dnd 5e – Do opportunity attacks have disadvantage if I use my action to Dodge and then move out of melee range?

Dodge:

Until the start of your next turn, any attack roll made against you has disadvantage if you can see the attacker, and you make Dexterity saving throws with advantage.

Opportunity attacks require attack rolls, so they would all have disadvantage, as long as the attackers were not invisible.

That being said, I would recommend using disengage instead of dodge:

If you take the Disengage action, your movement doesn’t provoke opportunity attacks for the rest of the turn.

Now, instead of disadvantage, your opponents can’t attack at all.

Dodge and disengage both use an action. So you could do either of those for your action and still dash with your bonus action. So disengage would likely be better than dodge, unless there’s a possibility of getting attacked from range by other enemies, then dodge might be helpful for imposing disadvantage on those ranged attacks, unless you remember this clever trick: ranged attacks have disadvantage against a prone target.

You disengage with your action, then bonus action dash and get 60 feet away from your melee attackers. Then, if there are no more melee attackers within 30-40 feet of you, drop prone, and all ranged attacks will have disadvantage. When your turn comes back around, stand up and double dash for 75 feet of movement.

Do SAML responses containing encrypted assertions provide protection against MiTM attacks?

A previously asked question touches on topics which are very similar to what I am having trouble understanding.

In a web application I am testing, SAML SSO is brokered using Keycloak. The SAML Response messages contain Encrypted Assertions (<saml:EncryptedAssertion>). Before the encrypted assertion is a Signature (<dsig:Signature>); if the signature is removed, the SP still accepts the user authentication.

  1. Can the content of these messages only be read by the SP/IdP/Keycloak?
  2. Can new assertions be encrypted using an available public key, thus replacing the original assertion? If so, where/how can the relevant public key be found?
  3. What is the purpose of the signature if removing it does nothing? Is this an issue with Keycloak (the broker)? Is the SP responsible for verifying the signature?

I may be missing some knowledge regarding Keycloak’s way of broekering authentication, or the SAML flow itself, but I can’t seem to find much info about any of this online, apart from the above linked question, which is still partially unanswered.

Attacks on EAP-AKA’ protocol (5g)

I’m doing research on authentication protocols and I’m analyzing the EAP-AKA’ protocol described in RFC 5448 that is one of the three protocols adopted in 5G. I would like to know if there are any known attacks to this protocol as I can’t find anything among the common research portals.

Can you break up Eldritch Blast attacks? [duplicate]

EB at higher levels makes multiple beams. Can you choose targets after each beam, move in between them, and use bonus actions as well?

Case in point, level 5 Warlock casts EB. Decides to target Alice first, hits first beam on Alice, and downs her. Warlock then moves 10ft, casts Hex on Bob with a bonus action, and hits second beam on Bob as well. Is this legal?

dnd 3.5e – What’s the highest amount of ranged attacks a pure fighter can make in one turn consistently?

I’ve been working on a 20th level character concept for a while and trying to optimize it for use in a future game, the requirements would be as follows:

  • Only 3.X WotC handbooks (No 3rd party books, no magazines, no online-only content except for web enhancements of handbooks, no adventure-specific content).
  • Only handbooks from the D&D 3E standard setting/Greyhawk (no eberron, faerun, dragonlance, etc).
  • The only base class used must be fighter, any prestige class is ok as long as it doesn’t grant any magical abilities (includes psionics, incarnum, etc), also no martial powers.
  • Optimized for ranged damage output, without relying on allies, consumables, or very low frequency abilities (1/day stuff and the like).

Given that, the concept I’ve got so far is a pure SAD dexterity fighter dual wielding auto-realoading hand-crossbows, boosting damage with feats Dead Eye and Crossbow Sniper, plus specialization and mastery feats. The damage per attack is not too bad (1d4+31), and I’m now looking for ways to increment the number of attacks I could make.

So far I get 4 attacks from BAB, 3 from TWF, 1 from Rapid Shot, and 1 from Haste, for a total of 9 attacks.

I’m specifically looking for methods to increase the number of attacks per full attack action. But I’d also welcome any general advice to improve the build given the previous requirements.

php – Is this method of 32 char hash generation secure enough for online-based attacks?

A fellow developer and I have been having a discussion about how vulnerable a few different methods of developing a hash are, and I’ve come here to see if smarter people than I (us?) can shed some light.

In PHP, I feel the below is secure ENOUGH to generate as 32 character value that could not be reasonably broken via online attack. There are some other mitigating circumstances (such as in our specific case it would also require the attacker to already have some compromised credentials), but I’d like to just look at the “attackability” of the hash.

str_shuffle(MD5(microtime()))

The suggested more secure way of generating a 32 character hash is:

bin2hex(random_bytes(16))

I acknowledge the first hash generation method is not ABSOLUTELY SECURE, but for an online attack I think being able to guess the microtime (or try a low number of guesses), and know the MD5 was shuffled and/or find a vulnerability in MT which str_shuffle is based on is so low as to make it practically secure.

But I would love to hear why I’m a fool. Seriously.

EDIT — This is being used as a password reset token, and does not have an expiry (although it is cleared once used, and is only set when requested).

encryption – Preventing HTTPS Replay Attacks

A replay attack at the TLS level (and thus HTTPS) as you imagine would mean that some attacker could simply replay a captured TLS session or inject a previously captured packet into an existing TLS session.

None of this is possible: Replaying a full session cannot be done since the master_secret as the base for encryption includes both client and server random data, i.e. the master_secret does not depend on the client alone. Injecting a previously sniffed record is not possible since each record has a sequence number and simply replaying a record will be detected due to an old sequence number. Changing the sequence number will not work either since it is protected against manipulation like the rest of the record.

But if an attacker has access to the plain (unencrypted) request he can simply replay this request within some new TLS session. This would be HTTP level replay though and not TLS or HTTPS level replay.

My client relies on the hardware information from the system to validate one-user-per-subscription …

Based on this your client relies on the client not cheating in the first place – which is contrary to the attack vector you describe. But a client could do cheating: for example the client could run in some emulated environment which can be cloned and exhibit the same behavior in another system.

The client could also partially reverse engineer or hook your app to capture and modify the plain request before it gets send. This way it can capture the plain (unencrypted) request on one system and make sure that the other system uses the same request.

dnd 5e – My players want extra effects from their attacks. What should I do?

I’m DMing for a group of 4 players. Two of them have played a fair bit of 5e before, and two of them are new. I’m also new to DMing, though generally familiar with the rules of 5e.

One of the new players is trying to get creative in combat, which I think is great! The problem is I’m not exactly sure how I should adjudicate some of her requests in a way that won’t break the game. Some examples of what I mean:

Can I make an unarmed strike and use my talons to scratch the enemy’s eyes and blind them?

I attack them in their Achilles’ heel and cripple them so they can’t walk?

Now I know that the RAW answer is “No, you can’t try that.” But that’s such a boring answer and I really hate to feel like I’m shutting down anything that isn’t just plain and simple attacks. In general, any time I say “No, you can’t do this”, I feel like I’m shutting down my players fun.

Like I said, I like that she’s trying to be creative in combat, but if an unarmed strike can potentially blind an enemy, that’s incredibly strong. And if the PCs can do this to enemies, it’s fair game for enemies to do this to PCs as well. I can think of some house rules to balance it off the top of my head (Higher AC to hit a small target, enemy can make a constitution saving throw to avoid the effect, etc.) but I don’t want to worry about proper balance while we’re in the middle of a combat.

What’s a good way for me to empower my players and make them feel like they actually have these choices in combat rather than shutting them down, but without breaking the game?

attacks – Putting together an air-gap ephemeral linux OS to run off RAM

Idea: Have an operating system boot from a bootable medium completely into RAM. There is no storage attached to this system, so once it boots up and we eject the bootable medium, this system is completely running off RAM & its not capable of leaving a trace anywhere except RAM, contents of which are hard to recover without physical access to the system.

Premises: There is no physical access to this system, which makes a whole set of attacks possible, but lets compile a list of attacks like Cold boot attacks etc, that possess a threat to this setup, and we can assess the severity of each one of them.

Use-case: Using as a vault for cryptocurrency storage & signing transactions.

Stack:

  • Hardware: Raspberry Pi / Old Computer (which may or may not have wifi/bluetooth hardware available, latter preferred obviously)
  • Custom Linux OS (Functional Display + Touchscreen drivers + Camera drivers + Absence of WiFi / Bluetooth drivers + Modern Browser + On-screen keyboard)
  • Binary (Golang program running a local server & UI accessed via browser)

Things that may or may not matter:

  • CPU architecture: x86 / ARM
  • Bootable media: USB drive / SD card

Communication medium with air-gap system: QR codes

Since this only requires little information to be passed to & fro, using QR codes to encode/decode JSON payload seems ideal.

Explanation: Boot up the computer & eject bootable medium. Run the program and access UI in a browser by going to localhost:3000. Generate the keys (Sensitive information) or import if you already have those keys generated in a previous run. Scan QR code to receive the unsigned transaction, show confirmation, sign it and then encode signed transaction as QR code and display it.

The bootable media that’s in use, will never be plugged back into a system connected to the internet as an additional security measure, but with the ability to eject bootable medium after boot up, makes this unnecessary.

Building Custom Linux OS: This is where I want to crowd source knowledge:

  • What OS to choose to build upon + what packages to use + what packages to remove?
  • What would be a simpler approach to building this OS?
  • How to build a lean & minimal distro which can run on a system as low as 512 MB RAM (the less the better), provided the OS footprint is around 100-20 MB of RAM, leaving the rest for the program to use.
  • Expose attack vectors in this approach.

End Goal: Present the source-code + instructions and host the distro for download to use as a cryptocurrency vault along with the wallet app that will be open-sourced with the option of choosing a hosted service for that as well. Considering the architecture, people can simply use it without even requiring to trust/verify the system, as long as they can maintain the air-gap of the vault.

passwords – Use delay with a fixed total time to defend against timing attacks

Consider this common example used to demonstrate timing attacks:

async def sign_in(username, password):
  user = await get_user_from_db(username)
  if user is None:
    return False  # early return :(

  password_hash = slow_hash(password)
  return verify(password_hash, user.password_hash)

The usual suggestion is to do the same thing on all execution branches. For example, something like this:

async def sign_in(username, password):
  user = await get_user_from_db(username)
  if user is None:
    actual_password_hash = "foo"
  else:
    actual_password_hash = user.password_hash

  password_hash = slow_hash(password)
  res = verify(password_hash, actual_password_hash)
  return res and user is not None

But I wonder if the following strategy is also useful against timing attacks (not considering other types of side-channel attacks), while not wasting computing resources:

async def sign_in(username, password):
  # Longer than what `sign_in_impl` takes normally
  fixed_duration = ... 

  _, sign_in_result = await asyncio.gather(delay(fixed_duration), sign_in_impl)

  return sign_in_result

# Awaits a certain amount of time
async def delay(duration):
  ...

# This takes variable time
async def sign_in_impl(username, password):
  user = await get_user_from_db(username)
  if user is None:
    return False  # early return :(

  password_hash = slow_hash(password)
  return verify(password_hash, user.password_hash)