Useful OpenSSL Commands

Posted on May 19, 2013 by

A list shamelessly copied from: http://aerokid240.blogspot.com/2010/03/getting-started-with-openssl.html

#  According to its manpage, it is a cryptography toolkit implementing the Secure Sockets Layer (SSL v2/v3) and
#  Transport Layer Security network protocols and related cryptography standards required by them. It is indeed
#  a command line tool and allows you to create RSA and DSA keys, x.509 certificates, calculation of message
#  digests, encryption and decryption of files with optional ciphers, etc. As there are so many ways to use this
#  tool, i will show some of its basic usages that one may find useful.

# for command switches
openssl -h

# Documentation of the tool
man openssl

# list standard commands. Doesn't say what they do so you are better off using "man openssl"
openssl list-standard-commands

# list different symmetric ciphers you can use for encryption
openssl list-cipher-commands

# lists different hashing algorithms you can use for data integrity checking
openssl list-message-digest-commands

# creates the md5 hash for the string password
echo "password" | openssl md5

# does the same thing as previous example
echo "password" | openssl enc -md5

# encrypts the file "myfile.txt" using the blowfish cipher 'bf' to a new file 'myfile.txt.enc'. You can now delete the old file
openssl bf -in myfile.txt -out myfile.txt.enc

# encrypts the file "myfile.txt" using the blowfish cipher 'bf' to a new file 'myfile.txt.enc'. Equivalent to the above command.
openssl enc -bf -in myfile.txt -out myfile.txt.enc

# decrypts the file "myfile.txt.enc" using the blowfish cipher 'bf' and outputs the decrypted file to a new file name 'myfile.txt'.
openssl enc -bf -d -in myfile.txt.enc -out myfile.txt

### Using Public Key Cryptography

# Generates private key
openssl genrsa -out private.key

# generates public key from the private key
openssl rsa -pubout -in private.key -out public.key

# encrypt a file with public key. Note that you are limited to small file sizes
openssl rsautl -encrypt -inkey public.key -pubin -in test.txt -out test.txt.pub

# decrypts the file with the private key
openssl rsautl -decrypt -inkey private.key -in test.txt.pub -out test.txt
Posted in Tech, Uncategorized | Leave a comment

Disassembling .NET/mono assemblies

Posted on May 4, 2013 by

When an application is compiled against the .NET or mono framework, it is actually compiled to something called MSIL or CIL….Microsoft Intermediate Language / Common Intermediate Language.

The power of the .NET / mono framework is that when you execute that code on your system, the CLR (Common Language Runtime) will JIT (just in time) compile your application for the hardware it’s running on. That means you get a 64-bit app when run on 64-bit systems and a 32-bit app on 32-bit systems.

This also means that if you can read MSIL / CIL, you can rather easily disassemble these programs. The mono disassembler is a great tool for the job. ILSpy is a very good GUI alternative.

The monodis program is used to dump the contents of an ECMA CIL image. You can execute it by typing:

$ monodis FILE.exe

The following options are supported:

–output=FILENAME

Write output into FILENAME.

–mscorlib

For non-corlib assemblies, use “mscorlib” as the assembly name. This is useful for round-tripping the IL with ilasm.

–assembly

Dumps the contents of the assembly table

–assemblyref

Dumps the contents of the assemblyref table

–classlayout

Dumps the contents of the classlayout table

–constant

Dumps the contents of the constant table

–event

Dumps the contents of the event table

–exported

Dumps the contents of the ExportedTypes table

–fields

Dumps the contents of the fields table

–file

Dumps the contents of the file table

–interface

Dumps the contents of the interface table

–manifest

Dumps the contents of the manifest table.

–memberref

Dumps the contents of the memberref table

–method

Dumps the contents of the method table

–methodsem

Dumps the contents of the methodsem table

–module

Dumps the contents of the module table

–moduleref

Dumps the contents of the moduleref table

–mresources

Dumps embedded managed resources

–param

Dumps the contents of the param table

–property

Dumps the contents of the property table

–propertymap

Dumps the contents of the propertymap table

–typedef

Dumps the contents of the typedef table

–typeref

Dumps the contents of the typeref table If no flags are specified the program dumps the content of the image in a format that can be used to rountrip the code.

Posted in Tech | Leave a comment

Visual Representation of SQL Joins

Posted on April 30, 2013 by

 

 

http://www.codeproject.com/Articles/33052/Visual-Representation-of-SQL-Joins
Visual_SQL_JOINS_V2

Posted in Programming, Tech | 1 Comment

OSR Driver Loader

Posted on April 29, 2013 by

If you do any Windows driver development or testing, the OSR Driver Loader is essential…and free.

New and Improved V3.0! Installing and starting NT kernel mode drivers can be a hassle. This is especially true during the development stage of a project, before you’ve built an attractive gui-based custom installation program. Now, OSRLOADER eliminates your trouble.

This GUI-based tool will make all the appropriate registry entries for your driver, and even allow you to start your driver without rebooting. It’s even got a help file, for goodness sakes! If you write drivers, this is another one of those utilities that’s a must have for your tool chest. x86 architecture.

driverloader

Posted in C/C++, Programming, Tech, Windows | Leave a comment

“Hack functions” shell script

Posted on April 28, 2013 by

https://github.com/merces/hack-functions/blob/master/hack-functions.sh

A collection of functions useful in malware analysis and reverse engineering.

Posted in Tech | Leave a comment

SICP: Structure and Interpretation of Computer Programs

Posted on April 27, 2013 by

I’ve decided to add another book to my already long queue. After watching Miguel de Icaza discuss new features of the mono compiler, he mentioned this book. I’ve heard other people smarter than me mention it before as well and I decided I should check it out.

Published in 1996, the book is considered a computer science classic. Book can be purchased at Amazon, or you can read it online for free here.

cover

Amazon.com Review

Abelson and Sussman’s classic Structure and Interpretation of Computer Programs teaches readers how to program by employing the tools of abstraction and modularity. The authors’ central philosophy is that programming is the task of breaking large problems into small ones. The book spends a great deal of time considering both this decomposition and the process of knitting the smaller pieces back together.

The authors employ this philosophy in their writing technique. The text asks the broad question “What is programming?” Having come to the conclusion that programming consists of procedures and data, the authors set off to explore the related questions of “What is data?” and “What is a procedure?”

The authors build up the simple notion of a procedure to dizzying complexity. The discussion culminates in the description of the code behind the programming language Scheme. The authors finish with examples of how to implement some of the book’s concepts on a register machine. Through this journey, the reader not only learns how to program, but also how to think about programming.

Posted in Tech | Leave a comment

ostinato: Packet/Traffic Generator and Analyzer

Posted on April 23, 2013 by

Ostinato is an open-source, cross-platform network packet crafter/traffic generator and analyzer with a friendly GUI. Craft and send packets of several streams with different protocols at different rates.

Ostinato aims to be "Wireshark in Reverse" and become complementary to Wireshark.

Here is a video demonstrating its usage.

Posted in Network, Tech | Leave a comment