackers and that will help tide you over until you get a full-time security team in place.

In this course, you will learn 5 simple, yet effective, techniques for preventing attackers from getting into your system. These techniques are related to: patching, software vulnerabilities, cryptography, windows security, and phishing. Within each chapter you will learn the best practices for preventing vulnerabilities and how to make them more detectable. 

This course is based on the Pragmatic Programmers’ book, Practical Security, and is aimed at developers, admins, team leads, architects, technology generalists, and all others who stand guard against the things that disrupt the network.

Practical Security: Simple Practices for Defending Your Systems

# Why is malleability a problem?
Malleability is another problem with ECB mode. A cryptosystem that’s malleable is one that allows for an attacker to take parts of one or more encrypted messages and combine them to forge a new message.

Remember that each block of the plaintext is encrypted completely independently, and each block of ciphertext is decrypted completely independently.

## Editing encrypted data is made possible
 So let’s say we have an application that maintains a list of admin accounts, followed by the delimiter “Banned user list,” followed by a list of banned users. And for security purposes, let’s suppose that it was decided to encrypt this list on disk using AES-ECB. If the legitimate plaintext was this: 
```text
admin1@bigco.com
admin2@bigco.com
intern@bigco.com
Banned user list
notnice@abcd.com
mean@website.com
```
Suppose this encrypts to this:
```text
00000000: 6e42 96b1 47ae 6963 0e26 7cc8 883e 1074  nB..G.ic.&|..>.t
00000010: 57ee 68e0 48d4 f5d7 a463 9fd7 394a 5a72  W.h.H....c..9JZr
00000020: 2d01 60eb 9e76 919e 46e1 eede b015 f657  -.`..v..F......W
00000030: 7610 6ab4 8c4d 2fad 3390 c051 4fa7 0964  v.j..M/.3..QO..d
00000040: e9c1 300c da3d 9d8f df70 4779 c8f0 e413  ..0..=...pGy....
00000050: d2a8 ac73 14b4 1d8a 86a7 0f77 c38a b4db  ...s.......w....
```

An attacker can just rearrange the blocks so that the last two blocks are first, followed by the delimiter, and then finally the legitimate admins. It will decrypt this just fine. This will put the banned users in the admin list and ban all the legitimate admins! From this example, we can see that, depending on the structure of the plaintext, many kinds of edits are possible—including repeating, deleting, and reordering blocks—without knowing the key.

This may seem contrived. What about block boundaries? The attack in this example works because the delimiter and the email addresses were aligned on block boundaries. Yes, the specific email addresses were contrived to work in a quick example. But the principle still holds.

 In the general case, it may take a bit more effort to rearrange the blocks so that it decrypts correctly. The attacker is aided by the fact that many file formats allow for a fair amount of malleability in the form of things like comments, whitespace, and no-ops, so it’s often possible. But nothing in AES-ECB prevents it.

## Encrypted cookies can be used

Let’s consider a second scenario. Consider a naive web application with a complex permissions model. For performance reasons, the developers have decided not to query the database for permissions on every request to this web application. Instead, at login time, and every time permissions change for a given user, the application issues a cookie whose value is an encrypted list of all the permissions that the user is granted. If this value were encrypted with ECB, a malicious user could learn about the structure of the web application and slice together pieces of several cookies they may have been issued over time and construct a new cookie for themselves that grants them administrative privileges. 

[The previous chapter](https://www.educative.io/courses/practical-security-defending-your-systems/introduction-to-cross-site-request-forgery-xsrf) listed several ways an attacker could learn more about the structure of the cookie’s value. Even without access to the source code, an attacker could start to learn about the structure of the cookie without any access to the source. An attacker could create multiple users and compare their cookies. An attacker could possibly change metadata about their account through the application and observe the change in the cookie.

 <font size="6">  &nbsp; &nbsp;  &nbsp; &nbsp;&nbsp;  &nbsp; &nbsp;   &nbsp;  &nbsp;   &nbsp;   &nbsp; &nbsp; &nbsp; &nbsp;       &nbsp;  &nbsp;  &nbsp; &nbsp;&nbsp;   &nbsp; &nbsp; &nbsp;   &nbsp; &nbsp; &nbsp;&nbsp;  **Q U I Z**  &nbsp;   </font>

ECB malleability poses a problem. Let's explore why in this lesson.

Introduction

Patching

Vulnerabilities

Cryptography

Windows

Phishing

ECB Malleability

Why is malleability a problem?