The goals of this lab are to:
- Exploit a vulnerable password check routine
- Gain experience in network timing side channels
A network service containing a vulnerable password check routine is running on
netsec.diverge.dev:12551. The routine contains a similar timing side channel to the one discussed during lecture. Use this channel to recover the password.
Note that since you are attempting to exploit a timing channel over the network and over several hops, you will need to account for noise in your measurements. Think about ways to mitigate this noise.
- Exploit the service to recover the password.
- Exploit another copy of the service running on port
Package a README containing the password(s) that explains your attack along with your source code in