SSH/RSA Key Search

Sometimes you get a disk image that can’t be nicely mounted.  However, you’d still like to retrieve any ssh/rsa keys.  Found a nice article that will get you close to the answer: http://amandine.aupetit.info/291/ssl-private-key-file-recovery/ grep -i -a -B30 -A50 ‘BEGIN RSA PRIVATE KEY’ /dev/sda2 The only things I changed were that 30 lines before, …

Continue reading

Sending Control Characters via Python

At one point I needed to send some control characters (up arrow) via a socket.  Took me a little to figure out so wanted to capture the knowledge here. #http://stackoverflow.com/questions/10113530/sending-hex-values-through-udp-or-tcp-socket-via-parameter-passing-to-script crashString = [“0x1b”, “0x5b”, “0x41”, “0x0a”] hexCrashString = “” for h in crashString: intCrashString = int(h, 16) # now convert …

Continue reading

Foscam Default Login Bruteforcer

Back before this happened, I came to a similar conclusion after purchasing my own Foscam (which I love).  The Foscam had 3 issues that I saw as exploitable: It defaults ON to using Foscam’s DDNS service using LL#### nomenclature (small key space to guess devices) It defaults to ‘admin’, ” for …

Continue reading