OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
RE: Encoding Schemes

From: David Knapman (davidkcccs.co.uk)
Date: Wed Nov 09 2005 - 08:02:07 CST

If we're trying to fathom this out from first principals, I don't think there's enough here to get started. At the moment, all we know is that the second hex digit of every byte comes out the same in both sequences. However, since both sequences share the same low-order nibbles when encoded in hex, that doesn't necessarily help yet. Next thing to look at is - is position important. If you rotate one of the sequences (say, try putting through BCDEFA, CDEFAB, etc), does the encoded output just rotate, or is it completely transformed. Finally, chuck through the complete upper and lowercase alphabets, so that we have all of the low-order nibble posibilities, and some more material to work with. -----Original Message----- From: Jason binger [mailto:cisspstudyyahoo.com] Sent: 09 November 2005 04:42 To: webappsecsecurityfocus.com Subject: Encoding Schemes Hi, I am reviewing a web app and I would like to know what encoding scheme they are using to encode their parameters. 123456 encodes to B8DCCEA11586 ABCDEF encodes to C8ACBED165F6 Any help would be appreciated. Cheers. __________________________________ Yahoo! Mail - PC Magazine Editors' Choice 2005 http://mail.yahoo.com VISIT OUR WEBSITE AT http://www.cccs.co.uk --------------------------------------------------------------------- This email message is intended for the individual to whom it’s addressed and may contain information that is privileged and confidential. If you are not the intended recipient, you are hereby notified that any use or dissemination of this communication is strictly prohibited. If you have received this information in error, please return it to us immediately and delete it from your computer. The contents or opinions expressed within this email are not intended to represent the views of CCCS unless specifically stated to be so. This email is not guaranteed to be free from any computer viruses, although it has been checked using the Trend Virus Suite. You should check this email and any attachments for the presence of viruses before downloading any files.