Compare commits
2 Commits
203f68ea1b
...
b3f7f42ab0
| Author | SHA1 | Date | |
|---|---|---|---|
|
b3f7f42ab0 | ||
|
9b0467677a |
37
sheet04/a1/a.txt
Normal file
37
sheet04/a1/a.txt
Normal file
@@ -0,0 +1,37 @@
|
||||
We found this Client Hello Handshake with the filter: tls.handshake.type == 1:
|
||||
|
||||
TLSv1.3 Record Layer: Handshake Protocol: Client Hello
|
||||
Handshake Protocol: Client Hello (last fragment)
|
||||
[2 Reassembled Handshake Fragments (1496 bytes): #1(1158), #2(338)]
|
||||
Handshake Protocol: Client Hello
|
||||
Handshake Type: Client Hello (1)
|
||||
...
|
||||
Extension: key_share (len=1258) X25519MLKEM768, x25519
|
||||
Type: key_share (51)
|
||||
Length: 1258
|
||||
Key Share extension
|
||||
Client Key Share Length: 1256
|
||||
Key Share Entry: Group: X25519MLKEM768, Key Exchange length: 1216
|
||||
Group: X25519MLKEM768 (4588)
|
||||
Key Exchange Length: 1216
|
||||
Key Exchange […]: 6bfb169eb1aef0e121d7247092da22c2a75367eb7f620538b3f81ae29926ade590eee3ccdaf8afb793819dc8110f241d5827cc97a52151cbc99d9307053bc575f04c9c2457156bb5dcf5cd6a4c9fbcb8852366b47e253109e9ac0847875f6387cc794a04c30b17b31460a063758a6aeaf979cdd08a889a3de5a748289b72b6d83062071085d8323f86622db4c2ed71792dd325374096f331b1d143c347e87d1c545133b3542c605c092548a8179bdf76b32dcb9bd6fc46dd514eed92a3b67824bfe8a58997c75dc32333c46696b7ce71d62eff77c15ef0afdeea33add5a5cf054eb5911705a62deb7bae6ddc7e9680c9d479065e7c3e298a86cd1982c7c8bd002cc755c663fea62b51f182c685315f9c5f13b9c0a751881f414f40a17773c37658aa786aba6d9032447b60a59ad01904a9c59e369e76080dc4a9743ce505b7053369c596f0a23fcecc705aa3340409b557f093bb9b26a7fc07f78743eebb297a33271df270cd2b3dbf065c75508fe23452e2c10a0a876193f5a90a3075e6e29bd77961907a2ce1a70321fb5ca88cb11174664e5b71eb2c9a081977b0404a452a4427f0c8665348ce331ad4aa0d1c0bb6c9a6069cbbc14f5a53a02b8adcfa58591915607c8576ab413ce7931b2c3a578abc85b7a40c616535f1359842617aac2c4d363956a626e7248bd84cb4c026bab5a1a2bb041ff3d2a277946762d9992001caf6dc58ce81c7f9d0a2987a4d79596ef55511c2ca037afbb77aba8255d67a1fd81e6b1bc010621e500759e24681b8821358c809852a3f7fb639cc41b0fd839e29c54bf6f53776c4515fb17c79c6bd34acb8e9417e3c5c59a8d5960c7937f7a864054a4f97c71d72f1cce2e2c876c033b3977fc1793c6a8c407b2373989354db071d38da3430a4c51fe9579fd19f49d4c6019415c09a83bcc12e47cc828bf22463da96f3d178a3800e817b7552f89616639ed40329c3c4ba5b938f30186bebdbacd9e830258755e3963cbd6b7a9b55a8d7ea5cc637ccbaaa2234dc2832304f1161c1be895f25057b2f8c40ba48cc9db48da68a77eaea756fbc0e72423f1f1741a92caf16ea537f98519b3c243f02ba982abc76342f57181607a48fd71369622a4317d57e82b288e5079e2919bce76a3a09f351ce8695a86093bb984ebaac22496739d392152c55aef35755c1ba23fde180ac244247e8bbe89669a2b6ba79164965a67ff186c7980878761b1844922d97f104f3b86b3fa9b7bb7226cea8b14c294e9a084128777ef9531960f65dbb267265ca06cc7b8f1141b233c81a501abd6972291c3c679000402a321bdf95bee2162c1277734ba030c2a6cf383520d0b99232f86fbb23c0374626cbe22f3188066813b6b27270d2f2314e10c3002872a94c9c969286a1fc042a1477dd82c7910c5ed06b63e6079039fa29fc1039f80412f046a55abb05a3c2278c6a5d65534318817e37e2563c29c1fbf93b4124acec1323e9415f511b9b11e942e378b72bfa68dcf559312b7e3715432c80bd2bd06a95210cb06ac6b340ae18a34ded679e1110a7d7a92fe9e31a4e9956720a6f29838b95c05059182198b54bd76ba3de74347a3a166cf5bfc3f94c6cd922e37225fc95bec250915ea7581bea745b1a17988063585c795e1d2d1e219e580c3d3773cf9d9967ed01ccfd09a0832b58d42ee7b5cac4b4d2d057aa96fb32d04b356d22580772
|
||||
|
||||
|
||||
it contains the publickey: 6bfb169eb1aef0e121d7247092da22c2a75367eb7f620538b3f81ae29926ade590eee3ccdaf8afb793819dc8110f241d5827cc97a52151cbc99d9307053bc575f04c9c2457156bb5dcf5cd6a4c9fbcb8852366b47e253109e9ac0847875f6387cc794a04c30b17b31460a063758a6aeaf979cdd08a889a3de5a748289b72b6d83062071085d8323f86622db4c2ed71792dd325374096f331b1d143c347e87d1c545133b3542c605c092548a8179bdf76b32dcb9bd6fc46dd514eed92a3b67824bfe8a58997c75dc32333c46696b7ce71d62eff77c15ef0afdeea33add5a5cf054eb5911705a62deb7bae6ddc7e9680c9d479065e7c3e298a86cd1982c7c8bd002cc755c663fea62b51f182c685315f9c5f13b9c0a751881f414f40a17773c37658aa786aba6d9032447b60a59ad01904a9c59e369e76080dc4a9743ce505b7053369c596f0a23fcecc705aa3340409b557f093bb9b26a7fc07f78743eebb297a33271df270cd2b3dbf065c75508fe23452e2c10a0a876193f5a90a3075e6e29bd77961907a2ce1a70321fb5ca88cb11174664e5b71eb2c9a081977b0404a452a4427f0c8665348ce331ad4aa0d1c0bb6c9a6069cbbc14f5a53a02b8adcfa58591915607c8576ab413ce7931b2c3a578abc85b7a40c616535f1359842617aac2c4d363956a626e7248bd84cb4c026bab5a1a2bb041ff3d2a277946762d9992001caf6dc58ce81c7f9d0a2987a4d79596ef55511c2ca037afbb77aba8255d67a1fd81e6b1bc010621e500759e24681b8821358c809852a3f7fb639cc41b0fd839e29c54bf6f53776c4515fb17c79c6bd34acb8e9417e3c5c59a8d5960c7937f7a864054a4f97c71d72f1cce2e2c876c033b3977fc1793c6a8c407b2373989354db071d38da3430a4c51fe9579fd19f49d4c6019415c09a83bcc12e47cc828bf22463da96f3d178a3800e817b7552f89616639ed40329c3c4ba5b938f30186bebdbacd9e830258755e3963cbd6b7a9b55a8d7ea5cc637ccbaaa2234dc2832304f1161c1be895f25057b2f8c40ba48cc9db48da68a77eaea756fbc0e72423f1f1741a92caf16ea537f98519b3c243f02ba982abc76342f57181607a48fd71369622a4317d57e82b288e5079e2919bce76a3a09f351ce8695a86093bb984ebaac22496739d392152c55aef35755c1ba23fde180ac244247e8bbe89669a2b6ba79164965a67ff186c7980878761b1844922d97f104f3b86b3fa9b7bb7226cea8b14c294e9a084128777ef9531960f65dbb267265ca06cc7b8f1141b233c81a501abd6972291c3c679000402a321bdf95bee2162c1277734ba030c2a6cf383520d0b99232f86fbb23c0374626cbe22f3188066813b6b27270d2f2314e10c3002872a94c9c969286a1fc042a1477dd82c7910c5ed06b63e6079039fa29fc1039f80412f046a55abb05a3c2278c6a5d65534318817e37e2563c29c1fbf93b4124acec1323e9415f511b9b11e942e378b72bfa68dcf559312b7e3715432c80bd2bd06a95210cb06ac6b340ae18a34ded679e1110a7d7a92fe9e31a4e9956720a6f29838b95c05059182198b54bd76ba3de74347a3a166cf5bfc3f94c6cd922e37225fc95bec250915ea7581bea745b1a17988063585c795e1d2d1e219e580c3d3773cf9d9967ed01ccfd09a0832b58d42ee7b5cac4b4d2d057aa96fb32d04b356d22580772
|
||||
|
||||
And we also fount this Server Hello Handshake with the filter: tls.handshake.type == 2:
|
||||
|
||||
Handshake Protocol: Server Hello
|
||||
Handshake Type: Server Hello (2)
|
||||
...
|
||||
Extension: key_share (len=1124) X25519MLKEM768
|
||||
Type: key_share (51)
|
||||
Length: 1124
|
||||
Key Share extension
|
||||
Key Share Entry: Group: X25519MLKEM768, Key Exchange length: 1120
|
||||
Group: X25519MLKEM768 (4588)
|
||||
Key Exchange Length: 1120
|
||||
Key Exchange […]: 640e2803937e4576a03c90112349c636e4b1efa63636d92a2b1b72ea7f1aea327f57e9ed2f1f1081502a552bae5da6e43b74a4cc548a8e8e29ce3b86eaa81c77407d68d5f7ec47d5d1cccc94d36aa640a2c341c988f2286bdf180acd99313474a8d4759933cef0e92c2fbf6efdfd82fd34c17a2b354c810cc8d0598392c90844d2c9ee8f7eefa1e08d5c5af4739331e2b23b4ae2892c98c43bf233a5b031aa611dcc949b5ecd9f2c8167dffe14c85434c2b06be100bf070ee76774c2efb4968a3a024679545c31a07b2b4af3c702dbec4921102b539ba6e2f0c1afd4f45f7604cb8493967d26e8e84a136bfb242d560728387643b38f570163be166b18049177ce0940b274025d828538d869fd8b0cfafe266e8f51a5b72b0feb6f66a3adcfc6061be14a2b272236090f136a404a6c71af2af8f5763fa8ab9274ab041d9c9b0f3a506f5f16925da671c93ad4f562c8e997233bcc1f18ed32d623d37aa4505f621bc752815534c337f03d87159d55838960e25cf333b390440b30f1e152a51cc2b55460e6841b428f4acf714c99eb09efd9b4955c86cdb9851495c9fb609d77ea6dadfa7c67b0ccb3e217401e4b004c47e355460cd47f444b989dfcd39b504a9de1bda306f6c14a9f522fb3de5736a5139caf44871837f3761b9ef23d1dbf939682d880f06281f9f3481d801135075fd3f4f5b04f5d4a70b2f92676733d8e29013912f244f7232fd4ec64f535f5db96bee6ba28a22bfe69923135b32883f692bfda79b04c614ded3986c4999c38ae1dc955aa8dc608c26f90d3bcc507694fc69b8a320c2cbbf11692d8b248f985552026b38d09f8d2cb5878d5bfd320fe94790d1f31cc19866e4166649a8884e9616d7e16da94a6f3f7c141672adfc88d04ee2b446f4ffac87ff8fb4dd456432738c679ccba5033ad47fa2906e665179e1043b1673447b2877fa1e88a3b62f47b0a34ca85cd1da4a762871cf6234ba9d596a241d5e9a0049b372021b8806ef408bf0f78d718c64224f4cafebbf5a44c84f1bc6075fc073fe0495f329e22b6fd4c19ec908197454511fb841934783fe7a1f9ede7cb0ca22e2df949d285a436d165adf1b12f7a6fa6f0545846d7329a85894f2de2130ba344fdcabfcc1ae0fa7ba1bb1d39029f9926f1d6468ee80cbf95c908d2f2a632aa06043880f89cc0b538dbfd1de87e3db6b88d58099702792f8780fa7b52c37e7be9b822f9a86bf283839b9df96de32af3b38f26c5afe311138f28be5e523b0cfb061e6bd33571216d6dc0bb7da30d1ec6b3fb9f88bad78e6bcd5bd48ec986f2a89e77f1360aa3fa7a06e93bfdf1408d34cb39c7128209e1d8b9e90e1e98a91c14113ff2d6185850d765048af8f595fa5e30452a03a552bb7a272e6f0e5e09ad64c57c1d9d22441f929ab65ab9a85fe66f6b48737eb92d578dbf5dfdbb8b710e4b2a1b7d48dae0af2a77f6805f7bc17f0a5bb3fbf6f69a055def782b3a48f80be17e62fbeba2e8ee327c52f2a9b8d8e3eb9313c4909b6d5577705ebd033c5c33b70f1f5855913706e74bfe5ff4922ddc85604449646ddde35fb17fd58511
|
||||
|
||||
|
||||
it contains the publickey: 640e2803937e4576a03c90112349c636e4b1efa63636d92a2b1b72ea7f1aea327f57e9ed2f1f1081502a552bae5da6e43b74a4cc548a8e8e29ce3b86eaa81c77407d68d5f7ec47d5d1cccc94d36aa640a2c341c988f2286bdf180acd99313474a8d4759933cef0e92c2fbf6efdfd82fd34c17a2b354c810cc8d0598392c90844d2c9ee8f7eefa1e08d5c5af4739331e2b23b4ae2892c98c43bf233a5b031aa611dcc949b5ecd9f2c8167dffe14c85434c2b06be100bf070ee76774c2efb4968a3a024679545c31a07b2b4af3c702dbec4921102b539ba6e2f0c1afd4f45f7604cb8493967d26e8e84a136bfb242d560728387643b38f570163be166b18049177ce0940b274025d828538d869fd8b0cfafe266e8f51a5b72b0feb6f66a3adcfc6061be14a2b272236090f136a404a6c71af2af8f5763fa8ab9274ab041d9c9b0f3a506f5f16925da671c93ad4f562c8e997233bcc1f18ed32d623d37aa4505f621bc752815534c337f03d87159d55838960e25cf333b390440b30f1e152a51cc2b55460e6841b428f4acf714c99eb09efd9b4955c86cdb9851495c9fb609d77ea6dadfa7c67b0ccb3e217401e4b004c47e355460cd47f444b989dfcd39b504a9de1bda306f6c14a9f522fb3de5736a5139caf44871837f3761b9ef23d1dbf939682d880f06281f9f3481d801135075fd3f4f5b04f5d4a70b2f92676733d8e29013912f244f7232fd4ec64f535f5db96bee6ba28a22bfe69923135b32883f692bfda79b04c614ded3986c4999c38ae1dc955aa8dc608c26f90d3bcc507694fc69b8a320c2cbbf11692d8b248f985552026b38d09f8d2cb5878d5bfd320fe94790d1f31cc19866e4166649a8884e9616d7e16da94a6f3f7c141672adfc88d04ee2b446f4ffac87ff8fb4dd456432738c679ccba5033ad47fa2906e665179e1043b1673447b2877fa1e88a3b62f47b0a34ca85cd1da4a762871cf6234ba9d596a241d5e9a0049b372021b8806ef408bf0f78d718c64224f4cafebbf5a44c84f1bc6075fc073fe0495f329e22b6fd4c19ec908197454511fb841934783fe7a1f9ede7cb0ca22e2df949d285a436d165adf1b12f7a6fa6f0545846d7329a85894f2de2130ba344fdcabfcc1ae0fa7ba1bb1d39029f9926f1d6468ee80cbf95c908d2f2a632aa06043880f89cc0b538dbfd1de87e3db6b88d58099702792f8780fa7b52c37e7be9b822f9a86bf283839b9df96de32af3b38f26c5afe311138f28be5e523b0cfb061e6bd33571216d6dc0bb7da30d1ec6b3fb9f88bad78e6bcd5bd48ec986f2a89e77f1360aa3fa7a06e93bfdf1408d34cb39c7128209e1d8b9e90e1e98a91c14113ff2d6185850d765048af8f595fa5e30452a03a552bb7a272e6f0e5e09ad64c57c1d9d22441f929ab65ab9a85fe66f6b48737eb92d578dbf5dfdbb8b710e4b2a1b7d48dae0af2a77f6805f7bc17f0a5bb3fbf6f69a055def782b3a48f80be17e62fbeba2e8ee327c52f2a9b8d8e3eb9313c4909b6d5577705ebd033c5c33b70f1f5855913706e74bfe5ff4922ddc85604449646ddde35fb17fd58511
|
||||
45
sheet04/a1/b.txt
Normal file
45
sheet04/a1/b.txt
Normal file
@@ -0,0 +1,45 @@
|
||||
We looked for the packet containing the certificate handshake with the filter:
|
||||
tls.handshake.type == 11 and found the following certificates:
|
||||
|
||||
|
||||
Certificate 1:
|
||||
Issuer: Let's Encrypt
|
||||
Subject: www.mozilla.org
|
||||
Valid until: 2025-07-28 10:02:46 (UTC)
|
||||
Algorithm ID: 1.2.840.113549.1.1.1 (rsaEncryption)
|
||||
RSA Public Key: 3082010a0282010100e422db3b32d5efbcc3b8b840760fdc8352561f8c50d830c488272571593bd4f96b43de8bcf6ede62042d1d5da6ae274f14906e97f306abec51d3a9a62663adf76ff960be247a898161093395f37a091f31e1536857a8deca4ed9aac9ce16d7f6c4e6d983224447fb1ebbcb5abecadf41a82b41d6bd4ea0de2b5153f8a273ab754b4b07241a49c2251c1c4f5055c3074f0b5476c88e0781d02af1f37a81a4fd0a1c1773b1dc8fc0596ff913f9b6f6fa2f40d1903319f6b312b7c23ded69176647a3bd7ff6a182b833b69309445123eb60a88c6de83b8da9d755ecafee52651e9a112ab5734021c2e0c1b30c83954cee138d639efc2abf78a48524c68d5942661d020300010001
|
||||
|
||||
|
||||
Certificate 2:
|
||||
Issuer: Internet Security Research Group
|
||||
Subject: Let's Encrypt
|
||||
Valid until: 2027-03-12 23:59:59 (UTC)
|
||||
Algorithm ID: 1.2.840.113549.1.1.1 (rsaEncryption)
|
||||
RSA Public Key: 3082010a0282010100ba87bc5c1b0039cbca0acdd46710f9013ca54ea561cb26ca52fb1501b7b928f5281eed27b324183967090c08ece03ab03b770ebdf3e53954410c4eae41d69974de51dbef7bff58bda8b713f6de31d5f272c9726a0b8374959c4600641499f3b1d922d9cda892aa1c267a3ffeef58057b089581db710f8efbe33109bb09be504d5f8f91763d5a9d9e83f2e9c466b3e106664348188065a037189a9b843297b1b2bdc4f815009d2788fbe26317966c9b27674bc4db285e69c279f0495ce02450e1c4bca105ac7b406d00b4c2413fa758b82fc55c9ba5bb099ef1feebb08539fda80aef45c478eb652ac2cf5f3cdee35c4d1bf70b272baa0b4277534f796a1d87d90203010001
|
||||
|
||||
|
||||
echo "HEX-KEY" | tr -d ' \n\r' | xxd -r -p > key.der
|
||||
openssl rsa -in key.der -inform der -pubin -out key.pem
|
||||
|
||||
gave us the publickeys:
|
||||
Cert 1:
|
||||
-----BEGIN PUBLIC KEY-----
|
||||
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5CLbOzLV77zDuLhAdg/c
|
||||
g1JWH4xQ2DDEiCclcVk71PlrQ96Lz27eYgQtHV2mridPFJBul/MGq+xR06mmJmOt
|
||||
92/5YL4keomBYQkzlfN6CR8x4VNoV6jeyk7ZqsnOFtf2xObZgyJER/seu8tavsrf
|
||||
QagrQda9TqDeK1FT+KJzq3VLSwckGknCJRwcT1BVwwdPC1R2yI4HgdAq8fN6gaT9
|
||||
ChwXc7Hcj8BZb/kT+bb2+i9A0ZAzGfazErfCPe1pF2ZHo71/9qGCuDO2kwlEUSPr
|
||||
YKiMbeg7janXVeyv7lJlHpoRKrVzQCHC4MGzDIOVTO4TjWOe/Cq/eKSFJMaNWUJm
|
||||
HQIDAQAB
|
||||
-----END PUBLIC KEY-----
|
||||
|
||||
Cert 2:
|
||||
-----BEGIN PUBLIC KEY-----
|
||||
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoe8XBsAOcvKCs3UZxD5
|
||||
ATylTqVhyybKUvsVAbe5KPUoHu0nsyQYOWcJDAjs4DqwO3cOvfPlOVRBDE6uQdaZ
|
||||
dN5R2+97/1i9qLcT9t4x1fJyyXJqC4N0lZxGAGQUmfOx2SLZzaiSqhwmej/+71gF
|
||||
ewiVgdtxD4774zEJuwm+UE1fj5F2PVqdnoPy6cRms+EGZkNIGIBloDcYmpuEMpex
|
||||
sr3E+BUAnSeI++JjF5ZsmydnS8TbKF5pwnnwSVzgJFDhxLyhBax7QG0AtMJBP6dY
|
||||
uC/FXJuluwme8f7rsIU5/agK70XEeOtlKsLPXzze41xNG/cLJyuqC0J3U095ah2H
|
||||
2QIDAQAB
|
||||
-----END PUBLIC KEY-----
|
||||
26
sheet04/a2/a.txt
Normal file
26
sheet04/a2/a.txt
Normal file
@@ -0,0 +1,26 @@
|
||||
After some search these are my most used services (with number of visits):
|
||||
7191|gitlab.uni-ulm.de
|
||||
7409|github.com
|
||||
8307|www.youtube.com
|
||||
10696|duckduckgo.com
|
||||
11337|www.wanikani.com
|
||||
|
||||
1. Wanikani is a Japanese learning app and does not support any kind of multi-factor-authentication. You can log in with your email address and also reset your password using your email address. They only removed username login in 2023: https://community.wanikani.com/t/updating-wanikani-password-recovery-options/61437.
|
||||
|
||||
2. DuckDuckGo does not even have a login, so no need for authentication. I guess in a way, the most secure account is the account that doesn't exist. However, since it felt like cheating: I also use Proton a lot, and they have a lot of options for login. Speaking from personal experience here are the ones I know:
|
||||
- TOTP: Active for my account as well (they even have their own Authenticator app)
|
||||
- Security keys: Also available for two-factor authentication
|
||||
- In case of Proton Pass: You can set a second password that unlocks the password manager to make sure someone doesn't get access when they get your main password (just additional security).
|
||||
- For recovery, you can also set emergency contacts and stuff (so people could get access to your account even if you died), they have a pretty comprehensive system in total and I think they're really doing a good job with authentication
|
||||
|
||||
3. YouTube: Well, here it gets a little complicated, but it's basically the same as for any Google account and because it's a big platform there are so many security options that you can't even count them all.
|
||||
- TOTP
|
||||
- Pass keys
|
||||
- Email 2FA
|
||||
- Google's own autentication system that works with any Android device (the one where a code is sent to your phone instead of by email)
|
||||
- Security codes: Offline credentials similar to TOTP that can be viewed in the Google app on a phone when logged in (as a compliment to Google's own code sending)
|
||||
- You can also chain any of those together to make your account more secure
|
||||
|
||||
4. GitHub: Also really solid here: TOTP, Security keys, GitHub Mobile and SMS/Text (marked as insecure) messages are supported. However, no multi-factor authentication, you can only configure a second factor.
|
||||
|
||||
5. University GitLab: Also a lot available: Login usually works through the University's account system, but you can additionally add TOTP and WebAuthn devices (so passkeys).
|
||||
Reference in New Issue
Block a user