Search the Community

Hello everyone! I was hoping someone could possibly help with an issue I am running into. I am using the Packet Squirrel to do a collect info for a printer on my network, however, something else that I would like to incorporate is an SSLKEYLOGFILE environment variable. Is it possible to create this variable via a Packet Squirrel collect? Or could I possibly write a script to create the environment variable from the Packet Squirrel collect? Thanks much in advance for any advice!

EncDecFiles.ps1 Author: (c) 2017 by QDBA Version 1.0 Description EncDecFiles.ps1 is a powershell script to Encrypt / Decrypt a powershell (or any other) file with AES. You can use it to obfuscate your powershell script, so AV Scanner doesn't detect it. Usage: EncDecFiles.ps1 < -Encrypt | -Decrypt > # encrypt or decrypt a file < -In Filename > # Input File [ -Out Filename ] # Output File [ -Pass Password ] # Password Example 1 - encdecfiles.ps1 -In c:\test.ps1 -encrypt Encrypts File c:\test.ps1 with password "hak5bunny" encrypted file is c:\test.enc Example 2 - encdecfiles.ps1 -In c:\test.ps1 -encrypt -pass secret Encrypts File c:\test.ps1 with password "secret" encrypted file is c:\test.enc Example 3 - encdecfiles.ps1 -In c:\test.ps1 -encrypt -Out c:\encrypted-file.aes -pass Secret Encrypt a File c:\Test.ps1 with password "Secret" encrypted file is c:\encrypted-file.aes Example 4 - encdecfiles.ps1 -In c:\Test.enc -decrypt Decrypt a encrypted file c:\test1.enc to c:\test1.ps1 with default password "hak5bunny" How to run the encrypted powershell script In the Script "Run_Script_Example.ps1" you see an example how to load and execute the encrypted Script. Load the encrypted script to a variable. Than execute the function Run with the variable and a password Download https://github.com/qdba/MyBashBunny/tree/master/Other/EncDecFiles

Salutations Hak5, I'm S0AndS0 a long time watcher (and big fan) of the various shows that have been made available by the Hak5 teem. What is shared here maybe thought of as a "tricky treat" for the holiday. https://github.com/S0AndS0/Perinoid_Pipes The above project has been documented in detail (because we've heard that the show hosts of Hak5 like that out of project authors) and as of latest local & remote tests is operating as expected. Simply put this project facilitates common encryption & decryption options of GnuPG via a named pipe (similar to anonymous pipes `|` but addressable via file path) and a customized listening loop that parses incoming data. Think of it as a *short-cut* for operations involving public key crypto; for example of normal encryption echo "some secret" | gpg -a -e user@email.host >> out.file And for comparison an example of encrypting via named pipe file echo "some secret" > /var/log/named.pipe This allows any service to utilize encryption by way of output redirection; logging daemons, web host logging, and/or your own custom services. So far three usage scenarios have been written but we're hoping that with this communities' help we can write at least two more together; perhaps a guide on using this tool with Rubber Ducky to automatically encrypt data off a target to either a second storage device or to the Ducky it's self. Notes for beginners; If you (the reader) are new or unfamiliar with encryption via GnuPG then ya may want to start with the documents in above code repo that begin with `Gnupg_` after coming to terms with the options available then check the script's help documentation via the following commands chmod u+x Paranoid_Pipes ./Paranoid_Pipes --help Use the output from above to modify your next commands, add `--help` at the end to check your settings prior to committing to them. Easy as pie. Notes for Moderators; If this has been posted in the wrong section please move or notify the OP's author to move it to the proper section. This tool has been shared with the this community in the hopes that readers will find it useful but without warranties of any kind. Notes for Show Hosts; If you wish to include this tool within a publication then you have permission, prematurely given, to utilize any of the tools found in the above code repository for either your own projects or for featuring the main project itself.

Hi, did someone know how i could decrypt a BLOB-Data from the Windows Registry? For Example there is a digital certificate stored which looks like it is encrypted. Now i want to decrypt it with java and native call the crypt32.dll (function: cryptUnprotectData()) with JNA. i tried it, but i get data invalid error. the function could have many arguments, but i did not found out which i have to use exactly. here is my little peace of code - maybe it helps.. byte[] byteArray = (byte[]) Advapi32Util.registryGetValue(WinReg.HKEY_LOCAL_MACHINE, "SOFTWARE\\Microsoft\\SystemCertificates\\AuthRoot\\Certificates\\02FAF3E291435468607857694DF5E45B68851868", "Blob"); byte[] protectedData = Crypt32Util.cryptProtectData(byteArray); String test = new String(protectedData); System.out.println(test); When i run this code i get: Data invalid - win32 exception. so i think something wrong with the input data. Maybe the data was not encrypted with dpapi? or i need to use some of the arguments (see here: http://msdn.microsoft.com/en-us/library/windows/desktop/aa380882%28v=vs.85%29.aspx)? Hope someone could help me :) thnx!

Greetings! I'm having a problem with a Hex-code Password from a registry file. Its related with Bearshare. I fed in a hex to ASCII converter, and this string pops out: Ð Ñ O eMž í» EncryptedString ü ©c \ °·Ûv â Ë ¥ ³ M3æ ¥Ç" ïr©ÜVâ5à $l Ž Lol, any help would be greatly appreciated. Thanks! > Registry Contents below: "Password"=hex:01,00,00,00,d0,8c,9d,df,01,15,d1,11,8c,7a,00,c0,4f,c2,97,eb,01,\ 00,00,00,90,ae,9f,9f,65,be,4d,48,9e,ae,18,17,ed,13,bb,75,00,00,00,00,20,00,\ 00,00,45,00,6e,00,63,00,72,00,79,00,70,00,74,00,65,00,64,00,53,00,74,00,72,\ 00,69,00,6e,00,67,00,00,00,10,66,00,00,00,01,00,00,20,00,00,00,fc,91,a9,72,\ 63,dc,5c,a3,b0,09,b7,e9,db,6c,76,e7,00,00,00,00,04,80,00,00,a0,00,00,00,10,\ 00,00,00,e2,09,cb,36,0d,35,a5,d8,b3,a8,4d,70,33,50,e6,5d,10,00,00,00,09,11,\ a5,f6,c7,52,22,29,ef,9b,72,55,a9,84,dc,17,14,00,00,00,01,6f,56,7c,e2,65,35,\ 04,e0,5a,81,24,24,77,6c,d1,8e,bd,05,40 "AutoConnect"=dword:00000001 "RememberPassword"=dword:00000001 "Default"=dword:00000001 "Status"=dword:00000001 "Guest"=dword:00000000 "LoginUserType"=dword:00000000 "ActiveTabInSearch"=dword:00000000 "ActiveTabInWeb"=dword:00000000 "AdditionalResults"=dword:0000002d