Switch (optional) encryption of identified passwords from ncrack to use AGE #2311
Description
➹ New Feature implementation request
Is your feature request related to a problem?
Currently the ncrack parser has a optional feature to encrypt the passwords that were identified using RSA.
This is potentially dangerous as RSA has a lot of potentials to do something wrong and void the encryption.
Describe the solution you'd like
Switch encryption a state of the art encryption mechanism like age.
Describe alternatives you've considered
Additional context
Came up during the CVE-2023-46809 in node. (https://nodejs.org/en/blog/vulnerability/february-2024-security-releases#nodejs-is-vulnerable-to-the-marvin-attack-timing-variant-of-the-bleichenbacher-attack-against-pkcs1-v15-padding-cve-2023-46809---medium)
Metadata
Metadata
Assignees
Labels
Type
Projects
Status