tags

zu1k · Oct 10, 2023 · 74f0dc1 · 74f0dc1
1 parent 6a3e2ba
commit 74f0dc1
Show file tree

Hide file tree

Showing 12 changed files with 49 additions and 44 deletions.
diff --git a/content/posts/coding/deploy-blog-to-cf-workers-site/index.md b/content/posts/coding/deploy-blog-to-cf-workers-site/index.md
@@ -32,7 +32,7 @@ npm i @cloudflare/wrangler -g
 cargo install wrangler
 
 # 使用系统OpenSSL库，生成的二进制会小一些
-cargo install wrangler --features sys-openssl
+cargo install wrangler --features sys-OpenSSL
 ```
 
 ## 部署

diff --git a/content/posts/coding/openssl-first-try-rsa-md5-base64/index.md b/content/posts/coding/openssl-first-try-rsa-md5-base64/index.md
@@ -1,7 +1,7 @@
 ---
 title: 静态链接OpenSSL进行RSA\MD5\Base64
 tags:
-    - openssl
+    - OpenSSL
     - coding
 categories:
     - coding
@@ -17,13 +17,13 @@ date: 2020-03-18 12:50:10
 
 ## 准备工作
 
-### 下载openssl代码
+### 下载OpenSSL代码
 
-`git clone https://github.com/openssl/openssl.git`
+`git clone https://github.com/OpenSSL/OpenSSL.git`
 
-或者从官网 https://www.openssl.org/source/ 下载源代码
+或者从官网 https://www.OpenSSL.org/source/ 下载源代码
 
-我使用的是openssl 1.1.1
+我使用的是OpenSSL 1.1.1
 
 ### 安装perl环境，这里使用的是ActivePerl
 
@@ -39,7 +39,7 @@ https://www.nasm.us/
 
 ![环境变量PATH](env.png)
 
-## 编译 openssl 静态链接库
+## 编译 OpenSSL 静态链接库
 
 ### 初始化环境
 
@@ -51,9 +51,9 @@ https://www.nasm.us/
 
 ### 生成编译配置文件
 
-cd进入openssl源码目录
+cd进入OpenSSL源码目录
 
-执行 ```perl Configure VC-WIN64A no-asm no-shared --prefix="D:\Project\opensslwork\openssl\build" --openssldir="D:\Project\opensslwork\openssl\build\ssl"```
+执行 ```perl Configure VC-WIN64A no-asm no-shared --prefix="D:\Project\OpenSSLwork\OpenSSL\build" --OpenSSLdir="D:\Project\OpenSSLwork\OpenSSL\build\ssl"```
 
 ### 进行编译并测试和安装
 
@@ -69,32 +69,32 @@ nmake install
 
 ![lib](build2.png)
 
-## 使用openssl的api进行编程
+## 使用OpenSSL的api进行编程
 
 ### visual studio项目配置
 
 vs创建空项目，然后配置头文件和库文件的路径
 
 项目右键-属性，配置选择所有配置，平台选择x64
 
-`VC++ 目录` 配置里面的 `包含目录` 添加openssl的头文件目录, 我这里是 `D:\Project\opensslwork\openssl\build\include;`
+`VC++ 目录` 配置里面的 `包含目录` 添加OpenSSL的头文件目录, 我这里是 `D:\Project\OpenSSLwork\OpenSSL\build\include;`
 
 ![lib](vsw1.png)
 
 `链接器` 里面的 `输入` 的 `附加依赖项` 添加 静态库名，`libcrypto.lib;libssl.lib;`
 
-> 注意：在使用openssl的静态链接库时，除了添加 `libcrypto.lib;libssl.lib;`，还需要添加系统的依赖库：`crypt32.lib;WS2_32.lib;`， 因为openssl在windows平台使用了这些库。
+> 注意：在使用OpenSSL的静态链接库时，除了添加 `libcrypto.lib;libssl.lib;`，还需要添加系统的依赖库：`crypt32.lib;WS2_32.lib;`， 因为OpenSSL在windows平台使用了这些库。
 > 完整的： `kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies);crypt32.lib;libcrypto.lib;libssl.lib;WS2_32.lib;`
 
 ### 添加头文件
 
-因为需要md5,rsa,base64等操作，这里需要导入openssl四个相关的头文件
+因为需要md5,rsa,Base64等操作，这里需要导入OpenSSL四个相关的头文件
 
 ```c++
-#include <openssl/rsa.h>
-#include <openssl/pem.h>
-#include <openssl/md5.h>
-#include <openssl/bio.h>
+#include <OpenSSL/rsa.h>
+#include <OpenSSL/pem.h>
+#include <OpenSSL/md5.h>
+#include <OpenSSL/bio.h>
 ```
 
 ### 使用MD5对字符串生成摘要
@@ -105,7 +105,7 @@ int md5_hash(const char *in, unsigned char *md)
     unsigned char* data;
     const unsigned char* str;
     data = (unsigned char*)in;
-    MD5(data, strlen(in), md); //调用openssl的md5方法
+    MD5(data, strlen(in), md); //调用OpenSSL的md5方法
     return 1;
 }
 ```
@@ -119,7 +119,7 @@ RSA * gen_rsa()
     RSA* rsa = RSA_new();
     BIGNUM* e = BN_new();
     BN_set_word(e, RSA_F4);
-    int rc = RSA_generate_key_ex(rsa, bits, e, NULL); //openssl中生成rsa key的新方法
+    int rc = RSA_generate_key_ex(rsa, bits, e, NULL); //OpenSSL中生成rsa key的新方法
     BN_free(e);
     if (rc != 1) return NULL;   
     size_t pri_len;
@@ -134,16 +134,16 @@ RSA * gen_rsa()
 }
 ```
 
-### 对数据进行base64编码，base64在BIO中有
+### 对数据进行Base64编码，Base64在BIO中有
 
 ```c++
-int base64_encode(const unsigned char* buffer, size_t length, char** b64text) {
+int Base64_encode(const unsigned char* buffer, size_t length, char** b64text) {
     BIO* bio, * b64;
     BUF_MEM* bufferPtr;
-    b64 = BIO_new(BIO_f_base64());
+    b64 = BIO_new(BIO_f_Base64());
     bio = BIO_new(BIO_s_mem());
     bio = BIO_push(b64, bio);
-    BIO_set_flags(bio, BIO_FLAGS_BASE64_NO_NL);
+    BIO_set_flags(bio, BIO_FLAGS_Base64_NO_NL);
     BIO_write(bio, buffer, length);
     BIO_flush(bio);
     BIO_get_mem_ptr(bio, &bufferPtr);
@@ -179,9 +179,9 @@ int main(int argc, char* argv[])
     unsigned int siglen;
     RSA_sign(NID_sha1, md, MD5_DIGEST_LENGTH, sig, &siglen, rsa);
 
-    // final base64(sig)
+    // final Base64(sig)
     char* b64text;
-    base64_encode(sig, (size_t)siglen, &b64text);
+    Base64_encode(sig, (size_t)siglen, &b64text);
     printf("%s\n", b64text);
     return 0;
 }

diff --git a/content/posts/coding/openssl-practice/index.md b/content/posts/coding/openssl-practice/index.md
@@ -6,7 +6,7 @@ draft: true
 
 前两个学期，有两门课程的作业涉及OpenSSL库的使用，具体内容可以看：
 
-- [静态链接OpenSSL进行RSA\MD5\Base64]({{< ref "posts/coding/openssl-first-try-rsa-md5-base64/index.md" >}})
+- [静态链接OpenSSL进行RSA\MD5\Base64]({{< ref "posts/coding/OpenSSL-first-try-rsa-md5-Base64/index.md" >}})
 
 这学期的课程又有涉及OpenSSL库的内容，虽然已有之前两次的经验，但是做起来还是发现自己对其封装理解的不够深入，对其文档不够熟悉，在实际使用的时候遇到了不少挫折
 

diff --git a/content/posts/events/mitm-https-hijack-github/index.md b/content/posts/events/mitm-https-hijack-github/index.md
@@ -1,8 +1,9 @@
 ---
-title: GitHub等大面积https劫持
+title: GitHub 等大面积 HTTPs 劫持
 tags:
   - GitHub
-  - 中间人
+  - MITM
+  - event
 categories:
   - event
 date: 2020-03-27 8:47:11
@@ -24,17 +25,17 @@ date: 2020-03-27 8:47:11
 
 ## 检查GitHub证书
 
-这里我通过北京和香港两台阿里云主机，使用openssl提供的方法查看证书详细内容
+这里我通过北京和香港两台阿里云主机，使用OpenSSL提供的方法查看证书详细内容
 
-命令为: `openssl s_client -showcerts -connect github.com:443 < /dev/null`
+命令为: `OpenSSL s_client -showcerts -connect github.com:443 < /dev/null`
 
 ### 北京阿里云
 
 <details>
   <summary>点击展开</summary>
 
 ```bash
-➜  ~ openssl s_client -showcerts -connect github.com:443 < /dev/null
+➜  ~ OpenSSL s_client -showcerts -connect github.com:443 < /dev/null
 CONNECTED(00000003)
 depth=1 C = CN, ST = GD, L = SZ, O = COM, OU = NSP, CN = CA, emailAddress = 346608453@qq.com
 verify error:num=19:self signed certificate in certificate chain
@@ -135,7 +136,7 @@ DONE
   <summary>点击展开</summary>
 
 ```bash
-➜  ~ openssl s_client -showcerts -connect github.com:443 < /dev/null
+➜  ~ OpenSSL s_client -showcerts -connect github.com:443 < /dev/null
 CONNECTED(00000005)
 depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert High Assurance EV Root CA
 verify return:1

diff --git a/content/posts/linux/raspberry-pi-boot-script-to-send-IP-to-specified-email.md b/content/posts/linux/raspberry-pi-boot-script-to-send-IP-to-specified-email.md
@@ -68,11 +68,11 @@ class MyEmail:
             # 抄送列表
             attach["Cc"] = ";".join(self.cc_list)
         if self.doc:
-            # 估计任何文件都可以用base64，比如rar等
+            # 估计任何文件都可以用Base64，比如rar等
             # 文件名汉字用gbk编码代替
             name = os.path.basename(self.doc).encode("gbk")
             f = open(self.doc, "rb")
-            doc = MIMEText(f.read(), "base64", "gb2312")
+            doc = MIMEText(f.read(), "Base64", "gb2312")
             doc["Content-Type"] = 'application/octet-stream'
             doc["Content-Disposition"] = 'attachment; filename="' + name + '"'
             attach.attach(doc)

diff --git a/content/posts/security/reverse/xray-cracker/index.md b/content/posts/security/reverse/xray-cracker/index.md
@@ -105,7 +105,7 @@ Not Valid After: 2099-09-09 08:00:00
 ### AES 解密
 
 ```go
-decode_data, err := base64.StdEncoding.DecodeString(licenseString)
+decode_data, err := Base64.StdEncoding.DecodeString(licenseString)
 if err != nil {
   panic(err)
 }
@@ -142,20 +142,20 @@ xray 官方在 1.3.0 版本中更换了授权验证机制，所以破解仅支
 在解密前有一个简单的交换，开始和最后的两个两个没有参与运算（开始第一个字节是证书版本号）
 
 ```golang
-right := len(base64DecodeData) - 1
+right := len(Base64DecodeData) - 1
 for l := 1; l < right; l++ {
   r := right - l
   if l >= r {
     break
   }
-  base64DecodeData[l], base64DecodeData[r] = base64DecodeData[r], base64DecodeData[l]
+  Base64DecodeData[l], Base64DecodeData[r] = Base64DecodeData[r], Base64DecodeData[l]
 }
 ```
 
 然后进行 aes 解密，密钥是写死的，IV 是附加在证书里面的，刚刚的变换结束后，除去第一个字节是版本号，紧接着的 16 个字节是 AES 的 IV
 
 ```golang
-aesDecData, err := Decrypt(base64DecodeData[17:], base64DecodeData[1:17])
+aesDecData, err := Decrypt(Base64DecodeData[17:], Base64DecodeData[1:17])
 ```
 
 AES 解密后就会遇到另一个变换，是简单的异或处理

diff --git a/content/posts/security/vulnerability-detection/taint-style-vulnerabilities.md b/content/posts/security/vulnerability-detection/taint-style-vulnerabilities.md
@@ -12,8 +12,8 @@ draft: true
 
 相关细节和代码见：
 
-- [CVE-2014-0160](https://git.openssl.org/gitweb/?p=openssl.git&a=search&h=refs%2Fheads%2FOpenSSL_1_0_1-stable&st=commit&s=cve-2014-0160)
-- [补丁：Add heartbeat extension bounds check](https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff;f=ssl/d1_both.c;h=2e8cf681ed0976e2b16460170fda27c77cfec6cc;hp=7a5596a6b373aeabbd6d8d674f0e20b1618c5012;hb=96db9023b881d7cd9f379b0c154650d6c108e9a3;hpb=0d7717fc9c83dafab8153cbd5e2180e6e04cc802)
+- [CVE-2014-0160](https://git.OpenSSL.org/gitweb/?p=OpenSSL.git&a=search&h=refs%2Fheads%2FOpenSSL_1_0_1-stable&st=commit&s=cve-2014-0160)
+- [补丁：Add heartbeat extension bounds check](https://git.OpenSSL.org/gitweb/?p=OpenSSL.git;a=blobdiff;f=ssl/d1_both.c;h=2e8cf681ed0976e2b16460170fda27c77cfec6cc;hp=7a5596a6b373aeabbd6d8d674f0e20b1618c5012;hb=96db9023b881d7cd9f379b0c154650d6c108e9a3;hpb=0d7717fc9c83dafab8153cbd5e2180e6e04cc802)
 
 ## 污染型漏洞
 

diff --git a/content/posts/security/web-security/hack-hackbar/index.md b/content/posts/security/web-security/hack-hackbar/index.md
@@ -2,6 +2,7 @@
 title: HackBar破解
 tags:
 - HackBar
+- web-security
 categories:
 - web-security
 date: 2020-03-22 10:11:42

diff --git a/content/posts/security/web-security/hide-your-webshell/index.md b/content/posts/security/web-security/hide-your-webshell/index.md
@@ -1,7 +1,7 @@
 ---
-title: 如何优雅的隐藏你的Webshell
+title: 如何优雅的隐藏你的 Webshell
 tags:
-- WebShell
+- web-security
 categories:
 - web-security
 date: 2020-08-08 09:21:59+0800

diff --git a/content/posts/security/web-security/scan-hikvision-weak-password/index.md b/content/posts/security/web-security/scan-hikvision-weak-password/index.md
@@ -3,7 +3,7 @@ title: 针对海康威视网络摄像头弱密码的一次扫描
 date: 2019-11-28 20:15:06
 tags:
   - Scan
-  - Web
+  - web-security
 categories:
   - coding
 ---

diff --git a/content/posts/thinking/false-sense-of-security.md b/content/posts/thinking/false-sense-of-security.md
@@ -180,4 +180,4 @@ categories:
 ## 拓展阅读
 
 - [iCloud: Who holds the key?](https://blog.cryptographyengineering.com/2012/04/05/icloud-who-holds-key/)
-- [NkkySjVweW81NXFHNVlXMTVaS000b0NkNTRpeDZMQ0I2TENCNG9DZDZZTzk1WStxNUx5YTViaW01cDJsNXB1MDVhU2E1NXFFNVkyeDZabXA=](https://www.base64decode.org/)
+- [NkkySjVweW81NXFHNVlXMTVaS000b0NkNTRpeDZMQ0I2TENCNG9DZDZZTzk1WStxNUx5YTViaW01cDJsNXB1MDVhU2E1NXFFNVkyeDZabXA=](https://www.Base64decode.org/)
diff --git a/content/tags/mitm/_index.md b/content/tags/mitm/_index.md
@@ -0,0 +1,3 @@
+---
+title: MITM
+---