Hash Extension Attack at the Vimeo API
======================================

This tutorial is a slight adaptation of Filippo Valsorda's presentation. The example here should not work currently, but it was a vulnerability a couple of years ago.

The problem presented here shows how to exploit a poor choice combination of information in an API hash-function.

TL;DR: given a hash that is composed of a string with an unknown prefix, an attacker can append to the string and produce a new hash that still has the unknown prefix.


MD5
---

MD5 hashes can't be reversed and are nearly unique (accidental collisions are extremely rare, although possible).


The Vulnerability
-----------------

* A signature is created from a hashed string. This string is a composed of:

[ PASSWORD ]["api_key"+ api_key ]["method" + method]

Where password is just the user password and method is the action, for example "vimeo.test.login".

* This signature is hashed and added as the API signature.

* Vulnerability 1: if we can see the hash, we can add code to it (extend).

* Vulnerability 2: the secret is attached to the string that was hashed.

* Vulnerability 3: all the other components (except the secret) is passed in the plaintext in the request.


The Exploit
-----------

* If an attacker can see a request, she can extend the signature hash with any exploit. For example, she could add the method "vimeo.videos.setFavorite"

* The API signature is now formed by hashing the entire new request.


HOW TO RUN THIS EXAMPLE
-----------------------

* In one terminal run
$ python server.py

* Copy the values
api_key     cdd56f298e71493b9b1015c691e14501
api_sig     fdffe59969293f23c197f321ff2f972e

to client.py and then run it.

* To understand what happen, look inside client.py.