reorganizing

Cryptography/README.md

@@ -11,6 +11,22 @@
 - Brute force hex digest chars
 
 
+### Command Line
+```
+$ echo -n password | md5sum
+5f4dcc3b5aa765d61d8327deb882cf99
+```
+
+- 32 chars
+
+```
+7e1321b3c8423b30c1cb077a2e3ac4f0a2a551a6458a8de22446cc76d639a9e98fc42c6cddf9966db3b09e843650343578b04d5e377d298e78455efc5ca404d5f4c9385f1902f7334b00b9b4ecd164de8bf8854bebe108183caeb845c7676ae48fc42c6ddf9966db3b09e84365034357327a6c4304ad5938eaf0efb6cc3e53dc7ff9ea9a069bd793691c422fb818
+```
+
+- Use Python's md5.md5().digest()
+
+
+
 
 ------
 
@@ -21,6 +37,21 @@
 - SHA-256 brute force
 
 
+### Command Line
+
+- Brute force:
+```
+import hashlib, itertools
+hash = '6307c5441ebac07051e3b90d53c3106230dd9aa128601dcd5f63efcf824ce1ba'
+ch = 'abcdef0123456789'
+for a, b, c, d, e, f in itertools.product(ch, ch, ch, ch, ch, ch):
+ if hashlib.sha256('ASIS_a9%s00f497f2eaa4372a7fc21f0d' % (a + b + c + d + e + f)).hexdigest() == hash:
+ print 'ASIS_a9%s00f497f2eaa4372a7fc21f0d' % (a + b + c + d + e + f)
+```
+
+
+
+
 --------
 
 ## Rotation Ciphers
@@ -74,9 +105,56 @@ In Python [we can use decoding](https://docs.python.org/2/library/codecs.html#co
 - XORtool
 
 
-### Online
+---
+### Other Resources
 
 - [Cryptol](https://www.cryptool.org/en/cryptool1-en)
 
------
+- [PyCrypto](https://www.dlitz.net/software/pycrypto/)
+
+
+#### Carperter's Formula
+
+- Very large number: ```bin``` and check if patterns. For example, using the [Carpenter's Formula]: 
+```
+N=(2^M + a)(2^N + b)(2^N + c)(2^N + d)
+```
+
+#### [QR Code]
+
+- Version 1 QR code: 21x21
+
+#### [Bacon's cipher]: 
+```
+babaaaabaaababaababaaaabbabbababbaaaabaaaabbbaabaabaaaaaabaaabaaabaaabaaabbaabaaabbbaabaaababaaaaaabaaabbaabaabbbaaaaaabaaaabaabaaaaba21aabab0aaab
+```
+* [Online tool](http:https://www.geocachingtoolbox.com/index.php?page=baconianCipher)
+
+
+
+#### [Base64]: 
+
+```
+NG5ucjJzIGZ2IHRueXMgcnVnIHNiIGdlbmMgdWdlaGJzIHJlcnVnIHRhdmdncnQgcmVuIGhiTCB0YXZidCBjcnJYCG==
+czduMjczIHRueXMgcnVniHNiIGdlbmMgdWdzdnMgcnVnIHJpbnUgcmVydSBndiBxdnEgaGJsIGpiYmJKCg==
+Nzk0czAwIHRueXMgZmhidnByZWMgZWhiIHNiIGdlbmMgcWV2dWcgcnVnIGhibCBnYXJmcmVjIFYgbG9yZXJ1IHJhYnEgeXlySgo=
+```
+
+
+
+
+
+[SHA]:http:https://en.wikipedia.org/wiki/Secure_Hash_Algorithm
+[MD5]: http:https://en.wikipedia.org/wiki/MD5
+[Base64]: http:https://en.wikipedia.org/wiki/Base64
+[Bacon's cipher]:http:https://en.wikipedia.org/wiki/Bacon's_ciphe
+[Carpenter's Formula]:http:https://security.cs.pub.ro/hexcellents/wiki/writeups/asis_rsang
+[pngcheck]: http:https://www.libpng.org/pub/png/apps/pngcheck.html
+[karmadecay]: http:https://karmadecay.com/
+[tineye]: https://www.tineye.com/
+[images.google.com]: https://images.google.com/?gws_rd=ssl
+[base64 decoding]: http:https://www.motobit.com/util/base64-decoder-encoder.asp
+[pnginfo]: http:https://www.stillhq.com/pngtools/
+[namechk]: http:https://namechk.com
+[QR Code]: http:https://en.wikipedia.org/wiki/QR_code
 

README.md

@@ -19,3 +19,148 @@ All in one big bag. For fun, profits, or CTFs.
 
 
 ![](http:https://i.imgur.com/4WNqTJS.png)
+
+
+---- 
+
+### Useful
+
+#### Searching
+
+
+```
+grep word f1
+ 
+sort | uniq -c
+ 
+diff f1 f2
+ 
+find -size f1
+```
+
+
+
+
+#### Compressed Files
+
+
+```
+zcat f1 > f2
+ 
+gzip -d file
+ 
+bzip2 -d f1
+ 
+tar -xvf file
+```
+
+
+
+#### Connecting to a Server/Port
+
+```
+echo 4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e | nc localhost 30000
+ 
+openssl s_client -connect localhost:30001 -quiet
+ 
+nmap -p 31000-32000 localhost
+ 
+telnet localhost 3000
+```
+
+
+
+#### Decoders
+
+[Base64](http:https://www.base64decode.org)
+
+[ASCII Conversion Table](http:https://defindit.com/ascii.html)
+
+[Convert All](http:https://www.asciitohex.com/)
+
+
+- In Python:
+
+- Decimal to binary
+
+```python
+>>> bin(124234)
+'0b11110010101001010'
+```
+
+- Decimal to hex:
+
+```python
+>>> s =hex(secret)
+```
+
+- Hexadecimal to binary:
+```python
+SECRET.decode('hex')
+'==QcCtmMml1ViV3b'
+```
+
+```
+$ python -c 'print "2f722f6e6574736563".decode("hex")'
+```
+
+- Hex to ascii:
+
+```
+$ xxd -r -p <<< 2f722f6e6574736563
+```
+
+- Base64 decode:
+
+```python
+>>> SECRET.decode('base64')
+'oubWYf2kBq'
+```
+
+- md5 hashes
+http:https://hash-killer.com/
+http:https://www.md5this.com/
+
+----
+
+
+
+### Recon
+
+
+
+#### Searching the Internets
+
+The recon problems usually give you someone/something's name and a task or a hint to find some specific information about it. So the first thing is of course google it.
+
+Google anything using keywords such as ```filetype:cgi inurl:cgi-bin```
+
+
+#### In addition we can look at:
+
+- Facebook, Twitter, Linkedin, Google+, reddit, /r/netsec.
+- IRC: with **/whois **.
+- [namechk] 
+- Github: check in the commit history.
+
+
+#### Finding pictures:
+
+- [karmadecay]
+- [tineye]
+- [images.google.com]
+
+
+
+-----------------
+[FireBug]: http:https://getfirebug.com/
+[Burp Suite]: http:https://portswigger.net/burp/
+[pngcheck]: http:https://www.libpng.org/pub/png/apps/pngcheck.html
+[karmadecay]: http:https://karmadecay.com/
+[tineye]: https://www.tineye.com/
+[images.google.com]: https://images.google.com/?gws_rd=ssl
+[base64 decoding]: http:https://www.motobit.com/util/base64-decoder-encoder.asp
+[subbrute.py]: https://github.com/SparkleHearts/subbrute
+[pnginfo]: http:https://www.stillhq.com/pngtools/
+[namechk]: http:https://namechk.com
+

Reverse_Engineering/README.md

@@ -10,16 +10,41 @@
 - base conversion
 - Command line tricks
 
+
+### Encondings/ Binaries
+
+```
+file f1
+ 
+ltrace bin
+ 
+strings f1
+ 
+base64 -d
+ 
+xxd -r
+
+nm
+
+objcopy
+
+binutils
+```
+
+
+
+
+
 ### Online References
 
 [Reverse Engineering, the Book]: http:https://beginners.re/
 
 
 ----
-
 ## IDA
 
 - Cheat sheet
+- [IDA PRO](https://www.hex-rays.com/products/ida/support/download_freeware.shtml)
 
 
 -------------
@@ -30,6 +55,8 @@
 
 
 
+
+
 #### gdb
 ```sh
 $ gcc -ggdb -o <filename> <filename>.c

Steganography/README.md

@@ -6,3 +6,64 @@
 - Adding two images
 - xor_bytes
 - color crypto
+
+___
+
+## Command Line:
+
+- Pull out the audio with ffmpeg:
+
+```
+$ ffmpeg -i windows.mp4 windows.wav
+```
+
+
+- Make a gif from video using [ffmpeg](https://www.ffmpeg.org/download.html)
+
+```sh
+$ ffmpeg -i windows.mp4 windows.gif
+```
+
+- Online tool for images: 
+ * [utilitymill](http:https://utilitymill.com/utility/Steganography_Decode)
+ * [pngcheck](http:https://www.libpng.org/pub/png/apps/pngcheck.html)
+ * [Paranoid.jar](https://ccrma.stanford.edu/~eberdahl/Projects/Paranoia/)
+
+
+____
+
+### Metadata
+
+
+[Image metadata](http:https://regex.info/exif.cgi)
+
+- To find information inside a picture, we can use package [pnginfo] or [pngcheck].
+
+- If we need [base64 decoding] (for example a PGP key with a picture).
+
+- Weird pieces of bytes may need to be XORed.
+
+- If we have a decrypted message and a key:
+ 1. Import the private key to use it to decrypt the message with ```gpg --allow-secret-key-import --import private.key```
+ 2. Decrypt with ```gpg --decrypt message.pgp```.
+
+- [ExifTool](http:https://www.sno.phy.queensu.ca/~phil/exiftool/index.html)
+
+
+
+
+
+
+
+
+[Bacon's cipher]:http:https://en.wikipedia.org/wiki/Bacon's_ciphe
+[Carpenter's Formula]:http:https://security.cs.pub.ro/hexcellents/wiki/writeups/asis_rsang
+[pngcheck]: http:https://www.libpng.org/pub/png/apps/pngcheck.html
+[karmadecay]: http:https://karmadecay.com/
+[tineye]: https://www.tineye.com/
+[images.google.com]: https://images.google.com/?gws_rd=ssl
+[base64 decoding]: http:https://www.motobit.com/util/base64-decoder-encoder.asp
+[subbrute.py]: https://github.com/SparkleHearts/subbrute
+[pnginfo]: http:https://www.stillhq.com/pngtools/
+[namechk]: http:https://namechk.com
+