Ian Gallagher craSH

## Password.java
/**
  * Author: Ian Gallagher <igallagher@securityinnovation.com>
  *
  * This code utilizes jBCrypt, which you need installed to use.
  * jBCrypt: http://www.mindrot.org/projects/jBCrypt/
  */

public class Password {
  	// Define the BCrypt workload to use when generating password hashes. 10-31 is a valid value.
	private static int workload = 12;

## aes_ctr-chosen_plaintext.py
#!/usr/bin/env python
"""
Simple chosen-plaintext attack on AES-CTR given NONCE and IV re-use for
multiple ciphertexts

Copyleft 2011 Ian Gallagher <crash@neg9.org>
"""
import sys

def decrypt(keystream, ciphertext):

## pet-snippet.toml
[[snippets]]
  description = "pacman - show files owned by installed package"
  command = "pacman -Ql <package>"
  tag = ["arch", "package", "sysadmin"]
  output = ""

[[snippets]]
  description = "pacman - remove orphan packages"
  command = "pacman -Qtdq | sudo pacman -Rns -"
  tag = ["arch", "package", "sysadmin"]

## upgradebrews
#!/bin/bash
#
# Very simple script that updates your brew formula repo and
# then upgrades all installed and outdated formulae
# Run with -y to upgrade formulae automatically
#

# Update the repo
brew update

## har_response_urls.py
#!/usr/bin/env python
"""
Parse a HAR (HTTP Archive) and return URLs which resulted in a given HTTP response code
HAR Spec: http://groups.google.com/group/http-archive-specification/web/har-1-2-spec
Copyleft 2010 Ian Gallagher <crash@neg9.org>

Example usage: ./har_response_urls.py foo.har 404
"""

import json

## bulletproof_arch.md

      
              1 file
            
          
              3 forks
            
          
              0 comments
            
          
              3 stars
            
          
                craSH
                / bulletproof_arch.md
            
            
              Last active
              July 30, 2022 23:00
                — forked from altercation/bulletproof_arch.txt
            
              
                Bulletproof Arch - Minimal Clean Install
              
          
    Bulletproof Arch


Original Author: @altercation (And an evolved Arch Wiki version of this, here)
Contributing Author: @craSH

These are working notes on the installation of Arch Linux. I've just completed this install on a notebook (@altercation: Lenovo P50. @craSH: Dell XPS 13" 9380) but the setup should work for most laptop/desktop configurations.
Some assumptions/notes:

This isn't a dual boot configuration. I can see some of the appeal and still work in Adobe from time to time, but given the increasing complexity of EFI and the way Windows/MS manhandles the EFI partition during upgrades, I really would recommend steering clear of dual boot. Just my two cents here.


## windows_prefetch_paths.py
import struct

def get_file_paths(pf_file):
    """
    Given a path to a Windows Prefetch file, extract and return a list of all file
    paths that it contains (which will be prefetched)

    References:
    - http://en.wikipedia.org/wiki/Prefetcher
    - http://msdn.microsoft.com/en-us/magazine/cc302206.aspx

## gpg_bruteforce.py
#!/usr/bin/env python
"""
Determine password for a PGP private key based on a wordlist.
Also performs permutations on passwords in the case of l33tsp3ak, etc.

Requires python-gnupg (easy_install/pip install python-gnupg)

To quiet down some of the exceptions during signing attempts, the following
"patch" is needed within gnupg.py:

## sekey-keygen
#!/usr/bin/env bash
# vim: ft=bash
# A helper script for generating SSH keys in the Macbook Pro's secure enclave with SeKey [https://github.com/sekey/sekey]
# This file created by craSH [https://github.com/craSH]
# This work is licensed under a Creative Commons Attribution 4.0 International License [https://creativecommons.org/licenses/by/4.0/]

# Secure umask - dirs 700, files 600
umask 077

# Exit if sekey is not installed

## opnsense-test-inet6-default-route.sh
#!/bin/sh
# Test for presennce of default IPv6 route after applying interface settings
# with OPNsense API. Meant to be used with git bisect run across commits to
# find the bug discussed here:
# https://forum.opnsense.org/index.php?topic=20260.0
#
# Author: cdine / Ian Gallagher <crash@neg9.org> 2020-11

# Dev API keys for root user on this machine. Not really secret.
export key='cY1pLqJ2yhOvRlTJCdHFlzejshbebTgJ9iqNSA8ogKOGDeTUNO+MXQEyaDPw8AH415Byj4czYUJA1c2n'
	/**
	* Author: Ian Gallagher <igallagher@securityinnovation.com>
	*
	* This code utilizes jBCrypt, which you need installed to use.
	* jBCrypt: http://www.mindrot.org/projects/jBCrypt/
	*/

	public class Password {
	// Define the BCrypt workload to use when generating password hashes. 10-31 is a valid value.
	private static int workload = 12;
	#!/usr/bin/env python
	"""
	Simple chosen-plaintext attack on AES-CTR given NONCE and IV re-use for
	multiple ciphertexts

	Copyleft 2011 Ian Gallagher <crash@neg9.org>
	"""
	import sys

	def decrypt(keystream, ciphertext):
	[[snippets]]
	description = "pacman - show files owned by installed package"
	command = "pacman -Ql <package>"
	tag = ["arch", "package", "sysadmin"]
	output = ""

	[[snippets]]
	description = "pacman - remove orphan packages"
	command = "pacman -Qtdq \| sudo pacman -Rns -"
	tag = ["arch", "package", "sysadmin"]
	#!/bin/bash
	#
	# Very simple script that updates your brew formula repo and
	# then upgrades all installed and outdated formulae
	# Run with -y to upgrade formulae automatically
	#

	# Update the repo
	brew update
	#!/usr/bin/env python
	"""
	Parse a HAR (HTTP Archive) and return URLs which resulted in a given HTTP response code
	HAR Spec: http://groups.google.com/group/http-archive-specification/web/har-1-2-spec
	Copyleft 2010 Ian Gallagher <crash@neg9.org>

	Example usage: ./har_response_urls.py foo.har 404
	"""

	import json
	import struct

	def get_file_paths(pf_file):
	"""
	Given a path to a Windows Prefetch file, extract and return a list of all file
	paths that it contains (which will be prefetched)

	References:
	- http://en.wikipedia.org/wiki/Prefetcher
	- http://msdn.microsoft.com/en-us/magazine/cc302206.aspx
	#!/usr/bin/env python
	"""
	Determine password for a PGP private key based on a wordlist.
	Also performs permutations on passwords in the case of l33tsp3ak, etc.

	Requires python-gnupg (easy_install/pip install python-gnupg)

	To quiet down some of the exceptions during signing attempts, the following
	"patch" is needed within gnupg.py:
	#!/usr/bin/env bash
	# vim: ft=bash
	# A helper script for generating SSH keys in the Macbook Pro's secure enclave with SeKey [https://github.com/sekey/sekey]
	# This file created by craSH [https://github.com/craSH]
	# This work is licensed under a Creative Commons Attribution 4.0 International License [https://creativecommons.org/licenses/by/4.0/]

	# Secure umask - dirs 700, files 600
	umask 077

	# Exit if sekey is not installed
	#!/bin/sh
	# Test for presennce of default IPv6 route after applying interface settings
	# with OPNsense API. Meant to be used with git bisect run across commits to
	# find the bug discussed here:
	# https://forum.opnsense.org/index.php?topic=20260.0
	#
	# Author: cdine / Ian Gallagher <crash@neg9.org> 2020-11

	# Dev API keys for root user on this machine. Not really secret.
	export key='cY1pLqJ2yhOvRlTJCdHFlzejshbebTgJ9iqNSA8ogKOGDeTUNO+MXQEyaDPw8AH415Byj4czYUJA1c2n'