- ASAv
https://software.cisco.com/download/home/286119613/type/280775065/release/9.18.3
There may be newer releases out, but this has been built with 9.18(3) using the VMWare Package.
import crccheck | |
from operator import xor | |
from pathlib import Path | |
#Xor key from surepetpacket.xorkey | |
xorkey='000000589e6c5a71ba9633f8c7fc4eafce9ee203c3a89ee498822ba00d9bc7bde054d5dd4ab02ba61a01fa477aec124811273f59ee848b9303903b3acd74678f8305d5ef33df79d5d56e159656aff90055ae' | |
def tohex(ba): | |
return ''.join(format(x, '02x') for x in ba) |
''' | |
Convert TOTP Base32 Seeds into Base16/Hex format and vice versa based on CSV with: | |
SerialNumber,SeedValue | |
If the seed value isn't a valid Base32 then the base32 decoder will exception so assume it's Base16/Hex | |
''' | |
import base64 | |
import sys | |
filename = 'seeds.csv' |
openssl req -x509 -newkey rsa:2048 -sha256 -days 3560 -nodes -keyout server.key -out server.pem -subj '/CN=server' -addext 'subjectAltName = DNS:server, DNS:server.local' | |
openssl pkcs12 -export -inkey server.key -in server.pem -out server.pfx -passout pass:password |
https://software.cisco.com/download/home/286119613/type/280775065/release/9.18.3
There may be newer releases out, but this has been built with 9.18(3) using the VMWare Package.
openssl req -x509 -newkey rsa:2048 -sha256 -days 365 -nodes -keyout Root.key -out Root.pem -subj '/CN=Root CA' -addext 'subjectKeyIdentifier=hash' | |
openssl req -new -newkey rsa:2048 -sha256 -nodes -out Intermediate.csr -keyout Intermediate.key -subj '/CN=Intermediate CA' | |
# -- Intermediate.ext -- | |
cat <<EOF > Intermediate.ext | |
authorityKeyIdentifier=keyid,issuer | |
subjectKeyIdentifier=hash | |
basicConstraints=CA:TRUE | |
keyUsage = digitalSignature, keyCertSign |
to | cc | firstname | fullname | |
---|---|---|---|---|
peter@email.local | shared@email.local; manager@email.local | Peter | Peter Lambrechtsen |
import urllib.request | |
from bs4 import BeautifulSoup | |
import json | |
# Retrieve Azure Public URL to find JSON URL in the documnet | |
azure_public_IP_url = "https://www.microsoft.com/en-us/download/details.aspx?id=56519" | |
azure_public_IP_url_content = urllib.request.urlopen(azure_public_IP_url).read() | |
azure_public_IP_url_soup = BeautifulSoup(azure_public_IP_url_content, "html.parser") | |
azure_wvd_ip = [] |
# Generate a 5 year self signed cert without KeyUsage, Subject Key Identifier and Enhanced Key Usage | |
# As per: https://learn.microsoft.com/en-us/powershell/module/pki/new-selfsignedcertificate | |
$Certificate=New-SelfSignedCertificate –Subject "SAML SSO Certificate" -CertStoreLocation Cert:\CurrentUser\My -KeyUsage None -KeyAlgorithm RSA -KeyLength 2048 -KeyExportPolicy Exportable -NotAfter (Get-Date).AddYears(5) -SuppressOid "2.5.29.14","2.5.29.37" | |
# Exported DER binary public key file | |
Export-Certificate -Cert $Certificate -FilePath ".\SSO.cer" | |
# Exported PEM text format public key file | |
$pemFileContent = @( | |
'-----BEGIN CERTIFICATE-----' |
from bs4 import BeautifulSoup | |
import re | |
import requests | |
# Disable warnings to prevent annoying messages in the console | |
requests.packages.urllib3.disable_warnings() | |
ASA_USERNAME = 'APIUser' | |
ASA_PASSWORD = 'xxxx' | |
ASA_IP = "10.x.x.xx" |
# Time step of the OTP. 1=30s, 2=60s | |
$TimeStep = 2 | |
$AzureTime = $TimeStep * 30 | |
# Sleep timeout. 1=15s, 2=30s, 3=60s, 4=120s | |
$ScreenTimeout = 3 | |
# Create 32 Bit Base32 string - From support.yubico.com/hc/en-us/articles/360015668699-Generating-Base32-string-examples | |
$RNG = [Security.Cryptography.RandomNumberGenerator]::Create() |