d0nut d0nutptr

## TCPeek.py
#!/usr/bin/python
from __future__ import print_function
import os
import sys
import re
from random import randint
from scapy.all import *
from netfilterqueue import NetfilterQueue

target_ip = "192.168.1.108"

## KeyGenerationForAES256GCM.java
KeyGenerator generator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
generator.init(new KeyGenParameterSpec.Builder("MyEncryptionKey", KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT)
      .setBlockModes(KeyProperties.BLOCK_MODE_GCM)
      .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_NONE)
      .setRandomizedEncryptionRequired(true)
      .setKeySize(256)
      .build(), new SecureRandom());
generator.generateKey();

## EncryptionWithAES256GCM.java
Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] cipherText = cipher.doFinal(plainText);
byte[] nonce = cipher.getIV();

## KeyGenerationExample.java
public class KeyGenerationExample {
    public generateSecretKey(String password, byte[] salt) {
        //get the PBKDF2 HMAC SHA1 secret key factory
        SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");

        //similar to WPA2 key generation
        KeySpec keySpec = new PBEKeySpec(password.toCharArray(), salt, 4096, 32);

        //generate the key
        return secretKeyFactory.generateSecret(keySpec);

## KeyDerivationWithBC.java
public class KeyDerivationWithBC {
    public SecretKey generateSecretKey(String password, byte[] salt) {
        byte[] passwordBytes = PBEParametersGenerator.PKCS5PasswordToUTF8Bytes(password.toCharArray());

        PKCS5S2ParametersGenerator keyGenerator = new PKCS5S2ParametersGenerator(new SHA256Digest());
        keyGenerator.init(passwordBytes, salt, 4096);

        byte[] keySecret = ((KeyParameter) keyGenerator.generateDerivedParameters(32)).getKey();

        return new SecretKeySpec(keySecret, 0, keySecret.length, "AES");

## KeyDerivationWithConceal.java
//transforms into PBKDF2-HMAC-SHA-256.
AndroidConceal.get().nativeLibrary.ensureCryptoLoaded();

PBKDF2Hybrid encryptionKeyGenerator = new PBKDF2Hybrid();
encryptionKeyGenerator.setIterations(KEY_DERIVATION_ROUNDS);
encryptionKeyGenerator.setSalt(encryptionSalt, 0, encryptionSalt.length);
encryptionKeyGenerator.setKeyLengthInBytes(ENC_KEY_SIZE);
encryptionKeyGenerator.setPassword(passwordBytes, 0, passwordBytes.length);

encryptionKeySecret = encryptionKeyGenerator.generate();

## GenerateCertificate.cs
public class CertificateGenerator {
    public X509Certificate CreateCertificate(string domain) {
        //read the root ca
        X509Certificate rootCert = getRootCA();

        //generate our public/private keys for this certificate
        RsaKeyPairGenerator keyPairGenerator = new RsaKeyPairGenerator();
        keyPairGenerator.Init(new KeyGenerationParameters(new SecureRandom(), 2048));
        AsymmetricCipherKeyPair keyPair = keyPairGenerator.GenerateKeyPair();


## login.c
#include <stdio.h>
#include <string.h>

int authenticateUser();
void userMenu();
void adminMenu();

int main() {
    int id = authenticateUser();

## kangaroo.rs
extern crate rand;
extern crate num;

use kangaroo::rand::Rng;
use num::ToPrimitive;
use num::{Integer, Zero, One};
use std::collections::HashMap;
use std::sync::Mutex;

#[derive(Debug)]

## hle.py
# This is an example of hash length extension attacks (and why you don't roll your own crypto!!!)
# In this case, an attacker, Malice, intercepts a message ("to=12345&amt=103.53&note=Thanks!")
# that has been "authenticated" using a poorly constructed MAC (message authentication code).
# This MAC has been created using the following method: md5(secret | message).
# Ideally, since the attacker, Malice, doesn't have the secret, he should be unable to craft a new
# message that is also authenticated. However, because of how the mac was created, we can use
# Hash Length Extensions. We'll be using the pymd5 library as found on upenn's website via google cache:
# https://webcache.googleusercontent.com/search?q=cache:yyvXXyVKuYYJ:https://www.cis.upenn.edu/~cis331/project1/pymd5.py+&cd=3&hl=en&ct=clnk&gl=us

import urllib
	#!/usr/bin/python
	from __future__ import print_function
	import os
	import sys
	import re
	from random import randint
	from scapy.all import *
	from netfilterqueue import NetfilterQueue

	target_ip = "192.168.1.108"
	KeyGenerator generator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
	generator.init(new KeyGenParameterSpec.Builder("MyEncryptionKey", KeyProperties.PURPOSE_ENCRYPT \| KeyProperties.PURPOSE_DECRYPT)
	.setBlockModes(KeyProperties.BLOCK_MODE_GCM)
	.setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_NONE)
	.setRandomizedEncryptionRequired(true)
	.setKeySize(256)
	.build(), new SecureRandom());
	generator.generateKey();
	Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
	cipher.init(Cipher.ENCRYPT_MODE, key);
	byte[] cipherText = cipher.doFinal(plainText);
	byte[] nonce = cipher.getIV();
	public class KeyGenerationExample {
	public generateSecretKey(String password, byte[] salt) {
	//get the PBKDF2 HMAC SHA1 secret key factory
	SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");

	//similar to WPA2 key generation
	KeySpec keySpec = new PBEKeySpec(password.toCharArray(), salt, 4096, 32);

	//generate the key
	return secretKeyFactory.generateSecret(keySpec);
	public class KeyDerivationWithBC {
	public SecretKey generateSecretKey(String password, byte[] salt) {
	byte[] passwordBytes = PBEParametersGenerator.PKCS5PasswordToUTF8Bytes(password.toCharArray());

	PKCS5S2ParametersGenerator keyGenerator = new PKCS5S2ParametersGenerator(new SHA256Digest());
	keyGenerator.init(passwordBytes, salt, 4096);

	byte[] keySecret = ((KeyParameter) keyGenerator.generateDerivedParameters(32)).getKey();

	return new SecretKeySpec(keySecret, 0, keySecret.length, "AES");
	//transforms into PBKDF2-HMAC-SHA-256.
	AndroidConceal.get().nativeLibrary.ensureCryptoLoaded();

	PBKDF2Hybrid encryptionKeyGenerator = new PBKDF2Hybrid();
	encryptionKeyGenerator.setIterations(KEY_DERIVATION_ROUNDS);
	encryptionKeyGenerator.setSalt(encryptionSalt, 0, encryptionSalt.length);
	encryptionKeyGenerator.setKeyLengthInBytes(ENC_KEY_SIZE);
	encryptionKeyGenerator.setPassword(passwordBytes, 0, passwordBytes.length);

	encryptionKeySecret = encryptionKeyGenerator.generate();
	public class CertificateGenerator {
	public X509Certificate CreateCertificate(string domain) {
	//read the root ca
	X509Certificate rootCert = getRootCA();

	//generate our public/private keys for this certificate
	RsaKeyPairGenerator keyPairGenerator = new RsaKeyPairGenerator();
	keyPairGenerator.Init(new KeyGenerationParameters(new SecureRandom(), 2048));
	AsymmetricCipherKeyPair keyPair = keyPairGenerator.GenerateKeyPair();
	#include <stdio.h>
	#include <string.h>

	int authenticateUser();
	void userMenu();
	void adminMenu();

	int main() {
	int id = authenticateUser();
	extern crate rand;
	extern crate num;

	use kangaroo::rand::Rng;
	use num::ToPrimitive;
	use num::{Integer, Zero, One};
	use std::collections::HashMap;
	use std::sync::Mutex;

	#[derive(Debug)]
	# This is an example of hash length extension attacks (and why you don't roll your own crypto!!!)
	# In this case, an attacker, Malice, intercepts a message ("to=12345&amt=103.53&note=Thanks!")
	# that has been "authenticated" using a poorly constructed MAC (message authentication code).
	# This MAC has been created using the following method: md5(secret \| message).
	# Ideally, since the attacker, Malice, doesn't have the secret, he should be unable to craft a new
	# message that is also authenticated. However, because of how the mac was created, we can use
	# Hash Length Extensions. We'll be using the pymd5 library as found on upenn's website via google cache:
	# https://webcache.googleusercontent.com/search?q=cache:yyvXXyVKuYYJ:https://www.cis.upenn.edu/~cis331/project1/pymd5.py+&cd=3&hl=en&ct=clnk&gl=us

	import urllib