This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
from __future__ import print_function | |
import os | |
import sys | |
import re | |
from random import randint | |
from scapy.all import * | |
from netfilterqueue import NetfilterQueue | |
target_ip = "192.168.1.108" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
KeyGenerator generator = KeyGenerator.getInstance("AES", "AndroidKeyStore"); | |
generator.init(new KeyGenParameterSpec.Builder("MyEncryptionKey", KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT) | |
.setBlockModes(KeyProperties.BLOCK_MODE_GCM) | |
.setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_NONE) | |
.setRandomizedEncryptionRequired(true) | |
.setKeySize(256) | |
.build(), new SecureRandom()); | |
generator.generateKey(); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding"); | |
cipher.init(Cipher.ENCRYPT_MODE, key); | |
byte[] cipherText = cipher.doFinal(plainText); | |
byte[] nonce = cipher.getIV(); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
public class KeyGenerationExample { | |
public generateSecretKey(String password, byte[] salt) { | |
//get the PBKDF2 HMAC SHA1 secret key factory | |
SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1"); | |
//similar to WPA2 key generation | |
KeySpec keySpec = new PBEKeySpec(password.toCharArray(), salt, 4096, 32); | |
//generate the key | |
return secretKeyFactory.generateSecret(keySpec); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
public class KeyDerivationWithBC { | |
public SecretKey generateSecretKey(String password, byte[] salt) { | |
byte[] passwordBytes = PBEParametersGenerator.PKCS5PasswordToUTF8Bytes(password.toCharArray()); | |
PKCS5S2ParametersGenerator keyGenerator = new PKCS5S2ParametersGenerator(new SHA256Digest()); | |
keyGenerator.init(passwordBytes, salt, 4096); | |
byte[] keySecret = ((KeyParameter) keyGenerator.generateDerivedParameters(32)).getKey(); | |
return new SecretKeySpec(keySecret, 0, keySecret.length, "AES"); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
//transforms into PBKDF2-HMAC-SHA-256. | |
AndroidConceal.get().nativeLibrary.ensureCryptoLoaded(); | |
PBKDF2Hybrid encryptionKeyGenerator = new PBKDF2Hybrid(); | |
encryptionKeyGenerator.setIterations(KEY_DERIVATION_ROUNDS); | |
encryptionKeyGenerator.setSalt(encryptionSalt, 0, encryptionSalt.length); | |
encryptionKeyGenerator.setKeyLengthInBytes(ENC_KEY_SIZE); | |
encryptionKeyGenerator.setPassword(passwordBytes, 0, passwordBytes.length); | |
encryptionKeySecret = encryptionKeyGenerator.generate(); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
public class CertificateGenerator { | |
public X509Certificate CreateCertificate(string domain) { | |
//read the root ca | |
X509Certificate rootCert = getRootCA(); | |
//generate our public/private keys for this certificate | |
RsaKeyPairGenerator keyPairGenerator = new RsaKeyPairGenerator(); | |
keyPairGenerator.Init(new KeyGenerationParameters(new SecureRandom(), 2048)); | |
AsymmetricCipherKeyPair keyPair = keyPairGenerator.GenerateKeyPair(); | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <stdio.h> | |
#include <string.h> | |
int authenticateUser(); | |
void userMenu(); | |
void adminMenu(); | |
int main() { | |
int id = authenticateUser(); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
extern crate rand; | |
extern crate num; | |
use kangaroo::rand::Rng; | |
use num::ToPrimitive; | |
use num::{Integer, Zero, One}; | |
use std::collections::HashMap; | |
use std::sync::Mutex; | |
#[derive(Debug)] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This is an example of hash length extension attacks (and why you don't roll your own crypto!!!) | |
# In this case, an attacker, Malice, intercepts a message ("to=12345&amt=103.53¬e=Thanks!") | |
# that has been "authenticated" using a poorly constructed MAC (message authentication code). | |
# This MAC has been created using the following method: md5(secret | message). | |
# Ideally, since the attacker, Malice, doesn't have the secret, he should be unable to craft a new | |
# message that is also authenticated. However, because of how the mac was created, we can use | |
# Hash Length Extensions. We'll be using the pymd5 library as found on upenn's website via google cache: | |
# https://webcache.googleusercontent.com/search?q=cache:yyvXXyVKuYYJ:https://www.cis.upenn.edu/~cis331/project1/pymd5.py+&cd=3&hl=en&ct=clnk&gl=us | |
import urllib |
OlderNewer