Diffie-Hellman key exchange protocol

Posted by & filed under Uncategorized.


Diffie-Hellman is a key exchange protocol developed by Diffie and Hellman (imagine that) in 1976. The purpose of Diffie-Hellman is to allow two entities to exchange a secret over a public medium without having anything shared beforehand. As it turns out, this is an extremely important function, and understanding how Diffie-Hellman accomplishes this should be a point of interest for any information security enthusiast.

Two values, called Diffie-Hellman parameters, are at the core of this protocol, and they consist of a very large prime number p, and a second related “generator” number that is smaller than p, called g. The value for g is tied very strongly to its associated p value. The nature of this relationship is that for each number n, there is a power k of g such that n = g^k % p.

Each host must agree on these two parameters (p and g) in order for the protocol to work. Finally, a third and private value, called x is also generated for each host. This value, unlike p and g, is not shared.

Public values (to be exchanged with each other) are then generated with this function:

y = g^x % p

…or in other words, take value g and raise it to the power of value x, divide that by p, and your remainder is your public value y. Then, the two parties exchange their y’s with each other and the exchanged numbers are used to create the shared secret z as follows:

z = y^x % p

…or, take the exchanged public key y and raise it to the power of your private key x, and divide that by the shared value p. The shared secret, z, is the remainder of that operation.

The beauty of Diffie-Hellman is that after each party does this independently, they will both end up with the exact same value for z!. This means they now have an outstanding key for whatever encryption algorithm they decide on using for the rest of their communication.

This works because:

z = (g^x % p)^x' % p = (g^x' % p)^x % p

Note that the portion of the equation above in parenthesis is the other host’s “public key”, and that it has the other host’s private value in it. This is what makes the arrival at a mutual secret possible mathematically.

So here’s how it breaks down:

Exchange some numbers over a public medium
Create your own private number that won't be exchanged
Generate a public "key" from the previously agreed upon numbers combined with your private value
Perform a calculation using their public, your private, and the shared information
Your result will match that of your partner doing the same thing
You now have a shared secret without it ever crossing the public medium!

Truly awesome!
Shamelessly stolen from: danielmiessler.com/study/diffiehellman/

Tails — Tor

Posted by & filed under Networking.

Tails relies on the Tor anonymity network to protect your privacy online: all outgoing connections to the Internet are forced to go through Tor.

Tails is a live system: a complete operating-system designed to be used from a CD or a USB stick independently of the computer’s original operating system. It is Free Software and based on Debian GNU/Linux.

Tails is configured with a special care to not use the computer’s hard-disks, even if there is some swap space on it. The only storage space used by Tails is the RAM memory, which is automatically erased when the computer shuts down. So you won’t leave any trace neither of the Tails system nor of what you did on the computer. That’s why we call it “amnesic”.


Dumping DNS Zones

Posted by & filed under Uncategorized.

It is possible to attempt to dump a zone using the AXFR parameter of the dig command:

$ dig -t AXFR @dns.server.domains.is.on.com domain.name.to.dump.com

Done! If the command fails withe “Transfer failed.” then the DNS server is properly secured against unauthorized zone transfers.

WiFi MITM with Jasager

Posted by & filed under Uncategorized.

Jasager is an implementation of Karma designed to run on OpenWrt on the Fon. It will probably run on most APs with Atheros wifi cards but it was designed with the Fon in mind as it is a nice small AP which gives it a lot of scope for use in penetration tests and other related fun.

Oh carp this is cool!


PHP mail() from sender incorrect

Posted by & filed under PHP, Programming, Server Admin.

Today I ran into a issue where a client’s server was sending mail via php’s mail function. Everything was working great, except the from field was showing as “user@the.server.name.net“.

This was perplexing partly due to the fact that examination of the SMTP headers shows the From: field being correctly populated with the seding address.

After some further digging in the headers, I found that the envelope-from was being set as user@the.server.name.net which is where my issue was coming from.

Header excerpt:

Received: from username by web1.server.net with local (Exim 4.69)
(envelope-from )
id 1Qbeva-00060p-9K
for user@testaddress.com; Tue, 28 Jun 2011 16:30:34 -0400
To: "test test"
Subject: testing 3
From: "E-mail Testing"

It seemed that the smoking gun was somewhere with PHP. I tried setting the php.ini value sendmail_from parameter, but found that this is a windows-only parameter and therefore does not apply to my issue.

Finally I found that the mail function did not have the 5th parameter defined. Once I added the 5th parameter, it all started working correctly:

return mail($to, $subject, $message, $from);

return mail($to, $subject, $message, $from, '-f user@testaddress.com');

Problem solved!

Concrete5 CMS

Posted by & filed under Uncategorized.

Stumbled across this today…

concrete5 makes running a website easy.

Go to any page in your site, and a editing toolbar gives you all the controls you need to update your website. No intimidating manuals, no complicated administration interfaces – just point and click.


OpenRealty Software

Posted by & filed under Programming.

OpenRealty software

Open-Realty is the world’s leading FREE real estate listing marketing and management CMS application, and has been the real estate web site software of choice for professional web site developers who have been building rich and effective web sites using our tools since 2002.


RoboRealm – Vision for the bots!

Posted by & filed under Electronic.

RoboRealmĀ® is an application for use in computer vision, image analysis, and robotic vision systems. Using an easy point and click interface RoboRealm simplifies vision programming! Using an inexpensive USB webcam and the PC you already have you can now add machine vision to your robotic projects!



Logging temperature using 1-wire devices

Posted by & filed under Hardware Development.

DigiTemp — Software and 1-wire network info www.digitemp.com/index.shtml
1-Wire USB Adaptor — www.hobby-boards.com/catalog/product_inf…
OWFS — 1-Wire filesystem — owfs.org/index.php?page=thermocouple
1-WIRE Weather Instrument Kit — www.aag.com.mx/aagusa/index1.html

T-Sense RJ-45 Temperature Sensors — www.ibuttonlink.com/sensors.aspx
1-WIRE USP Master Interface — www.ibuttonlink.com/1-wire-interface-mas…
1-Wire Maxim Devices — www.maxim-ic.com/products/1-wire/

EDIT: More 1-wire links:
Guidelines for reliable long 1-wire networks: www.maxim-ic.com/app-notes/index.mvp/id/…
A Hobbyists Guide to 1-wire: www.arunet.co.uk/tkboyd/e1didx.htm
Maxim IC 1-Wire Thermocouples: para.maxim-ic.com/en/search.mvp?fam=temp…
Pers and 1-Wire Temperature Sensors – www.linux-magazine.com/issue/65/Perl_Tem…

Xymon/Hobbit Custom Scripting

Posted by & filed under Uncategorized.

There are a few steps to get custom scripts working.

  • 1. Update hobbitlaunch.cfg with the new script. For my WHOIS checker I used:

    # WHOIS Expiration Checker

    ENVFILE /usr/lib/hobbit/server/etc/hobbitserver.cfg
    CMD /usr/lib/hobbit/server/ext/dnsreg

  • 2. Install script, make sure it is executable, etc. This should be placed at the path of CMD in my above snippet. By default it is /server/ext
  • 3. Update bb-hosts with the service name
  • www.balldawg.net/index.php/2009/05/creat…