Certificates

An electronic document used to prove the validity of a public key.

Connect to Remote Server with SSL/TLS

You need to have two files - certificate and private key.

nc --ssl-cert cert.pem --ssl-key private-key.pem <target-ip> <target-port>
# or
ncat --ssl-cert cert.pem --ssl-key private-key.pem <target-ip> <target-port>

RSA Attack

Retrieve Private Key
- RsaCtfTool
  RSA attack tool (mainly for ctf) - retreive private key from weak public key and/or uncipher data.

PFX (PKCS#12) -> PEM -> RSA

Crack Password of PFX
crackpkcs12 is useful to crack password.
```
crackpkcs12 -d wordlist.txt example.pfx
```

Extract a Private Key

For Encrypted Key

openssl pkcs12 -in example.pfx -nocerts -out key.pem

For No Encrypted Key

openssl pkcs12 -in example.pfx -nocerts -out key.pem -nodes

Extract a Public Key (Cert)

openssl pkcs12 -in example.pfx -nokeys -out cert.pem

Create RSA Key
Using the private key generated.
```
openssl rsa -in key.pem -out rsa.key
```

RSA Asymmetrick Encrypt/Decrypt

Encryption

Generate a Private Key

openssl genrsa -aes256 -out private.key 8912

Generate a Public Key using the Private Key
```
openssl rsa -in private.key -pubout public.key
```

Encrypt using the Public Key

openssl rsautl -encrypt -pubin -inkey public.key -in plain.txt -out encrypted.txt

Decryption

Decrypt a Private Key

openssl rsautl -decrypt -inkey private.key -in encrypted.txt -out plain.txt

PreviousDecrypt NextDES (Data Encryption Standard)

Last updated 1 year ago