Category: Uncategorized

Generating Public/Private Key Pairs

Post author By Kyle
Post date December 12, 2018

My public key is copied at the bottom of this post. I used ecdsa instead of RSA due to the exponentially longer time it would take to brute force–and at a size of 521 bits that should be practicably impossible. Great write up on the topic here.

As with elliptic-curve cryptography in general, the bit size of the public key believed to be needed for ECDSA is about twice the size of the security level, in bits. For example, at a security level of 80 bits (meaning an attacker requires a maximum of about 2^80 operations to find the private key).

ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAD2RCeJQb/fwNGwYDFTbVbDcNYSDpj9xnaDGzbmcrPHDhRjzf6uhlXYyhQXASvhGVsmCWLSyFshspZa56/p1T4KdQFUa1CJ6fABN4T4YJDoRMLYmVNt8763UjjmBWUb1tSV0yuBCToqf15nhrc0r3svN6ZZQzAJvCmmlW3WSBUq3p4f5g== delf@delf-MacBookPro

Kali nmap tor Uncategorized

Avoid Detection with Nmap Stealth Scan and Tor

Post author By Kyle
Post date December 12, 2018

The nmap stealth scan -sS flag allows you to search for open ports by adjusting the TCP/IP three way handshake:

The handshake ordinarily is SYN -> SYN ACK -> ACK

The -sS flags change the handshake to SYN -> SYN ACK -> RST

Defined: Synchronize, Acknowledge, Reset

This makes it less likely, but certainty not impossible for an intrusion detection system to pickup the scan.

The best approach that I can think of would be to use the -sS flag and between each port tested use Tor to change IPs from within a regionally anticipated region based on the purpose and location of the target. There is a great write up on how to do just that here using Tor and Proxy Chains to use public proxies.

The article also mentions using the tor-resolve feature to resolve a hostname to an IP address to avoid all of your queries going through the DNS server of the ISP. Nmap allows the -n flag to never use DNS name resolution and the -Pn flag to avoid host discovery.

That leaves me with the following command after using tor-resolve on technicalagain.com: sudo proxychains nmap -sS -n -PN -v 173.194.34.174

Update: Also don’t forget the -O flag to learn the operating system and hosting service.

chromebook chrx Projects ProjectSuccess Ubuntu Uncategorized

Dual Boot GalliumOS on a Chromebook

Post author By Kyle
Post date November 26, 2017

I had some success running Ubuntu on my Chromebook through Crouton, but I started running into issues. My hypothesis is that since aspects of the Linux kernel are shared between ChromeOS through chroot with Crouton, I couldn’t get a clean installation of Apache to run. I assume this was due to permissions. So I set out on yet another Linux adventure to do a true installation of Linux on the Chromebook.

I found a nice utility called chrx that made the installation very straight forward.

Installing Linux via chrx onto a new (or freshly recovered) Chromebook is a two-phase process:

The first phase reserves space on your SSD or other storage device for the new operating system, and then reboots.

The second phase installs your chosen distribution, and configures the new system according to your selected options.

The installation proceeded smoothly by typing the following into the terminal.
Run chrx: cd ; curl -Os https://chrx.org/go && sh go

Follow on-screen instructions to prepare your Chromebook for installation

Stumbling blocks

I have a Bay Trail chromebook. I should have paid more attention. I did not notice this the first time I installed so even though the install went smoothly, when I pressed CTRL + L to launch into Ubuntu, it was non-responsive and would boot back into ChromeOS. The issue was that I needed to update my firmware. I found this nice firmware update script. I chose the first option which installed the RW_LEGACY firmware with a newer/working/customized version of the SeaBIOS firmware payload and then I good to go Ubuntu loaded nicely.

A second issue I ran into was that the full Ubuntu 16.04 install was just a bit too resource heavy for my now discontinued Acer Chromebook. Chrx comes with a variety of different distro installation options. I chose to go with GalliumOS. Gallium is built on Ubuntu and optimized for Chromebooks plus it has a very clean design.

My install of Apache, PHP, MySQL, and MongoDB all went smoothly so I have a nice and pretty responsive development environment. I have not really booted into ChromeOS since installing Gallium.

Thanks to reynhout for their work on chrx, MrChromeBox for the firmware script, and hugegreenbug the founder of the Gallium project. This is another example project demonstrating the remarkable power of open source software.