Cryptovault
Five machines where the vulnerability is the cryptography itself. Predictable tokens, weak JWT secrets, hash length extension, padding oracles, and a factorable RSA key — break the math, own the machine.
The Machines
Five cryptographic failures. All exploitable. No guessing.
Token is MD5(username + epoch//60). You know the username. Brute the current minute window, generate the valid token, authenticate as admin.
HS256 JWT with secret=password123. Crack it with hashcat mode 16500 or jwt_tool. Reforge the token with role=admin and access the protected endpoint.
SHA1 HMAC with secret=secret. The server uses length extension to verify admin=1. Use hashpump or hlextend to append the parameter without knowing the full secret.
AES-CBC session cookie. /check returns 400 for bad padding vs 403 for bad auth — a classic padding oracle. Decrypt the token, forge admin=1, re-encrypt.
512-bit RSA public key served at /pubkey. Factor N with msieve or yafu, recover d, decrypt the /challenge ciphertext to reveal SSH credentials.
Attack Chain
Recommended order of attack.
Ready to break the math?
Five cryptographic failures. From trivial to complex. Applied crypto attacks in one series.
Launching 18 July 2026 — applied cryptography attack series from weak tokens to RSA factorization.