In get_cmd in the server: crypto_lock first encrypts, putting the ciphertext into chan->data.exec_cmd, and then MACs the ciphertext. But exec_cmd is shared memory; you can exploit a race condition! If you (the client) modify exec_cmd after encryption but before the MAC gets computed, you'll get a good MAC of your modified ciphertext. ChaCha is a stream cipher so you can do exec_cmd ^= (old_plaintext ^ "echo 'fuck drm'")
ｃｙｂｒｅｓｐａｃｅ: the social hub of the information superhighway
jack in to the mastodon fediverse today and surf the dataflow through our cybrepunk, slightly glitchy web portal
support us on patreon or liberapay!