Will using CTR mode with unique IVs, but only one password for encrypting multiple files, leak data or keys?

I’m working on a project to encrypt many files with a single password.

The steps I will employ to encrypt the files are:

  1. user will execute a command similar to tool --encrypt --recurse directories/to/recurse and-other-files.txt
  2. the user will be prompted for a password
  3. two 64 byte crypto random salts and a 16 byte crypto random IV will be generated
  4. no 2 files will ever use the same salts or IV
  5. each individual salt will be combined with the password to create to 2 separate argon2id keys
  6. one key will be 32 bytes long and is used for the AES-256 cipher block
  7. the other will be 64 bytes long and will be used as the key for a sha-512 hmac
  8. the resulting encrypted file will be written as 2ByteVersion:64ByteHMACSalt:64ByteCipherBlockSalt:16ByteIV:EncryptedData:64ByteHMACSignature

I believe this would result in a reasonably secure, set of encrypted files. My main concern though, is that because of the way that users will use this tool, there is a good chance that they will accidentally encrypt small, easily guessed files.

And since CTR mode doesn’t require padding, anyone with access to the encrypted file will know the length of the plaintext file. It seems that CTR mode is considered secure for files, provided the IV is unique for each encryption run and the file is authenticated.

Is there a chance that the cipher key, HMAC key, or password could be derived through a known plaintext attack from enough small guessable files? Are there any other glaring flaws in my methodology that could leak data?

Memory Leak al renderizar un largo arreglo de Objetos con VueJS

estoy teniendo serios problemas de memoria al cargar una larga lista de objectos y al momento de renderizarla en mi aplicación VueJS, más precisamente en un V-FOR anidado, queda así:

<div id="contenido" ref="refContenido" class="q-mt-lg" v-show="votantes.length > 0">   <div class="row q-mb-sm" v-for="(item, index) in votantes" :key="index">     <div class="col-12 text-bold bg-teal-3" style="height: 35px; line-height: 35px; border: 1px solid black;">       <p class="q-ml-sm">Provincia: {{ item.provincia }} ({{ CountByProvincias(item.municipios) }})</p>     </div>     <div class="col-12" v-for="(muns, idx1) in item.municipios" :key="idx1">       <div class="row">         <div class="col-12 text-bold" style="height: 35px; line-height: 35px; border: 1px solid black;"><p class="q-ml-sm">Municipio: {{ idx1 }} - ({{ CountElectores(muns) }})</p>         </div>         <div class="col-12">           <div class="row">             <div class="col-12 q-table-dense">               <table class="q-table q-table-horizontal-separator" style="border: 1px solid black">                 <thead>                 <tr class="text-center text-bold bg-primary">                   <th class="text-white">Nombres</th>                   <th class="text-white">Cédula</th>                   <th class="text-white">Teléfono</th>                   <th class="text-white">Recinto</th>                   <th class="text-white">Residencia</th>                 </tr>                 </thead>                 <tbody>                 <tr v-for="(voters, idx2) in muns" :key="idx2">                   <td class="text-center">{{ voters.nombres }}</td>                   <td class="text-center">{{ voters.cedula }}</td>                   <td class="text-center">{{ voters.telefono }}</td>                   <td class="text-center">{{ voters.recinto }}</td>                   <td class="text-center">{{ voters.municipioVive + ', ' + voters.provinciaVive }}</td>                 </tr>                 </tbody>               </table>             </div>           </div>         </div>       </div>     </div>   </div> </div> 

No logro indetificar en el Snapshot de Chrome, estoy seguro es la forma de cargar esa información, si es así por favor indíquenme la mejor manera de mostrar esa info.

Saludos

Remote Buffer Overflow w/out Memory Leak

I’m working on an exploit development challenge right now in which I’ve been presented with a compiled binary and I have to exploit it on a remote server. No stack protections have been enabled and ASLR is disabled. I’ve written the exploit successfully and tested on my device and it works. However when I run it on the remote server it fails.

There aren’t any memory leaks so I can’t do a ret2libc style attack and I’m not very good at ROP. The buffer overflows by quite a bit and there is an executable stack. What are the other options rather than ROP that I could use to get EIP pointing to my buffer without knowing it’s exact location? Is it possible to use just a couple gadgets to point EIP to some location relative to the current stack? If so, could one potentially help explain the ASM required to do that?

Thank you in advance.

Systemd-Journal possible memory leak

Just posting here for someone to have a quick look. Google results sit in 2 camps “that shouldn’t happen” and “linux uses RAM differently… duh!”

I have a VPS that acts as a VPN gateway. Its been fine since I started it but has recently been showing signs of a memory leak. I honestly couldnt say if it links up with an update install, sorry. As you can see in the screenshot below, for weeks the RAM usage was normal until it suddenly started rising at a constant rate. Restarting the server (the last little bit) brought it down but it looks to be rising again.

Is this normal? Anything i can do?

18.04.2 LTS Latest Updates

RAM Usage in Blue

Cannot find the cause of Memory Leak in C# Winforms Application

I have a program that processes multiple images.The memory spikes from 70MB to 300-400-600Mb and comes down when processing a large number of high resolution images. I have disposed of all Bitmaps,used the using statment wherever possible,but the memory leak cannot be fixed.Can someone please help me out

The coremethod called is this

Boolean batchprocess(Image<Bgr, byte> img, Bitmap bit, Bitmap orgbitmap, string file) {     try     {         pictureBox5.Controls.Clear();         pictureBox5.Invalidate();           if (pixdatas.Length != 0)         {              var pixdata = pixdatas.Last();             Point cpoint = getcenter(pixdata);             // foreach (var pixdata in pixdatas)             //  {             Rectangle newpixdataRect = new Rectangle();             newpixdataRect.Location = pixdata.Location;                //-------->>>>>>>>>>>>>>>>>>>>>>>>> Running Normal Code                   newpixdataRect.Y = (int)(pixdata.Y - pixdata.Height / 1.8);                    Rectangle ResizedRect;                 Rectangle originalrect = newpixdataRect;                 newpixdataRect = ConvertToLargeRect(newpixdataRect, orgbitmap.Size, bit.Size);                 if (cropmode == 3 && ismastercropset)                 {                      Size tsize = new Size((int)(mastercropsize.Width), (int)(mastercropsize.Height));                     ResizedRect = new Rectangle(newpixdataRect.Location, tsize);                       ResizedRect.Location = new Point(newpixdataRect.X + (newpixdataRect.Width - ResizedRect.Width) / 2,                                      newpixdataRect.Y + (newpixdataRect.Height - ResizedRect.Height) / 2);                      if (ResizedRect.X + ResizedRect.Width > orgbitmap.Width)                     {                          int temp = ResizedRect.X + ResizedRect.Width - orgbitmap.Width;                         ResizedRect.Width -= temp;                         if (cropmode == 2)                         {                             ResizedRect.Height -= temp;                         }                     }                       if (ResizedRect.Y + ResizedRect.Height > orgbitmap.Height)                     {                          int temp = ResizedRect.Y + ResizedRect.Height - orgbitmap.Height;                         ResizedRect.Height -= temp;                         if (cropmode == 2)                         {                             ResizedRect.Width -= temp;                         }                     }                       if (ResizedRect.X <= 0)                     {                         ResizedRect.X = 1;                     }                     if (ResizedRect.Y <= 0)                     {                         ResizedRect.Y = 1;                     }                     if (ResizedRect.Height > orgbitmap.Height)                     {                         ResizedRect.Height = orgbitmap.Height;                     }                     if (ResizedRect.Width > orgbitmap.Width)                     {                         ResizedRect.Width = orgbitmap.Width;                     }                     if(target!=null)                     {                         target.Dispose();                     }                     target = new Bitmap(ResizedRect.Width, ResizedRect.Height);                    }                 else                 {                      ResizedRect = new Rectangle(newpixdataRect.Location, newpixdataRect.Size);                     if (target != null)                     {                         target.Dispose();                     }                     target = new Bitmap(ResizedRect.Width, ResizedRect.Height);                 }                   using (Graphics g = Graphics.FromImage(target))                 {                     g.SmoothingMode = SmoothingMode.HighQuality;                     g.DrawImage(orgbitmap, new Rectangle(0, 0, target.Width, target.Height),                                 ResizedRect, GraphicsUnit.Pixel);                     if (this.tflag2 == true)                     {                         StringFormat stringFormat = new StringFormat();                         stringFormat.Alignment = StringAlignment.Center;                         stringFormat.LineAlignment = StringAlignment.Center;                         g.TextRenderingHint = System.Drawing.Text.TextRenderingHint.AntiAlias;                          Font goodFont = FindFont(g, "test", target.Size, cfont);                            g.DrawString("test, goodFont, Brushes.White, new PointF(target.Width / 2, target.Height / 2), stringFormat);                     }                 }                  if (displaybitmap != null)                 {                     displaybitmap.Dispose();                 }                 displaybitmap = img.ToBitmap();                  using (Graphics tempg = Graphics.FromImage(displaybitmap))                 {                      using (var p = new Pen(Color.LightGreen, 2))                     {                         p.DashStyle = System.Drawing.Drawing2D.DashStyle.Dash;                         //Checking if Master Crop is Set and resizing and shifting the rectangle                          if (ismastercropset && cropmode == 3)                         {                             using (Bitmap tmp = new Bitmap(file))                             {                                    float xfactor = (float)tmp.Width / (float)bit.Width;                                 float yfactor = (float)tmp.Height / (float)bit.Height;                                 Size tsize = new Size((int)(mastercropsize.Width / xfactor), (int)(mastercropsize.Height / yfactor));                                 ResizedRect = new Rectangle(originalrect.Location, tsize);                                 ResizedRect.Location = new Point(originalrect.X + (originalrect.Width - ResizedRect.Width) / 2,                                                  originalrect.Y + (originalrect.Height - ResizedRect.Height) / 2);                             }                           }                         else                         {                             //Used to draw rectangle on picturebox if cropmode is not manual                             ResizedRect = originalrect;                          }                         tempg.DrawRectangle(p, ResizedRect);                      }                 }                  pictureBox5.InitialImage = null;                 pictureBox5.Image = new Bitmap(displaybitmap);                 txt_filename.Text = Path.GetFileName(file);                 txt_width.Text = orgbitmap.Width.ToString();                 txt_height.Text = orgbitmap.Height.ToString();                   crop_width.Text = newpixdataRect.Width.ToString();                 crop_height.Text = newpixdataRect.Height.ToString();                      if (resize == true)                 {                     if (hardresize == true)                     {                         target = HardResize(target, rwidth, rheight);                     }                     else                     {                         target = resizeImage(target, new SizeF(rwidth, rheight));                     }                 }                 saveJpeg(outdir + "\" + Path.GetFileNameWithoutExtension(file), target, quality);                 target.Dispose();                 img.Dispose();                 orgbitmap.Dispose();                 bit.Dispose();                 displaybitmap.Dispose();                 System.GC.Collect();                 System.GC.WaitForPendingFinalizers();                 return true;              }         }         else         {             if (target != null)             {                 target.Dispose();             }             bit.Dispose();             orgbitmap.Dispose();             // img.Dispose();             GC.Collect();             return false;         }       }     catch (Exception error)     {         bit.Dispose();         return false;     }  } 

This method is called from a Backgroundworker

    private void aicropper_DoWork(object sender, DoWorkEventArgs e)     {          pictureBox5.Controls.Clear();         successcounter = 0;         errorcounter = 0;          //  ----------------- Initially processing custom crop images         foreach (var v in modifiedimages)         {             mylist.RemoveAll(x => x == v.Filename);         }         foreach(var v in modifiedimages)         {             //Checking if the user pressed the cancel button             if (stopprocess)             {                 break;             }              using (Bitmap b = new Bitmap(v.Filename))             {                   Rectangle xrect = ConvertToLargeRect(v.translatedrect,b.Size,v.imgsize);                 using (Bitmap tempbmp = new Bitmap(cropImage(b, xrect)))                 {                     pictureBox5.Image = resizeImage(b, pictureBox5.Size);                     using (var p = new Pen(Color.LightGreen, 2))                     {                         using (Graphics g = Graphics.FromImage(pictureBox5.Image))                         {                             p.DashStyle = System.Drawing.Drawing2D.DashStyle.Dash;                             g.DrawRectangle(p,new Rectangle(v.Location,v.Size));                         }                     }                     saveJpeg(outdir + "\" + Path.GetFileNameWithoutExtension(v.Filename), tempbmp, quality);                     successcounter++;                     progressBarControl1.PerformStep();                     progressBarControl1.Update();                 }             }         }         //------------------------------------------------------------                     for (int count = 0; count < mylist.Count; count++)               {                 try                 {                 //Checking if the user pressed the cancel button                 if (stopprocess)                 {                     stopprocess = false;                     break;                  }                 //MessageBox.Show(mylist.Count)                 using (Bitmap x = FixImageOrientation(new Bitmap(mylist[count])))                 {                     try                     {                          Bitmap y = new Bitmap(x);                         if (stop == false)                         {                                if (y.Width > 1000 || y.Height > 1000)                             {                                 // y = ResizekeepAspectRatio(y, 1000, 1000);                                  // y = Crop(y);                                 y = UpdatedResizeImage(y, new Size(pictureBox5.Width, pictureBox5.Height));                                 //y.Save("xfxf.png");                             }                               using (Image<Bgr, byte> image = new Image<Bgr, byte>(y))                             {                                   if (batchprocess(image, y, x, mylist[count]) == false)                                 {                                     //  multipixdatadetection = false;                                     // if (detect(image, x, mylist[count]) == false)                                     //{                                     errorcounter++;                                     errorlist.Add(mylist[count]);                                     //}                                     //else                                     //  {                                     //    successcounter++;                                     //}                                     // multipixdatadetection = backupboolean;                                 }                                 else                                 {                                     successcounter++;                                 }                                     progressBarControl1.PerformStep();                                 progressBarControl1.Update();                                 x.Dispose();                                 y.Dispose();                               }                         }                     }                     catch (Exception err)                     {                         if (err.Message == "A Graphics object cannot be created from an image that has an indexed pixel format.")                         {                                //Catching index exception and converting bitmap to usable format by using temporary file                             string temppath = Path.GetTempPath();                             try                             {                                 if (Directory.Exists(temppath + @"\MYAPP\indexerror\") == false)                                 {                                     Directory.CreateDirectory(temppath + @"\MYAPP\indexerror\");                                 }                              }                             catch (Exception)                             {                              }                              using (Bitmap tempx = new Bitmap(mylist[count]))                             {                                 try                                 {                                     //CorRecting the Bitmap,Saving temporarly and Adding it to Process List                                     Bitmap temp = new Bitmap(tempx);                                      temp.Save(temppath + @"\MYAPP\indexerror\" + Path.GetFileName(mylist[count]));                                     mylist.Add(temppath + @"\MYAPP\indexerror\" + Path.GetFileName(mylist[count]));                                     temp.Dispose();                                  }                                 catch (Exception)                                 {                                  }                                }                         }                         else if (err.Message == "Out of memory.")                         {                             //Handling Corrupt Images that is not auto screened when addimagesworker is not allowed to complete.                         }                         else if (err.Message == "A generic error occurred in GDI+.")                         {                             XtraMessageBox.Show("You cannot overwrite Files.\nPlease select a different Ouput Location", "MYAPP");                             break;                         }                          else                         {                               //batcherror=true;                             continue;                             //   break;                         }                     }                  }             }             catch (Exception error)             {                 errorcounter++;                 continue;             }         }          } 

Do I have a JAVA memory leak?

I usually use Eclipse on my Ubuntu, but recently when I boot the PC and start using Eclipse, my PC completely freezes. In the past, he didn’t do this so I installed Htop to check my memory and just some minutes after restarting the PC I get this:

enter image description here

What does this mean? Do I have a memory leak on my PC?

Simple buffer overflow trying to leak address of system()

Code is:

    #include <string.h>  void vuln(char *arg) {     char buffer[10];     strcpy(buffer, arg); }    int main( int argc, char** argv ) {     vuln(argv[1]);     return 0;  } 

I’ve determined I can input a buffer of 26 total characters to overwrite EIP. In gdb the address of

system():                      0xb7e41b40 "/bin/bash" portion of $  SHELL: 0xbffffdac  

if I run

run $  (python -c "print ('a' * 22) + '\x40\x1b\xe4\xb7'+'FAKE'+'\xac\xfd\xff\xbf'") 

in gdb it will drop me into a shell. Unfortunately this doesn’t work in the shell due to ASLR. GDB tells me that strcpy is at 0xb7e7c750 which has an offset of 0x3AC10 from system(). What I’m thinking is if I can somehow store the address of strcpy at runtime and use the offset (and the offset to the string) I can get it to run system(“/bin/bash”) which is essentially what I’m doing in gdb without the ASLR.

Any tips… or direction towards applicable documentation would be greatly appreciated. I’m trying to successfully exploit the bug without disabling any security measures.

Currently there’s ASLR , PIE, ASCII Armor, NX (I’m assuming), and SSP (this is also assumed). I’m on Debian 9 stretch. Thank you!

Does Linux kernel 5.0.9 have a memory leak?

likely similar to Linux memory usage higher than sum of processes except that I have observed used memory going both below and above the sum of process RSS by GBs.

uname -sr

Linux 5.0.9-... 

cat /proc/meminfo

MemTotal:        8155920 kB MemFree:          280200 kB MemAvailable:     328152 kB Buffers:             144 kB Cached:           704380 kB SwapCached:        15440 kB Active:          2374160 kB Inactive:        1195784 kB Active(anon):    2259104 kB Inactive(anon):  1026600 kB Active(file):     115056 kB Inactive(file):   169184 kB Unevictable:      238012 kB Mlocked:               0 kB SwapTotal:       8388604 kB SwapFree:        5908220 kB Dirty:               168 kB Writeback:             0 kB AnonPages:       3097284 kB Mapped:           255492 kB Shmem:            420252 kB KReclaimable:      81636 kB Slab:             346972 kB SReclaimable:      81636 kB SUnreclaim:       265336 kB KernelStack:       14720 kB PageTables:        70776 kB NFS_Unstable:          0 kB Bounce:                0 kB WritebackTmp:          0 kB CommitLimit:    12466564 kB Committed_AS:    9429628 kB VmallocTotal:   34359738367 kB VmallocUsed:           0 kB VmallocChunk:          0 kB Percpu:             2112 kB HardwareCorrupted:     0 kB AnonHugePages:         0 kB ShmemHugePages:        0 kB ShmemPmdMapped:        0 kB CmaTotal:              0 kB CmaFree:               0 kB HugePages_Total:       0 HugePages_Free:        0 HugePages_Rsvd:        0 HugePages_Surp:        0 Hugepagesize:       2048 kB Hugetlb:               0 kB DirectMap4k:     4764008 kB DirectMap2M:     3614720 kB 

the sum of RSS by all processes (summed individually from top output), slabinfo, buff/cache, swap don’t change by more than 100 MBs and yet available memory will increase by GBs after starting ffmpeg… starting ffmpeg on a heavy long term compression task seems to reliably eliminate all disk thrashing and dramatically increase available memory every time (good temp solution, but not acceptable as a long term solution). As ffmpeg runs available memory will drop and the disk will thrash but available memory will then increase by GBs, this behavior remains only so long as ffmpeg is running. If ffmpeg is not running then available memory will go from causing disk thrashing to a few hundred MBs at most. No other program seems to have the same effect for the last ~two months or so of system use. Amusing and annoying.

Isn’t it almost always not helpful to just change the password of a container after a leak?

Let’s assume, an attacker gains access to an encrypted container with a weak password. They start a brute-force attack and I assume they will succeed. To protect any content which has been added to the container after the leak, I decide to change to a stronger password.

However, at this point, it doesn’t make sense to just change the password of the container, right? Won’t I have to reencrypt everything since the attacker can extract the “master key” of the container which won’t change with a password change?

Possible Memory Leak Issues in NestWhile

Consider the following code snippet:

NestWhile[{#[[1]]+1,Pause@.001;ConstantArray[0,{100, 100}]}&   {1}, (#[[1]] <= 10000) &, 2] 

In theory, when evaluating, NestWhile shall keep track of the last two results generated, thus consuming approximately 160kB of memory.

However, in reality, memory consumption will continue to grow at a pace of approximately 80MB/s before NestWhile finishes calculation. Furthermore, regardless of the fourth parameter (as long as it is not 1), the speed of memory consumption is the same. These two phenomena indicate that Mathematica evaluates the expression and stored all results in memory until all computations are finished then picks out last two elements.

This behavior is rather disturbing for me: why save the previous evaluation results in memory if they are used in nowhere?


This behavior exists in v12.0 and v11.2