The security features of Barebox are:
- Signed images
- Signed "state variables" (shared with the kernel)
/** | |
* shiro1 cracking snippet | |
* So apparently hashcat and JtR don't support these kind of specific hashes | |
* with salt and iterations so I needed to code my own. | |
* It has shit performance, code is probably retarded; I don't do java so I just | |
* hacked this to verify a hash I dumped from Sonatype Nexus wasn't in a basic dictionnary. | |
* And if you're here you likely can't afford to be picky... | |
* Based on this snippet: https://gist.github.com/mdeggies/cdfd22a9cf28b4e909489b877681a209 | |
* | |
* Usage: |
60 ff 54 24 44 61 31 c0 48 c3 55 89 e5 5d e9 07 00 00 00 0f 1f 80 00 00 00 00 55 89 e5 53 57 56 81 ec 2c 12 00 00 e8 00 00 00 00 5b 64 a1 30 00 00 00 89 85 70 ff ff ff 8b 40 4c 64 8b 0d 30 00 00 00 c7 45 e4 00 00 00 00 ba 00 00 00 00 be 00 00 00 00 89 4d cc 85 c9 74 35 8b 4d cc 8b 79 34 ba 00 00 00 00 be 00 00 00 00 85 ff 74 21 8b bf b8 00 00 00 ba 00 00 00 00 be 00 00 00 00 85 ff 74 0d 8b 57 3c 8b 54 17 78 8b 74 17 1c 89 fa 8b 74 16 58 80 7c 16 11 8b 89 5d a0 75 10 80 7c 32 12 0d 75 09 8b 4c 32 13 8b 09 89 4d e4 c7 85 5c ff ff ff 00 00 00 00 c7 45 f0 00 00 00 00 c7 45 e8 00 00 00 00 be 00 00 00 00 bf 00 00 00 00 b9 00 00 00 00 85 c0 75 1c e9 b7 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 8b 00 85 c0 0f 84 8c 00 00 00 0f b7 50 10 8b 4d e4 8b 14 91 8b 72 10 8a 1e 84 db 74 e3 46 b9 43 49 54 53 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 0f be db 89 cf c1 e7 05 01 f9 01 d9 0f b6 1e 46 84 db 75 ec 81 f9 64 9c 0b 7c 75 b4 8b 42 24 c7 45 f0 00 00 00 00 c7 45 e8 00 00 00 00 be 00 00 00 00 bf 00 00 00 00 b9 00 00 00 0 |
#!/usr/bin/env python3 | |
# http://lasecwww.epfl.ch/pub/lasec/doc/Vau98a.ps | |
import sys | |
from pyfinite import ffield # don't forget to patch to include your field! | |
# CIPHER CONSTANTS ############################################################# | |
c = 0xb7e15162 | |
S = [ | |
0x8AED2A, 0x6ABF71, 0x58809C, 0x0F4F3C7, 0x62E716, 0x0F38B4, 0x0DA56A7, 0x84D904, |
#include <stdio.h> | |
#include <stdlib.h> | |
#include <stdint.h> | |
#include <string.h> | |
void ripemd(int *output, int *input) | |
{ | |
uint iVar1; | |
uint iVar2; | |
uint iVar3; |
#!/usr/bin/env python2 | |
import gmpy | |
# MODULAR QUADRATIC EQUATION SOLVER ############################################ | |
def compute_next_sqrt(prev_sqrt, x, N): | |
if x % (2**N) == (prev_sqrt * prev_sqrt) % (2**N): | |
return prev_sqrt | |
elif (2**(N - 1) + x) % (2**N) == (prev_sqrt * prev_sqrt) % (2**N): | |
return 2**(N-2) - prev_sqrt |
#!/usr/bin/env python3 | |
# Convert OpenLDAP hashes to a format john the ripper can understand | |
import sys | |
import base64 | |
with open(sys.argv[1], 'r') as f: | |
lines = f.readlines() | |
for line in lines: | |
line = line.rstrip("\n") |
Network | |
======= | |
DNS 53 | |
DHCP server 67 | |
DHCP client 68 | |
NTP 123 | |
Auth | |
==== | |
TACACS 49 |
#include <stdlib.h> | |
#include <stdio.h> | |
#include <stdint.h> | |
#include <fcntl.h> | |
#include <linux/i2c-dev.h> | |
#define READ_SIZE (256) | |
#define NB_PAGES (256) |
#!/usr/bin/env python3 | |
import sys | |
import re | |
import random | |
import base64 | |
with open(sys.argv[1], "rb") as f: | |
lines = f.readlines() | |
obfuscated_lines = b"" |