Certificates

An electronic document used to prove the validity of a public key.

Connect to Remote Server with SSL/TLS

You need to have two files - certificate and private key.

nc --ssl-cert cert.pem --ssl-key private-key.pem <target-ip> <target-port>
# or
ncat --ssl-cert cert.pem --ssl-key private-key.pem <target-ip> <target-port>

RSA Attack

• Retrieve Private Key

  • RsaCtfTool

    RSA attack tool (mainly for ctf) - retreive private key from weak public key and/or uncipher data.

PFX (PKCS#12) -> PEM -> RSA

1. Crack Password of PFX

   crackpkcs12 is useful to crack password.

   crackpkcs12 -d wordlist.txt example.pfx
   

2. Extract a Private Key

   • For Encrypted Key

     openssl pkcs12 -in example.pfx -nocerts -out key.pem
     

   • For No Encrypted Key

     openssl pkcs12 -in example.pfx -nocerts -out key.pem -nodes
     

3. Extract a Public Key (Cert)

   openssl pkcs12 -in example.pfx -nokeys -out cert.pem
   

4. Create RSA Key

   Using the private key generated.

   openssl rsa -in key.pem -out rsa.key
   

RSA Asymmetrick Encrypt/Decrypt

• Encryption

  1. Generate a Private Key

     openssl genrsa -aes256 -out private.key 8912
     

  2. Generate a Public Key using the Private Key

     openssl rsa -in private.key -pubout public.key
     

  3. Encrypt using the Public Key

     openssl rsautl -encrypt -pubin -inkey public.key -in plain.txt -out encrypted.txt
     

• Decryption

  1. Decrypt a Private Key

     openssl rsautl -decrypt -inkey private.key -in encrypted.txt -out plain.txt