quinndiggity

init_by_lua_block { require "cjson" }

server {
  listen 80 default_server;

  server_name _;

  log_by_lua_block {
    print("I need no extra escaping here, for example: \r\nblah")
  }

quinndiggity

-- luarocks install JSON4Lua
-- luarocks install luacrypto

local json = require "json"
local crypto = require "crypto"

local secret = '<MY SUPER SECRET>'
local event = 'push'
local branch = 'refs/heads/master'

quinndiggity

// ==UserScript==
// @name        Prevent link mangling on Google
// @namespace   LordBusiness.LMG
// @match       https://www.google.com/search
// @grant       none
// @version     1.1
// @author      radiantly
// @description Prevent google from mangling the link when copying or clicking the link on Firefox
// ==/UserScript==

quinndiggity

MD5 Collision with CRC32 Preimage

Here's the scenario: We want to craft two different messages with the same MD5 hash, and a specific CRC32 checksum, simultaneously.

In other words, we want an MD5 collision attack and a CRC32 preimage attack.

This might seem like a contrived scenario, but it's exactly the one I faced while producing my PNG hashquine (Yes OK maybe that's also a contrived scenario, cut me some slack).

On its own, a CRC32 preimage attack is trivial. You can craft a 4-byte suffix that gives any message a specific checksum, calculated using a closed-form expression (which I am too lazy to derive, not even with assistance from Z3). It's not an attack per-se, since CRC32 was never meant to be cryptograpically secure in the first place.