Starve for Erlang cookie to gain remote code exec — Guillaume Teissier, Guillaume Kaim, Olivier Vivolo
Date : 15 juin 2018 à 10:00 — 15 min.
rabbitmq, ejabberd and couchdb are network daemons developed in Erlang. People may overlook at it as an exotic programming language, however, its runtime offers interesting properties, amongst which built-in scalability, resilience and dynamic code swapping. The remoting capabilities of Erlang runtime have caught our interest and in particular its authentication mechanism protected by a shared secret between all processes of Erlang node. We will show that an attacker may brute-force this secret with a complexity around 2^26.