Great Scott

A practical guide to timing attacks for the every day web dev.

Guide

Read the full blog post that accompanies this repo here: https://www.simplethread.com/great-scott-timing-attack-demo/

Setup

docker build -t great_scott .
docker run -d -p 3000:3000 --name great_scott great_scott
docker exec -i -t great_scott /bin/bash
# Cleanup when done
docker stop great_scott && docker rm great_scott

Access web server on localhost:3000

OR install dependencies directly...

Install ruby 2.5.1. If using rbenv then rbenv install 2.5.1
Install bundler. gem install bundler
Install dependencies for this application: bundle install
Run server and access it on localhost:3000

bundle exec rails s

Credentials to sign in as admin: Username: [email protected] Password: Password123!

Run Timing Attacks

These scripts are setup around the starting seed data:

bundle exec rake db:drop db:create db:migrate db:setup

bundle exec ruby hackz0r/basic_compare.rb

bundle exec ruby hackz0r/find_digits.rb

bundle exec ruby hackz0r/coup_de_grace.rb

Name		Name	Last commit message	Last commit date
Latest commit History 24 Commits
app		app
bin		bin
config		config
db		db
hackz0r		hackz0r
lib		lib
log		log
public		public
tmp		tmp
vendor		vendor
.dockerignore		.dockerignore
.gitignore		.gitignore
.rubocop.yml		.rubocop.yml
.ruby-version		.ruby-version
Dockerfile		Dockerfile
Gemfile		Gemfile
Gemfile.lock		Gemfile.lock
README.md		README.md
Rakefile		Rakefile
config.ru		config.ru
package.json		package.json

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Great Scott

Guide

Setup

Run Timing Attacks

About

Releases

Packages

Languages

simple-thread/great_scott

Folders and files

Latest commit

History

Repository files navigation

Great Scott

Guide

Setup

Run Timing Attacks

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages