derhuerst

from the Digital Security Elements for Rail Passenger Ticketing technical document:

The whole security system is based on asymmetrical key pairs: Private and Public keys. To ensure the autenthicy of the public keys the keys shall be certified by a certification authority and the certificates exchanged for the ticket control precedures.

These keys are generated on a regular base (e.g. every 6 months) by the party that wants to encrypt data using such a key ("the security provider"). To enable decryption of the encoded data, the corresponding certificate should be made available to every TCO (Ticket Controlling Organisation)

AZTEC is the better one of both because of error-correction, readability in difficult conditions and the fact that it is more variable in size. The reason that the PDF417 barcode (a so called “Stacked linear barcode”) is still in t

TarlogicSecurity

Kerberos cheatsheet

Bruteforcing

With kerbrute.py:

python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>

With Rubeus version with brute module:

miguelmota

// Create new image element.
var image = new Image();

// Set an image.
image.src = 'photo.png';

// Append image to body.
document.body.appendChild(image);

// After image has been loaded in memory invoke a callback.