Skip to content

Instantly share code, notes, and snippets.

📃
Also in git.rlab.be/hackan

HacKan HacKanCuBa

📃
Also in git.rlab.be/hackan
Block or report user

Report or block HacKanCuBa

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View keybase.md

Keybase proof

I hereby claim:

  • I am hackancuba on github.
  • I am hackan (https://keybase.io/hackan) on keybase.
  • I have a public key ASClVoZXLVRXbbPLGBaUhBuXUqqso1Cz9_Tcnasvn-CD5Ao

To claim this, I am signing this object:

View ra-tov
This file has been truncated, but you can view the full file.
-----BEGIN PGP MESSAGE-----
owEM1gNyIAgAALDatu12a9u2bdu2bdu2bdu2bfPuE5nEwwIDQCG6YntRDtYG+QPW
AsBfIRoSuNo5/zNwJHCxNSCwMbA2IDCxNjEysrCzpbU3NqU1szdTCfLSiYYFgQQG
asXh7sNnYozVX7wBPCFu1IFMrqM32uQkpPNQB4SNGx5YGnPBXf0yfb5Qj9/A0CsY
lYwxx/WRDrNn9RIyXp97MHGhV4JH/sdQO3ADtOf/t5zES6Egcwih2LbxdytCzpvt
nvOayyhoOTIxebTeY+yqBqgTYBIjYKBa7RpoaBf6DVBKUWVI0OWuAc8AXJ6BNZPe
cSHr8FuvL+Kx5+RXKobtMUt3aCT93dQU1gnrsO+1k260yI2ALk0iDSosfEqkLUiO
h5i7VBJYj91TrtooXIp6L2SHgiCEuMa20CmJCJlLqCqtNYpQP+xp3P8gVs+eKmf6
View Ataque multivoto al sistema Vot.Ar
-----BEGIN PGP MESSAGE-----
owHsuQVUXMu2KNpIgODu0GhwdwmNa3B3CO4eCAEaJ7gFDQ4JFiC4BoK7OyTBAyG4
a/fv5OyzJfuce+7//9033hj/L0axqmdVTatpVSsBAwGAivOM7AVTV2VIIFwl4AHF
wlMaCU9zNy8rZS9HTzs2HRdPF3NNOw9PKydzWJ9dwp3d1dJaO40nn15NWpaNi50X
lb7jsgCCysNJxUnl8tQeVVSUiuOJnbOVubudr5UlFRfsFxUPDx+3ICcVhzyVIRUX
FxcfFbeQIJUxFYcqbISKQwYG4+YR5KPiUKHip+LQggF5+fi5qMTEUK2cLX/gpPrf
96D6uFtZ/5CGhxeV87cHxvDPN5Uz1W8wLk5+3r/BuP7FPF4unr/BBDh/hXHxCAr8
CuPm4+b9G0yAh//vMF4+ob/B+P4FjF+I/28wQR6Bv8GEBH6VjVuQi0vwbzBufs5f
YUJ/1wu3EO/f6PJwcgr8io+Hk/dvOuDh5Bf8+1ohQa5fYVw8XL/KwcPFL8D9K4yb
View kernelcleaner.sh
#!/bin/bash
############################################################
# Script que elimina todos los kernels salvo el que se
# encuentra en uso (MODO=1), o salvo el que se encuentra
# en uso y el anterior (MODO=2).
#
# **************************************************************
# ** NO ME RESPONSABILIZO POR DAÑOS QUE PUDIERAN SER CAUSADOS **
# ** SEA POR BUEN O MAL USO DE ESTE SCRIPT **
# **************************************************************
View emergencylockdown.bash
#!/bin/bash
################################################################################
#
# ~~~~ Emergency Lockdown ~~~~
# Forces a lockdown on the system: kills the keys and luks headers,
# then reboots.
# Copyright (C) 2015 by HacKan
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@HacKanCuBa
HacKanCuBa / encrypted_swap_hibernation_debian9.md
Last active Sep 1, 2019
Encrypted SWAP hibernation in Debian 9+
View encrypted_swap_hibernation_debian9.md

Encrypted SWAP hibernation in Debian 9+

It took me about 6 hours to find out all of this, but after reading a ton of man pages, initram scripts, and bug reports, I got a working result that takes about 2' to set up...

The point is to have a SWAP partition encrypted with LUKS, and it should be decypted during boot.

When using SysV, initram hooks and scripts in Debian worked like a charm but then, Systemd came and it's not yet fully implemented so this kind of crap happens. Systemd's cryptsetup doesn't support parameters in /etc/crypttab so using a script there is ignored:

/* Options Debian's crypttab knows we don't:
@HacKanCuBa
HacKanCuBa / sshd_config
Last active Jun 21, 2019
Modern secure SSH daemon config
View sshd_config
# Modern secure (OpenSSH Server 7+) SSHd config by HacKan
# Refer to the manual for more info: https://www.freebsd.org/cgi/man.cgi?sshd_config(5)
# Server fingerprint
# Regenerate with: ssh-keygen -o -f /etc/ssh/ssh_host_rsa_key -N '' -t rsa -b 4096
HostKey /etc/ssh/ssh_host_rsa_key
# Regerate with: ssh-keygen -o -f /etc/ssh/ssh_host_ed25519_key -N '' -t ed25519
HostKey /etc/ssh/ssh_host_ed25519_key
# Log for audit, even users' key fingerprint
@HacKanCuBa
HacKanCuBa / properly-signing-gh-release-packages.md
Last active Jun 25, 2019
Properly signing Github releases
View properly-signing-gh-release-packages.md

Github automatically generates .tar.gz and .zip packages of the repository when a release or pre-release is created under releases. However, these packages are not signed! The tag might be signed but if a user downloads one of those, there's no true certification of its content, rather than pure trust on Github.

However, you can edit a release after it's generated to upload files, and this is how you upload signature files for those packages (as I usually do). But, to sign them, you need to first download them and, of course, verify them! Otherwise, you'll be signing your trust to Github without checking!

I will be using a tool I created to do recursive blake2 checksums called b2rsum. You can use any other tool that does the same if you want.

To properly verify those packages, do the following:

  1. Create a temporal directory to store all files, lets call it /tmp/github.
  2. Copy your source code to a subdirectory there: cp -r ~/code/myproject /tmp/github/orig.
@HacKanCuBa
HacKanCuBa / exfiltrate.html
Created May 15, 2018
PoC to exfiltrate signal-desktop messages exploiting CVE-2018-11101 or CVE-2018-10994
View exfiltrate.html
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8"/>
<!--
DO NOT USE THIS IN REAL LIFE, IT'S JUST A POC! Be nice, don't hack activists :)
by HacKan: https://ivan.barreraoro.com.ar/signal-desktop-html-tag-injection-variant-2
under GNU GPL v3.0+
-->
</head>
@HacKanCuBa
HacKanCuBa / phpinfo.php
Last active Sep 14, 2018
Safe phpinfo file
View phpinfo.php
<?php
// Safe PHPInfo file by HacKan
// You should prefer to delete it after using it, but we know how that can go... at least, be safe
// create passwd with:
// php -r '$pass = bin2hex(random_bytes(10)); echo "Plain: ", $pass, PHP_EOL, "Encrypted: ", password_hash($pass, PASSWORD_DEFAULT), PHP_EOL;'
define('PASSWD','');
$p = filter_input(INPUT_GET, 'p', FILTER_SANITIZE_STRING);
if (!empty(PASSWD) && !empty($p) && password_verify($p, PASSWD)) {
You can’t perform that action at this time.