diff --git a/_layouts/no.html b/_layouts/no.html new file mode 100644 index 0000000..7ebc636 --- /dev/null +++ b/_layouts/no.html @@ -0,0 +1,14 @@ + + + + {% include head.html %} + + +
+
+ {{ content }} +
+
+ + + diff --git a/_posts/2015-01-04-secure-secure-shell.md b/_posts/2015-01-04-secure-secure-shell.md index c94de40..d9bab7b 100644 --- a/_posts/2015-01-04-secure-secure-shell.md +++ b/_posts/2015-01-04-secure-secure-shell.md @@ -34,6 +34,7 @@ Both provide [forward secrecy][forward-secrecy] which the NSA hates because they The server and the client will end up with a shared secret number at the end without a passive eavesdropper learning anything about this number. After we have a shared secret we have to derive a cryptographic key from this using a key derivation function. In case of SSH, this is a hash function. +[Collision attacks][sloth] on this hash function have been proven to allow downgrade attacks. DH works with a multiplicative group of integers modulo a prime. Its security is based on the hardness of the [discrete logarithm problem][dlp]. @@ -59,11 +60,14 @@ Pb <-- Pb = Sb * G s = Sa * Pb s = Sb * Pa k = KDF(s) k = KDF(s) -OpenSSH supports 8 key exchange protocols: +OpenSSH supports 11 key exchange protocols: 1. [curve25519-sha256][libsshdoc]: ECDH over [Curve25519][curve25519] with SHA2 1. [diffie-hellman-group1-sha1][rfc4253]: 1024 bit DH with SHA1 1. [diffie-hellman-group14-sha1][rfc4253]: 2048 bit DH with SHA1 +1. [diffie-hellman-group14-sha256][dh-draft]: 2048 bit DH with SHA2 +1. [diffie-hellman-group16-sha512][dh-draft]: 4096 bit DH with SHA2 +1. [diffie-hellman-group18-sha512][dh-draft]: 8192 bit DH with SHA2 1. [diffie-hellman-group-exchange-sha1][rfc4419]: Custom DH with SHA1 1. [diffie-hellman-group-exchange-sha256][rfc4419]: Custom DH with SHA2 1. ecdh-sha2-nistp256: ECDH over NIST P-256 with SHA2 @@ -73,18 +77,18 @@ OpenSSH supports 8 key exchange protocols: We have to look at 3 things here: * *ECDH curve choice*: - This eliminates 6-8 because [NIST curves suck][nist-sucks]. + This eliminates 9-11 because [NIST curves suck][nist-sucks]. They leak secrets through timing side channels and off-curve inputs. Also, [NIST is considered harmful][bullrun] and cannot be trusted. * *Bit size of the DH modulus*: This eliminates 2 because the NSA has supercomputers and possibly unknown attacks. 1024 bits simply don't offer sufficient security margin. * *Security of the hash function*: - This eliminates 2-4 because SHA1 is broken. + This eliminates 2, 3, and 7 because SHA1 is broken. We don't have to wait for a second preimage attack that takes 10 minutes on a cellphone to disable it right now. -We are left with 1 and 5. -1 is better and it's perfectly OK to only support that but for interoperability (with Eclipse, WinSCP), 5 can be included. +We are left with 1 and 8, as well as 4-6 which were added in [OpenSSH 7.3][73release]. +1 is better and it's perfectly OK to only support that but for interoperability (with Eclipse, WinSCP), 8 can be included. Recommended `/etc/ssh/sshd_config` snippet: @@ -99,7 +103,7 @@ Recommended `/etc/ssh/ssh_config` snippet: Host * KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256 -If you chose to enable 5, open `/etc/ssh/moduli` if exists, and delete lines where the 5th column is less than 2000. +If you chose to enable 8, open `/etc/ssh/moduli` if exists, and delete lines where the 5th column is less than 2000. 
awk '$5 > 2000' /etc/ssh/moduli > "${HOME}/moduli"
 wc -l "${HOME}/moduli" # make sure there is something left
@@ -149,8 +153,8 @@ If you don't want that, remove any `ssh-keygen` commands from the init script.
 
 
cd /etc/ssh
 rm ssh_host_*key*
-ssh-keygen -t ed25519 -f ssh_host_ed25519_key < /dev/null
-ssh-keygen -t rsa -b 4096 -f ssh_host_rsa_key < /dev/null

+ssh-keygen -t ed25519 -f ssh_host_ed25519_key -N "" < /dev/null
+ssh-keygen -t rsa -b 4096 -f ssh_host_rsa_key -N "" < /dev/null
### Client authentication @@ -182,7 +186,7 @@ Recommended `/etc/ssh/ssh_config` snippet: 
Host *
     PubkeyAuthentication yes
-    HostKeyAlgorithms ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-ed25519,ssh-rsa
+ HostKeyAlgorithms ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,ssh-rsa Generate client keys using the following commands: @@ -209,7 +213,7 @@ Create the ssh-user group with `sudo groupadd ssh-user`, then add each ssh user Symmetric ciphers are used to encrypt the data after the initial key exchange and authentication is complete. -Here we have quite a few algorithms: +Here we have quite a few algorithms (10-14 were removed in [OpenSSH 7.6][76release]): 1. 3des-cbc 1. aes128-cbc @@ -237,7 +241,7 @@ We have to consider the following: * *Block size*: Does not apply to stream ciphers. At least 128 bits. - This eliminates 14 because CAST has a 64 bit block size. + This eliminates 13 and 14 because those have a 64 bit block size. * *Cipher mode*: The recommended approach here is to prefer [AE][ae] modes and optionally allow CTR for compatibility. CTR with Encrypt-then-MAC is provably secure. @@ -284,7 +288,6 @@ Here are the available MAC choices: 1. hmac-md5 1. hmac-md5-96 -1. hmac-ripemd160 1. hmac-sha1 1. hmac-sha1-96 1. hmac-sha2-256 @@ -293,7 +296,6 @@ Here are the available MAC choices: 1. umac-128 1. hmac-md5-etm@openssh.com 1. hmac-md5-96-etm@openssh.com -1. hmac-ripemd160-etm@openssh.com 1. hmac-sha1-etm@openssh.com 1. hmac-sha1-96-etm@openssh.com 1. hmac-sha2-256-etm@openssh.com @@ -320,12 +322,12 @@ The selection considerations: Recommended `/etc/ssh/sshd_config` snippet: -
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-ripemd160-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,umac-128@openssh.com
+
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com
Recommended `/etc/ssh/ssh_config` snippet: 
Host *
-    MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-ripemd160-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,umac-128@openssh.com
+ MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com # Preventing key theft @@ -334,6 +336,13 @@ The NSA has a database of stolen keys - you do not want your key there. ## System hardening +OpenSSH has some undocumented, and rarely used features. +UseRoaming is one such feature with a known vulnerability. + +Recommended `/etc/ssh/ssh_config` snippet: +
Host *
+   UseRoaming no
+ This post is not intended to be a comprehensive system security guide. Very briefly: @@ -451,9 +460,12 @@ I promise not to use `git push -f`. [libsshdoc]: http://git.libssh.org/projects/libssh.git/tree/doc/curve25519-sha256@libssh.org.txt [curve25519]: http://cr.yp.to/ecdh.html [rfc4253]: https://www.ietf.org/rfc/rfc4253.txt +[dh-draft]: https://tools.ietf.org/html/draft-ietf-curdle-ssh-modp-dh-sha2-09 +[73release]: https://www.openssh.com/releasenotes.html#7.3 +[76release]: https://www.openssh.com/releasenotes.html#7.6 [rfc4419]: https://www.ietf.org/rfc/rfc4419.txt [ed25519]: http://ed25519.cr.yp.to/ -[google-auth]: https://code.google.com/p/google-authenticator/wiki/PamModuleInstructions +[google-auth]: https://github.com/google/google-authenticator/wiki/PAM-Module-Instructions [totp]: https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm [otp]: https://www.cl.cam.ac.uk/~mgk25/otpw.html [pam]: https://en.wikipedia.org/wiki/Pluggable_authentication_module @@ -468,3 +480,4 @@ I promise not to use `git push -f`. [sssh-wiki]: https://github.com/stribika/stribika.github.io/wiki/Secure-Secure-Shell [changelog]: https://github.com/stribika/stribika.github.io/commits/master/_posts/2015-01-04-secure-secure-shell.md [bug779880]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779880 +[sloth]: https://www.mitls.org/downloads/transcript-collisions.pdf diff --git a/_posts/2015-08-07-why-cyber-deterrence-is-bullshit.md b/_posts/2015-08-07-why-cyber-deterrence-is-bullshit.md new file mode 100644 index 0000000..b6c4c93 --- /dev/null +++ b/_posts/2015-08-07-why-cyber-deterrence-is-bullshit.md @@ -0,0 +1,46 @@ +--- +layout: post +title: "Why cyber deterrence is bullshit" +tags: [bullshit, cybercybercyber, deterrence] +--- + +You may have heard of [this brilliant idea](https://uk.businessinsider.com/us-retaliation-against-china-for-opm-hacks-2015-8). +That's right, "hack back" as foreign policy. +It does not and will never work. + +The reasons why this is utter bullshit should be all too obvious, but my Twitter account is locked and I have nothing better to do, so here goes: + +1. *The word cyber.* + Whenever you hear it, question the speaker's competence. +1. *Easy access.* + To build nuclear weapons, you need: relatively rare fissionable materials, huge enrichment facilities, knowledge, and ICBMs. + To hack, you need: a computer, electricity, knowledge, and Internet access. + You may be able to deter a few rational entities capable of building nukes, but not every single child capable of hacking OPM. + There is nothing even close to perfect rationality on the Internet. +1. *Attribution.* + Radars and satellites can clearly show where the missiles are coming from. + No such device exists for detecting the origin of a breach. + Attribution is purely guesswork, based on things like the language of strings found in the malware, source IPs, etc. + It's like sending a postcard, then trying to figure out who read it. + Does that sound like perfect detection? +1. *Working defense.* + Missile defense systems are actually more dangerous that the nukes they are trying to defend against. + This is because they have a [very interesting property](https://en.wikipedia.org/wiki/Pre-emptive_nuclear_strike#Destabilizing_role_of_missile_defense): + They reduce the second strike capability of one side, making counterforce first strike the logical choice for the other. + The reason we are still all here, reading this post, is because covering large areas with such defenses is not feasible. + This is not the case for defending computers against intrusion. + Yes, attackers have a clear advantage over defenders, that is to say, hacking will always be possible. + But it is significantly more difficult, and the effect less devastating, if the opponent just doesn't have an OPM equivalent. + There goes your second strike. +1. *It is not a fucking weapon.* + The damage caused by even the worst breaches is nowhere near the damage caused by a thermonuclear explosion. + Even conventional weapons cause more damage, and are more scary. + This is also supported by the fact that no sane person would risk armed conflict over hacking incidents. + No one is afraid of getting pwned. + +Today's attackers don't even need their advantage. +They get in because we let them. +We should focus on exploit mitigation (Grsecurity), isolation (Qubes), sandboxed multiprocess architectures (Chrome, qmail), encryption, and fixing shit. +Instead we are wasting time trying to make the attribution dice work, listening to fumbling idiots threaten the Chinese, and looking for a magic security device that solves everything if we just connect it to the network. + +We know what to do and we know how to do it. diff --git a/_posts/2015-11-23-service-discovery-and-authentication.md b/_posts/2015-11-23-service-discovery-and-authentication.md new file mode 100644 index 0000000..916ccff --- /dev/null +++ b/_posts/2015-11-23-service-discovery-and-authentication.md @@ -0,0 +1,104 @@ +--- +layout: post +title: "Service discovery and authentication" +tags: [java,security,zookeeper,tls] +--- + +[ZooKeeper][zk] is a popular choice for service discovery in distributed systems. +It is a hierarchical key-value store with very strong consistency guarantees. +What makes it a good choice for service discovery is its capability to create temporary tree nodes that disappear when the session that created it is disconnected. +Another important feature is sequential nodes - nodes that have a consistent counter appended to their name. +You can use these for implementing distributed locking for example. +This post is about the authentication problems that appear as a result of introducting service discovery into a distributed system. + +# Service discovery + +The exact details of implementing a [service discovery protocol][zksvc] using ZooKeeper is outside the scope of this document. +I want to describe it in enough details so that we can understand its security properties. +Each service that's running and ready to respond to requests opens a persistent connection to Zookeeper. +What usually happens is there is a root node, say /services, and it creates a temporary, sequential node: + + +/services/foo-service-1 = https://somehost.inthecloud.internal:6666 +/services/foo-service-3 = https://otherhost.inthecloud.internal:12345 + + +If you want to talk to this foo-service, you look in this root node and retrieve all the registered foo-service hostnames. +You pick one randomly, or using round-robin, or what have you, and talk to that. +If it fails, you try another. +If you shut down foo-service, or it crashes, the temporary node is removed and other services will no longer try to talk to it. + +# Authenticating hostnames + +In the example above, we are using HTTPS URLs, so you probably want some kind of internal CA to sign the certificates. +(You might want to use some different protocol, Kerberos maybe.) +You connect to the host and you can be sure it's really that host, no one is eavesdropping, all the good things. + +There are two problems with this. +First, you are using Zookeeper because you don't want to care about what host is running which service. +You certainly don't want to sign a new certificate for each one, deploy the private key to that host, etc. +You can do this. +It is possible. +You can even automate it if you don't mind having an online CA, that is not only easier to abuse, but also limits your availability. + +The second, and even more important problem is _authenticating the wrong thing_. +What if ZooKeeper lies to you? +What if a compromised service publishes a hostname for some other service? +You connect to that, verify that its certificate is correct, and proceed talking to the wrong service without noticing anything is wrong. +Now, ZooKeeper is capable of controlling who can write what node, so you can create a structure like this: + + +/services/foo-service/foo-service-1 = https://a.inthecloud.internal:6666 +/services/foo-service/foo-service-3 = https://b.inthecloud.internal:12345 +/services/bar-service/bar-service-0 = https://c.inthecloud.internal:6666 +/services/baz-service/baz-service-2 = https://d.inthecloud.internal:4444 + + +You have to set up the permissions so that no one can write /services, the user running foo-service can only write /services/foo-service, etc. +This still doesn't help if Zookeeper itself is compromised. + +This way we must trust Zookeeper and the CA. + +# Authenticating service names + +There is a better way. +We don't care about the hostname, the same way we don't care about the IP address. +We don't sign certificates for IP addresses. +We can sign a certificate for the service name, as in, CN=foo-service. +Actually, we don't even have to sign it - the (self-signed) certificate can be included with the code of its clients. + +The main disadvantage of this approach is having to write custom certificate validation code, which I have done in Java. +In Java it's actually pretty simple, the interfaces of interest are [X509KeyManager][keyman] and [X509TrustManager][trustman]. +Some of the methods relating to CAs will be simple stubs. +There are "extended" versions of both, with more methods you don't need. +I will publish the code, but I did this at work, and have not had time to reimplement it in the public domain. + +This way we don't have to trust Zookeeper, and we don't have to trust the CA either (we don't have one). +The only thing we do have to trust is that the certificates included in the code are correct, but if someone can change that, they can change the code too. + +There is still the matter of deploying the private keys to the hosts, but now it can be the same one for each instance of the same service. +This could be on a NAS, or scp'd to the local machine before starting the service that needs it. +Obviously we also have to trust that the ACLs will protect the private key but this is no worse than the previous method. + +# Authenticating the client + +We must not forget to authenticate the client certificate as well. +This is usually not done for browsers, but for inter-service traffic it is essential. +You might want to use a different CN if the same service is sometimes the server and sometimes the client. +Or you can use the same certificate but I don't recommend it. +If they are different you can use the CA system for client authentication and use the embedded cert system for server authentication. +Either way, this means you have to embedd the certificate of the client in the server code. + +There are all these certificates embedded everywhere. +It doesn't sound too maintainable, but what's really going on here is each service consists of 3 files: + +- A server JAR that runs the server and doesn't contain any certs. +- A client JAR that's a library imported by the clients, and contains the cert for the service. +- A certificate, to be used for client authentication. (Or not, you could use a CA here.) + +It's not that bad. + +[keyman]: https://docs.oracle.com/javase/8/docs/api/javax/net/ssl/X509KeyManager.html +[trustman]: https://docs.oracle.com/javase/8/docs/api/javax/net/ssl/X509TrustManager.html +[zk]: https://zookeeper.apache.org/ +[zksvc]: http://blog.arungupta.me/zookeeper-microservice-registration-discovery/ diff --git a/about.md b/about.md index 17d5c92..e21d300 100644 --- a/about.md +++ b/about.md @@ -8,7 +8,7 @@ I am stribika. I [write code](https://github.com/stribika) and I [tweet](https://twitter.com/stribika). Also, [stackoverflow](https://stackoverflow.com/users/128514/stribika). -* PGP fingerprint: `9AB5 E3A6 0AE3 F091 0B86 056F CFB7 F248 7B01 6D87` and [public key](/assets/rsa-pubkey-7B016D87.txt) +* PGP fingerprint: `0406 629F F94F 92BF DEE5 FDA7 A11E 98D6 4B0F C61E` and [public key](/assets/rsa-pubkey-4B0FC61E.txt) * OTR fingerprint: `4218BF59 537FED11 30D72874 423FECC4 75D849D8` * BTC address: `18JbJ37A5VW5FKpbaXgfeAixSyVVac6fa4` diff --git a/assets/NSA-Emails-About-Snowden-s-Concerns.pdf b/assets/NSA-Emails-About-Snowden-s-Concerns.pdf new file mode 100644 index 0000000..7f2e142 Binary files /dev/null and b/assets/NSA-Emails-About-Snowden-s-Concerns.pdf differ diff --git a/assets/no.png b/assets/no.png new file mode 100644 index 0000000..8813a5d Binary files /dev/null and b/assets/no.png differ diff --git a/assets/rsa-pubkey-4B0FC61E.txt b/assets/rsa-pubkey-4B0FC61E.txt new file mode 100644 index 0000000..de85ae5 --- /dev/null +++ b/assets/rsa-pubkey-4B0FC61E.txt @@ -0,0 +1,51 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBFZ7YHIBEACwYQeFQ0nVyQWHjb1lq4qN3Oqi4ig7OkOuHSewpf46VZ8LFLaq +Nicic0rCTX5Gpejr5HdUBvk7Kq5mjwj21Oy1o0rs5xtMZ51lCZsINjW9Qkme7kZY +LTIJcti7vZofVy39O8AuVM8YACF5V/E7IstSXvNTbuRfq7G9bqS7cj8fwEFG2QAr +Rh40fXATxuWkiOMlDaEQUzNT+wjYx22I7JJafWRpRTHiDySIWXoUn2gUtJqOTZkL +gBMxGpqb5TK6iDgusac1lVpHYN4ODUN7Gf+Os0ZMHOBZ1yi8y//9eZygmqx7cL81 +01rnR/jb7SOWZMtLjx4S30mZtTSzTNXNt/eo1tDGlB9hmDZWc/mlkTAgbW6kSsq3 +WVQC9cR9jxzzoM9ZnQE7fanQyrJEnC7FwI1m15SUyXYGUL9ylZ9BMJKM06uz7M6j +cERQiFekt+D3pWmE6KaNpx80XZO7XMe94l1Us7ovPmuuO3jRdxsWR7A01/UTNUFH +AfqsDXB3L6FMWYLJs80mppN9FpnzWCVAfNo/y2j7fvFCeoVIATH8NWzp4J5RxnVV +vn84X8c7wP3PR4figDHXorGeznEKsiYDbWSoxPgUjQuMsV4wJFdjVt6Kr1aOvPoa +YrCkUtUo9Ohtc4btCzRbK3fleSjyDKC/HIZ1iyX0V1IeClc1HSWE3X9L9QARAQAB +tCRTdHJpYmlrIEFuZHLDoXMgPHN0cmliaWthQGdtYWlsLmNvbT6JAj0EEwEKACcF +AlZ7YHICGwMFCQHhM4AFCwkIBwMFFQoJCAsFFgIDAQACHgECF4AACgkQoR6Y1ksP +xh7N+w//eej0MaI8A2G9UxvIcElIcQNfRVLxdPJ2S3Lv0ztth8547HnVCDO5JShd +abf5VDpKOkYGia1M3lqJDPk7NlGYf31SivqA9abay646BZ8L/JSMY0Iu5O0puK3M +Q3M+83AGWlNCj8WyP+0nNOSLZwe1fauYvANiDqQl9F1K1F95E7Z0MTKEywRURbIM +0F6iqL33JmIt6/k0psCHPuO+MbsSCpnO5V7ZlaEsLZQTRc6Trdxe4Nje//uEz/St +Mg07ggfHAnol9wbtfDzObbR0NBZkmpOhM/zZ7rx6qKVdqRm+nsFVu2VKyn9WQY78 +9/kgCz40+7Kolx4ckSYBiJjY9Hhed8gU3BLmD0UThmwP1aRATZx+UvlIhHsA6nrP +5h3f2l7rVV70W6KXd3WobnHOUvAw92GD2uy4ujZ7wPU9G+yPiy2tV49XGy9H/lLa +FuUkHmXydIzKT0Ml0jwfdFgSwt6Lrrs/RbLrMKHRm+Vsc5S/QCcAPkO7EdSC/Wt2 +UU6K/APpYZV5aOhQrL4VY/rdqZLDMhx8uDhiNVaTF0vEsKgQ+ZdiiK+qg/pUsBVU +VU1IGa45dl9iO3cWFQBcwOXkGabOOyebBNySeGUchDmCirtINiEe61iYouPuHcC6 +v82nS6qFck8T7/PIz7jtMlnQTC8FGWVO/OeFJU7dKuqSRObzDEC5Ag0EVntgcgEQ +AJ7ZGrT5H7xHutCnUY3+e4PdTW4gGlN8FpcLMylGu5JK3itqtaseT66DPh6RryLj +ECdYDXnGoxBvK+XdAsReiWwjNs8b1P9xpEXuDAY1pn3g4PFojVsn7LOXYA5GoMVf +eOkuIOKT63foiq0k9072v12mXiD/QO6YjEVRqF8KoQxnFu5FllVYGIbGsb/hVxYT +wykZu3XWvXHlFmfl7FYJDz8hufcIX872ehgBplZhvzbkEXcFlY+rx4GCjjiKutsg +lBUVF9k3cRpuv7eQXuX2s+FkaoMRmzHYBann9wr5YkBWX8ShhIWMAKlwrEHnk7Rc +Z3+1DSvZCH0EUP5QM3lSRiqY1ysoIpDGso4FCvtjy+buTizbgO28Oaf9gNy5TagK +wA63jOS5XkqMpatcVd0AXKBtsowl7dqBURLcq+ovLr6SHVuy3F6azRNu7L42c/RK +Oe1Q2hZIajaSopKzY5o3lQNhmTRYphIlDBZSwDyzIOk0JfxgrgsCdYBXzQmauET/ +zO/Obq32QXsf0u26M5iq5pjmGIW3C1T7MEP42SmbqnPDtpxTAtBk9SAqbMu6wSJ1 +FOLOmaKcM/j5D5BDSOj/bw66XACayfk81u9zVG895alTTDteMe4CijIgEEE3PBJ8 +QWWAJp/pbONnoMVrJmozwdOtpEkSBRHBY6lzJuxydrZhABEBAAGJAiUEGAEKAA8F +AlZ7YHICGwwFCQHhM4AACgkQoR6Y1ksPxh4Srg//QJUd2PGE4x9qFIGGpZebFoUT +Pna/eqRlbNwi/n7X7JSA3Fd2PzI2paX6L7tLDl3s8fEjxL38e9lgKY2q5UotfziB +IhcZcULOU/tD7N19YQG2orYnd3loj9b9or7KLri4Y0lC6MVLmOlRZiKC5VQbZavp +ZSbOahaa8hoWIdouko2Kyk9TTzKBPY2NlhNmjaBdGRc03xVFgfeSSm/jKwwrVneq ++URHWNz+iLiGUJUbwCYNbXR/xdwSLXaACTFxAJpgUPfCR0lWgjDMqnuGAqLqMJy2 +tkFlzI/Zq8c275G1+g8PncTiw6nKrn+nOhK79yJaKeWTlz0n+MbrR6V5DkqB182V +PQ03LWfx51W4QBOMQ9Fe9AQoU/OnfwFITGy3JODCNODr0UyYyhS3qh13gNoTBKgZ +LuZ0WZ2x+oYYHl4F5f8gz3/LZ53fuUN7lpZI+wx8l2BSU3DkRdQRZWAf9sXili0e +zkC8hQDUaK4di448MY/Bra8skTXOlistvUrDxLrB6UxQHABRVtTox7DHGNXz8RAf +j6aSoetSIgpuJcD6uwoR3m+CKKlqMgmEc0qqkdBiprKyO5c3yKahnQNwuvd3/EJj +cCnIxISB0OSIVXqIznQsAbHpzjoee1F7qk3jlkqcSUQPLUlnNeIs+/a4Til4KWgc +uEUm2KMgyAvYQH8Cfto= +=WbNe +-----END PGP PUBLIC KEY BLOCK----- diff --git a/assets/rsa-pubkey-7B016D87.txt b/assets/rsa-pubkey-7B016D87.txt deleted file mode 100644 index bbeb8cd..0000000 --- a/assets/rsa-pubkey-7B016D87.txt +++ /dev/null @@ -1,53 +0,0 @@ ------BEGIN PGP PUBLIC KEY BLOCK----- -Version: GnuPG v2 - -mQINBFNmZQUBEADMFMg1Kcr5WQobo7JSSZBmmHq9FrwBkf048jQ5CazlTz37L+Tg -OR3dZYn7FddsZ3K3Pepopb8lsJroPj0uGbUb21I9+bclkdbugoJBKqcWaAmxA7H/ -RggiPFTFvKs1emAfR1NHQYJpxUf0EPdIBcnXFAxnLzqwdHTV2qJr7V/cfGbS6vCG -tDktP4o7lvuUvgINNXiZ7xpULQwziZZsMqwzZlsTvEEhV0Vql6VcldkQFMvedOFB -HwZGYXb+drk5R10Ixk1KKpiuzu8S7KEbVc8JxWv2s7qhdqSaWrP+EbMpcWQ2ESpM -XROdloFLOa4oKprkXmf9T1QHXp2cAX+HxFb/EvwvNnr4XbRGaVyJ8Arxb+Mm3pow -yeDL3bPZfEecGbS9W3UtJ7lqJB2Vc7HdUdrY4LLByzWlVKizQXFN0OiApeaMTJHq -o2/rIav5co+/r+wYtA25d5bw2Ez/gHKOpsGgVmlSm6Aau/0vI6fQiWrcS0Sw4XIa -626LcjV7ByaKwrbKATbxmy9apHSrUHWqpgevvXGtriVZrZKXiCdekkjJP5YMsh/s -ZT/0Yk1T1X7bEVQvgN+ci38qMsJkONEiV5T9TYyx0/j6qXyn0BeX1QYZQww0/5sd -EYsuYKoTyxc/qMSRVER9gFe7l/0JjBxYwMvAn+v/oqLJjffUJRq1CK0ZaQARAQAB -tGRTdHJpYmlrIEFuZHLDoXMgKFRoaXMgaXMgbXkga2V5LiBUaGVyZSBhcmUgbWFu -eSBsaWtlIGl0LCBidXQgdGhpcyBvbmUgaXMgbWluZS4pIDxzdHJpYmlrYUBnbWFp -bC5jb20+iQI/BBMBAgApBQJTZmUFAhsDBQkB4TOABwsJCAcDAgEGFQgCCQoLBBYC -AwECHgECF4AACgkQz7fySHsBbYfxrg/+PtVW1S3hz+052OFAWULxXONSnbPtsqzu -qQf6gWPMwBzz1+aeVolSjtTRzeEQjhE9sSBPWAhe7bS1P+tcvjDNuhmXeLpYMXKz -1k0V+mr6rPIIVt9mmztPec6sAR7dSL8wkXYl/cqYowFUujP4pgoX9Couwh1wVSTU -zdeZzC9/oeIQJNxb9hWnh3CKSQbIXuQxHNP/VGtDvEGFBlCLBcViVCCjofya5W5+ -stwvPaH8isTKMYI9WFoR4b3yNOVbAMYBChTHydwg7d8WDIw4mvUHe43hVIC1SdRF -oTBRy/RjYgL/iNl/MAvwK9PsUvVvwkeExawOiQGHUiItP7bobtb78BCwVkZLLkTD -Qy/1jfMeKC304UU2+5ULg8USxN0UmXcJi45mid8ZJxKppz0pRxBNWVpLLGMZWX6+ -kW2rVMBi61qs5IXa3oHINA+Ql88+rhdCDRCJviHS5uNB3Cg8NjokBUATdLoisr4l -RPejSqAQxaIZguYeVKFyB1tx9RWRVt3r+kwbltIc++bpllT76Dc45CuM4ySYwwaB -Ygdfz1Y3hPC7gbK6uk7ch2F3/xQOPTVaiw3oCPbR+LyLlMpTuxzbej08u8xvxDia -vAgrBwmPa4KJUECRSa1mqeCYF7JV+LowObq1hZz9OXVeSr+V/FBx5Fkw6vSuXvBW -2VqdidBcAci5Ag0EU2ZlBQEQAK27bA/oDAGa0LaWqp2Yoji5DLlVOlf/sXzcal/F -j7aIX4HZAkMbBkz5pwzc5C+CyOjx0RFYbGxXD80XtEFbBY3GSE+ozF2gYjZYxzLs -1WXYMAqOQ1RRtsRfKNvIvWafq2VW4Y4ABIRJI6TLHeg49dTudjWfhRQiV4n5/WJU -DEEk8xfZD92z8R2t7htMGkTjHRqwcAq6zfnakM0mmbNIsG86S7JxOs0KFXttBMZc -0z4dll4dbLkyCqysC0JSjlPreaeL8y9+uBocQmLuGHqZeTg6lpGJNjNoLO/RxZOW -53y0UABtHY3riEFSzzZVOecT/LVLYcab31vVReZKRrBx/COItgSNdY0FrJjuQQQN -b4E7tm2puNIOWP8MfHfFpsM/5BW8HcHmkGYg0VXGbouoqCeSMQ08Q5SSWdTqnvg9 -4OfB+tR+FHBHd0gOoh1GFB5Msy57ZMTmYY01aj5xn1zmNalFuj9fYGzy8U92VT2g -9HtaiYAe56I40UCs+ys0qh3CauCfvsKpkEb3sPzgdGWJIFfLLo6euipoqkG3A1fz -Q58t5rIMutAzbR3wV4wMdoccCktStPjYokvJ9DvedL2FJmXm0+Au1IajNfwZHNF4 -Bq2DEouVXsrXmNfVlQAc08AB3frcq8rQeEcPzNC//SqXu/K9GjQ+4ucyRL7cOCu/ -oht9ABEBAAGJAiUEGAECAA8FAlNmZQUCGwwFCQHhM4AACgkQz7fySHsBbYcjNw/9 -GFBOfV3eHrNd/3fMQih6hJ1vBW/7SyoQE/n4p4P4N1UvFuBIlbczFw3//tf6bL2d -TSutaVuOhVOiWD7JCTJdYgTMhOjP29zmh1LSce+tIpN91Jzcl40y2kA2GmMxcZKK -ehnUPaPkv9Y0sAZj5QyoCAqn97qRCPZsptTHXAeSEYbglERPuZAZA7MH8gXIsju+ -E5FLMDewHnnt7ekRUg3wS8bUoGDJMBDNkI/sNQoz0KPPvSLZOFvUqZgn6/E37AeZ -1qvNBXE2u/kBIhdOK/VjDO+wjTblAqIWhXNOnC3u5ujrKU/R7+2leOfcW6XQFB2Z -zYvH/Xo0S7SB740JxHZ/NubBDvLEx3Neac/zlsxxf0n/efbs3Oez0Umbx9eJJQgk -QLNf017/HVZwGYeya5vE83VXvbGcfPNVCMGI4diuOY6q8kcn6fUbiJXzDrfo7EGV -dRrHJ2R0MQUUE6s268ejoQ1PsSPDVKOJ0bMkZ9tby4JEr8XXxGQ/WppHa7vaXFin -hOLa1Wv/Kmm7xptAa3ry/ScCOdznLYmEDH8mYLl7s0tg0W50kDfM6GZpU69PWvTP -7h2aagQPwIF3JddtlRLJb5bAHt/LG52vafyYY45cKKA2ydywKNet9SWSKI4MzUjV -ekOY1a7E3uLjK3iG4dBD+puBEx1Nh3ZL3pLhpN4YO5A= -=H3+c ------END PGP PUBLIC KEY BLOCK----- diff --git a/multi-code-widget.md b/multi-code-widget.md new file mode 100644 index 0000000..bc4bc02 --- /dev/null +++ b/multi-code-widget.md @@ -0,0 +1,91 @@ +--- +layout: "no" +permalink: /multi-code-widget/ +--- + + + +blah blah + +
+ + + Host * + Ciphers base64,rot13 + MACs md5,crc32 + + + + Host * + Ciphers rot13 + MACs md5 + + + + Host * + Ciphers base64 + MACs crc32 +
+ +foo bar baz fuz + diff --git a/no.md b/no.md new file mode 100644 index 0000000..76647d2 --- /dev/null +++ b/no.md @@ -0,0 +1,6 @@ +--- +layout: "no" +permalink: /no/ +--- + +![No](/assets/no.png "No.") diff --git a/pocorgtfo/pocorgtfo.md b/pocorgtfo/pocorgtfo.md new file mode 100644 index 0000000..60fd792 --- /dev/null +++ b/pocorgtfo/pocorgtfo.md @@ -0,0 +1,17 @@ +--- +layout: page +title: PoC||GTFO +permalink: /pocorgtfo/ +--- + +# International Journal of PoC||GTFO + +* PoC||GTFO 0x00: 273 KB, SHA256 `c4d1d1091187b98a9bb28452bc6564a1e8c0ce10d20ba2b4a20f8b7798f7ab64` +* PoC||GTFO 0x01: 3.7 MB, SHA256 `a0f93a265d38257a06fd7fd210f73ea9c55a94ac1305c65c0510ada236c2cc88` +* PoC||GTFO 0x02: 14 MB, SHA256 `f427e8d95c0ac15abe61d96fb75cfb55df1fd5ac9e713cf968f3602267ca155e` +* PoC||GTFO 0x03: 26 MB, SHA256 `7094f5c6a3936e0d0b8f5e42b4d1940413f568e9a3617be0d7d6dc73cb3420e1` +* PoC||GTFO 0x04: 55 MB, SHA256 `1d1567b8ac533cd142a8af560266ca60939fed02e3af1f6fd0816b26473afd01` +* PoC||GTFO 0x05: 80 MB, SHA256 `9623609a9c0ecd95674e6da3de322baa141f5460cbcb93eeaade22eaf2c80640` +* PoC||GTFO 0x06: 97 MB, SHA256 `bf4d8846fbbb1071c7ec033004eda8ea8809676fe388db6faa020d781cb8ac26` +* PoC||GTFO 0x07: 32 MB, SHA256 `601534f4355c5e0eb292c6dd6edaf5055625d23e0de869f88193606415e6a35f` +* PoC||GTFO 0x08: 58 MB, SHA256 `7a942c425f471f99d8cba8da117cc4a53cddb3551e4b16c8b9feae31b5654a33` diff --git a/pocorgtfo/pocorgtfo00.pdf b/pocorgtfo/pocorgtfo00.pdf new file mode 100644 index 0000000..00eaad8 Binary files /dev/null and b/pocorgtfo/pocorgtfo00.pdf differ diff --git a/pocorgtfo/pocorgtfo01.pdf b/pocorgtfo/pocorgtfo01.pdf new file mode 100644 index 0000000..c3ebc7b Binary files /dev/null and b/pocorgtfo/pocorgtfo01.pdf differ diff --git a/pocorgtfo/pocorgtfo02.pdf b/pocorgtfo/pocorgtfo02.pdf new file mode 100644 index 0000000..e3983e0 Binary files /dev/null and b/pocorgtfo/pocorgtfo02.pdf differ diff --git a/pocorgtfo/pocorgtfo03.pdf b/pocorgtfo/pocorgtfo03.pdf new file mode 100644 index 0000000..9bd4c61 Binary files /dev/null and b/pocorgtfo/pocorgtfo03.pdf differ diff --git a/pocorgtfo/pocorgtfo04.pdf b/pocorgtfo/pocorgtfo04.pdf new file mode 100644 index 0000000..11e0527 Binary files /dev/null and b/pocorgtfo/pocorgtfo04.pdf differ diff --git a/pocorgtfo/pocorgtfo05.pdf b/pocorgtfo/pocorgtfo05.pdf new file mode 100644 index 0000000..05fc2ce Binary files /dev/null and b/pocorgtfo/pocorgtfo05.pdf differ diff --git a/pocorgtfo/pocorgtfo06.pdf b/pocorgtfo/pocorgtfo06.pdf new file mode 100644 index 0000000..ec45970 Binary files /dev/null and b/pocorgtfo/pocorgtfo06.pdf differ diff --git a/pocorgtfo/pocorgtfo07.pdf b/pocorgtfo/pocorgtfo07.pdf new file mode 100644 index 0000000..3a82bac Binary files /dev/null and b/pocorgtfo/pocorgtfo07.pdf differ diff --git a/pocorgtfo/pocorgtfo08.pdf b/pocorgtfo/pocorgtfo08.pdf new file mode 100644 index 0000000..b587a66 Binary files /dev/null and b/pocorgtfo/pocorgtfo08.pdf differ