5 years from a now, an App could sudendly change the world...politicians no longer would have no control, not over the machines or the users. This App is called "The Butcher" ; you choose a number target, ex. 10 million citizens , your goal is to kill them all, you kill 10 if you tweet "I die my way" once , when you reach 10000 killing (100 tweets) you are reward with one death scene from the movies from 1950 until 2017. After you kill them all tweeting 1000 times , you got urself 10 scenes special for your profile. . you then pick the one you want to die like, instead of eutanasia if you decide that for any reason, and vote on the App for legalize this self choose death scene.
Saturday, February 11, 2017
Friday, February 10, 2017
I have here something very special...
"DELAYED CODE" technology version 1.1 [*] Introduction Let we wrote a virus. Avers will create antiviral code to detect it, and after some time period all infected computers will be cured. This article describes another technology of prolonging this time period. [*] Idea We may write code which will change initial virus bytes (or any other virus characteristics) after two months, for example. If the virus will initially contain such modificating-code, antivirus will just contain not one, but two or more checksums, or checksum calculated at other, constant code range. There are only one way to prohibit analysis of the modificating-code: to hide it from avers. And there are the following ways to implement this action: 1. At required time, download code from the Internet, or encrypt code and wait for decryption-key. 2. Encrypt code with such method, that decryption will take exactly required time. ("delayed code") As you can see, last variant allows us to write completely automated virus with hidden "delayed" features. [*] Theory (sux) Lets encrypt some random buffer A[] with some hashing algorithm so many times N, so it will take us time period T. After these calculations done, we have another random buffer B[] which is used to encrypt/decrypt our "delayed" code. There is no way to perform required N iterations using more than one computer ('coz each time current buffer is encrypted), so minimal decryption time is limited with maximal CPU speed. If you will use computer which is fast enough, and use some time to encrypt fucking random buffer, then you may be sure that the same operation may not be done in a less time period. So, each time the virus is active, it iterates N encryption cycles until buffer A[] will be converted into B[]. After time T will be spent to decryption, virus will got buffer B[] and use it to decrypt "delayed code". [*] Theory (rulez) Main trouble is that we dont want to wait for some months to encrypt fucking data, 'coz in example showed above, encryption and decryption both takes the same time period T. This means that we will use RSA algorithm. In the RSA algorithm, encryption and decryption keys are different. So, to encrypt "delayed code" we will take random buffer A[], encrypt it N times and got buffer B[]. But, in contrast to previously described hashing algorithm, our virus will iterate not the same operation. Our virus will decrypt buffer B[] back into A[]. In the encryption operation will be used small (low-bit) exponent, and in the decryption operation we will use big exponent. This means that encryption will take much less time than decryption. We will encrypt our "delayed code" for some minutes/hours, but active virus copies (as well as avers ;-) will decrypt it for some months. [*] Encryption/decryption time interdependence Now our task is to answere, how many times should we encrypt our "delayed code" so it will be decrypted for some months. As you know, RSA encryption means the following: encryption: encr = (text ^ e) % m decryption: text = (encr ^ d) % m where {e,m} and {d,m} pairs are public and secret keys. ('^' sign means raising to a power, '%' means modulus, remainder after division) As a rule, e is a small number (with a low # of bits), such as 3, 17, 50003 and so on. And d is a big number, consisting of 1023 bits for example. In our scheme there is no public/secret meaning at all. Here is our scheme: Encryption: Decryption: ~~~~~~~~~~ ~~~~~~~~~~ (encrypting "delayed code", (decrypting "delayed code", at home ;-) on infected or on avers' PC) þ A[] <-- --="" -="" 1="=" 1s="" a="" above="" amp="" and="" any="" appeared="" as="" b="" because="" between="" bignumber="" bit1="" bit="" bits="" buffer="" calls="" can="" code="" consider="" d="" data="" decr.time="Encr.time" decrypt="" decryption.="" delayed="" difference="" e.="" e.getbit="" e="" encrypt="" encryption="" exponent="" for="" here="" i="" if="" in="" input="" int="" is="" it="" just="" k="0.9+-10%" last="" lets="" m="" main="" maxbit="" means="" modexp:="" modexp="" modmult="" modulus="" multiplication="" n--="" n="" now="" number="" of="" our="" output="" power="" raising="" random="" returning="" returns:="" see="" seems="" showed="" simplified="" skipped="" store="" subroutine.="" subroutine="" t="" that="" the="" this="" time="" times.="" times:="" to="" total="" usage.="" variable="" virus="" void="" when="" where:="" with="" x="(x" you="">oo, K-->1 [*] Example Lets calculate, how many times (N) should we encrypt the message, so it will be decrypted for 10 minutes. Note, that all these tests were performed on a slow pc, so not the numbers, but their proportionality has a meaning. At first, we must create RSA key. Let it be 1024-bit key with low exponent e = 3. Executing: 'KEYGEN.EXE KEY\DPGN 1024 3 3' Key parameters are: 1024-bit N, E==3, D=1023-bit/519*'1' Theoretical time ratio: (1023+519-1)/(2+2-1)*0.9 = 462+-10% But we want higher ratio precision, so lets find real time ratio, kinda "calibrate" a key. Executing: 'DGPGN.EXE e 100' result: 100 iterations done, encryption time = 815 ms Executing: 'DGPGN.EXE d 100' result: 100 iterations done, decryption time = 360228 ms 'Real' ratio: 360228/815 = 441 Now we may calculate N for 10-min decryption. If 100 decryption iterations used 360228 ms, and N iterations will use 10*60*1000 ms (10 minutes), then N = 60*10*1000 * 100 / 360228 = 167 If 167 decryption iterations will use 60*10*1000 ms, then encryption time is 60*10*1000 / 441 = 1360 ms. So, about one second of encryption will result in 10 mins of decryption. Executing: 'DPGN.EXE e 167' encryption time: 1268 ms Executing: 'DPGN.EXE d 167' decryption time: 600477 ms = 10 minutes + 0.5 seconds Lets show here some other calculation results: Decryption: Encryption: N (1024-bit key) K5-100 Celeron-500 10 min 1.3 sec 167 950 1 hour 7.8 sec 1000 ... 1 day 3 min 24000 1 week 21 min 168000 1 month 1.5 hour 672000 1 year 18 hours 8064000 16 months 1 day 10 years 1 week 40 years 1 month 8-( ) [*] Increasing speed of calculations Decryption algorithm 'text = (encr ^ d) % m' may be also represented as follows: a = ((encr % p) ^ dp) % p // dp = d % (p-1) b = ((encr % q) ^ dq) % q // dq = d % (q-1) if (b < a) b += q text = a + p * (((b - a) * u) % q) // u: (u * p) % q = 1 In such algorithm, decryption time should be faster by some times. But, i dont know if it is possible to find p and q knowing d,e and m. [*] Slowing down speed of calculations Because of d is not unique key, and d variants may be calculated using formula: d' = d + (p-1)*(q-1) * t, £¤¥ t=0,1,2,..., then d length may be increased as we want, that will slow down calculations by many times. But, if p and q will be found (knowing d'), then original d can also be found, and then somebody will be able to perform DPGN calculations many times faster, that is bad. [*] Other bad stuff 1. In a real life, there is no need to publish N number (# of iterations), just any good CRC will be enough. So, nobody will know what is IT and when IT will be decrypted and executed. |-> Also, it is good to add some random part to N number and do not make resulting time T day- or hour- aligned. 2. I'm not sure, but - maybe - {N times: x = (x ^ d) % m} operation may be changed to something more fast (using some perverted math). To avoid such shit, you may do some additional encryption between 'modexp' calls, for example as following: N times: { x = (x ^ d) % m; x = x xor; } DPGN.EXE just xors some dwords within the x number on each iteration. [*] "Delayed code" usage (which code to encrypt?) þ As was said above, entrypoint-modificating code, i.e. virus checksum changer. Imagine: your virus has been spreaded, av has been written, and now 99% of infected PCs are cured. But, that 1% that remains infected, after some time, changes own checksum and new virus begins to spread starting not from one-two PCs (as it was with "host" modification), but from thousands of infected computers. þ We all are thinking about downloading viral plugins from the Internet. "Delayed code" technology allows your virus to contain any fixed urls, those will be hidden from avers, until right time. þ Instead of deleting user's data you can quickly encrypt it, leaving a chance to decryption... in some years ;-) þ Recursive encryption. I mean that decrypted "delayed code" can contain another "surprise package". (x) 2000 Z0MBiE * * *
http://z0mbie.daemonlab.org/dpgn_eng.txt
Thursday, February 9, 2017
So, today I started to check for some information about authentication credentials...I started to read about HTTP basics on URL parameters...trés básique! ...but then I turned around the question, as soon as I understood that UTF 8 encoding is usually manipulated, and usually by binary files (where all encryption relies) encoding, whatever the languague...and also usually , images...besides text...to finally reach this question " Read both text and binary data from InputStream [duplicate]" (google it) and to end up here
Wednesday, February 8, 2017
welcome back to war! without Snowden internal tread, imagine we want a visual studio mdf file, to nice temporary be installed just by a user (no permissions as adm.) opening any brower...(here...the any browser, might make a difference) , then I have here some news for u guys...first question...How to access mdf file without SQL server..? answer is no...another question...how to deploy a mdf file...oh yes...that's possible (check for OS) and third question ...how to manage permissions for mdf file....no way if not connected to SQL Server who is the one who manage permissions...but i want you to read this instead : you need a migration script..right? whatever you are or not making a request to the SQL Server, or bypassing it by creating your own database ...confusing..I'll get there!
1.
Copy database without sysadmin permission
2.
"What is this mythical zero downtime deployment? You can say that your application is deployed that way if you can successfully introduce a new version of your application to production without making the user see that the application went down in the meantime.
Tuesday, February 7, 2017
I wonder if i helped a friend with this research...they track you, (of course in TOR) because they add a mdf. file written in visual studio (of course) on your tables database (I'm not sure if its really temporary) ...so...wherever they are search them in here:
Compare MySQL databases & automatically create schema & data change scripts/migrations rapidly (up & down SQL supported) for database version control. Supports *most* migration tools.https://github.com/DBDiff/DBDiff
Download Symantec Root Certificates
Root 01 - SHA1 - RSA 1024 bits
Name: VeriSign Class 3 Public Primary CA - G2
Serial Number: 7d d9 fe 07 cf a8 1e b7 10 79 67 fb a7 89 34 c6
Valid From: Sunday, May 17, 1998 4:00:00 PM
Valid to: Tuesday, August 01, 2028 3:59:59 PM
Certificate SHA1 Fingerprint: 85 37 1c a6 e5 50 14 3d ce 28 03 47 1b de 3a 09 e8 f8 77 0f
Serial Number: 7d d9 fe 07 cf a8 1e b7 10 79 67 fb a7 89 34 c6
Valid From: Sunday, May 17, 1998 4:00:00 PM
Valid to: Tuesday, August 01, 2028 3:59:59 PM
Certificate SHA1 Fingerprint: 85 37 1c a6 e5 50 14 3d ce 28 03 47 1b de 3a 09 e8 f8 77 0f
-----BEGIN CERTIFICATE----- MIIDAjCCAmsCEH3Z/gfPqB63EHln+6eJNMYwDQYJKoZIhvcNAQEFBQAwgcExCzAJ BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xh c3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcy MTowOAYDVQQLEzEoYykgMTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3Jp emVkIHVzZSBvbmx5MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMB4X DTk4MDUxODAwMDAwMFoXDTI4MDgwMTIzNTk1OVowgcExCzAJBgNVBAYTAlVTMRcw FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xhc3MgMyBQdWJsaWMg UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMTowOAYDVQQLEzEo YykgMTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5 MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMIGfMA0GCSqGSIb3DQEB AQUAA4GNADCBiQKBgQDMXtERXVxp0KvTuWpMmR9ZmDCOFoUgRm1HP9SFIIThbbP4 pO0M8RcPO/mn+SXXwc+EY/J8Y8+iR/LGWzOOZEAEaMGAuWQcRXfH2G71lSk8UOg0 13gfqLptQ5GVj0VXXn7F+8qkBOvqlzdUMG+7AUcyM83cV5tkaWH4mx0ciU9cZwID AQABMA0GCSqGSIb3DQEBBQUAA4GBAFFNzb5cy5gZnBWyATl4Lk0PZ3BwmcYQWpSk U01UbSuvDV1Ai2TT1+7eVmGSX6bEHRBhNtMsJzzoKQm5EWR0zLVznxxIqbxhAe7i F6YM40AIOw7n60RzKprxaZLvcRTDOaxxp5EJb+RxBrO6WVcmeQD2+A2iMzAo1KpY oJ2daZH9 -----END CERTIFICATE-----
Root 02 - SHA1 - RSA 1024 bits
Name: VeriSign Class 3 Public Primary CA
Serial Number: 3c 91 31 cb 1f f6 d0 1b 0e 9a b8 d0 44 bf 12 be
Valid From: Sunday, January 28, 1996 4:00:00 PM
Valid to: Wednesday, August 02, 2028 3:59:59 PM
Certificate SHA1 Thumbprint: a1 db 63 93 91 6f 17 e4 18 55 09 40 04 15 c7 02 40 b0 ae 6b
Serial Number: 3c 91 31 cb 1f f6 d0 1b 0e 9a b8 d0 44 bf 12 be
Valid From: Sunday, January 28, 1996 4:00:00 PM
Valid to: Wednesday, August 02, 2028 3:59:59 PM
Certificate SHA1 Thumbprint: a1 db 63 93 91 6f 17 e4 18 55 09 40 04 15 c7 02 40 b0 ae 6b
-----BEGIN CERTIFICATE----- MIICPDCCAaUCEDyRMcsf9tAbDpq40ES/Er4wDQYJKoZIhvcNAQEFBQAwXzELMAkG A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2 MDEyOTAwMDAwMFoXDTI4MDgwMjIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G CSqGSIb3DQEBBQUAA4GBABByUqkFFBkyCEHwxWsKzH4PIRnN5GfcX6kb5sroc50i 2JhucwNhkcV8sEVAbkSdjbCxlnRhLQ2pRdKkkirWmnWXbj9T/UWZYB2oK0z5XqcJ 2HUw19JlYD1n1khVdWk/kfVIC0dpImmClr7JyDiGSnoscxlIaU5rfGW/D/xwzoiQ -----END CERTIFICATE-----
Root 03 - SHA1 - RSA 2048 bits
Name: VeriSign Class 3 Primary CA - G5
Serial Number: 18 da d1 9e 26 7d e8 bb 4a 21 58 cd cc 6b 3b 4a
Operational Period: Tue, November 07, 2006 to Wed, July 16, 2036
Certificate SHA1 Fingerprint: 4e b6 d5 78 49 9b 1c cf 5f 58 1e ad 56 be 3d 9b 67 44 a5 e5
Serial Number: 18 da d1 9e 26 7d e8 bb 4a 21 58 cd cc 6b 3b 4a
Operational Period: Tue, November 07, 2006 to Wed, July 16, 2036
Certificate SHA1 Fingerprint: 4e b6 d5 78 49 9b 1c cf 5f 58 1e ad 56 be 3d 9b 67 44 a5 e5
-----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCB yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0 aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCByjEL MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2ln biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJp U2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9y aXR5IC0gRzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1 nmAMqudLO07cfLw8RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbex t0uz/o9+B1fs70PbZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIz SdhDY2pSS9KP6HBRTdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQG BO+QueQA5N06tRn/Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+ rCpSx4/VBEnkjWNHiDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/ NIeWiu5T6CUVAgMBAAGjgbIwga8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8E BAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEwHzAH BgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVy aXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFH/TZafC3ey78DAJ80M5+gKv MzEzMA0GCSqGSIb3DQEBBQUAA4IBAQCTJEowX2LP2BqYLz3q3JktvXf2pXkiOOzE p6B4Eq1iDkVwZMXnl2YtmAl+X6/WzChl8gGqCBpH3vn5fJJaCGkgDdk+bW48DW7Y 5gaRQBi5+MHt39tBquCWIMnNZBU4gcmU7qKEKQsTb47bDN0lAtukixlE0kF6BWlK WE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiCKm0oHw0LxOXnGiYZ 4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vEZV8N hnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNq -----END CERTIFICATE-----
Root 04 - SHA1 - RSA 2048 bits
Name: VeriSign Class 3 Public Primary CA - G3
Serial Number: 00 9b 7e 06 49 a3 3e 62 b9 d5 ee 90 48 71 29 ef 57
Valid From: Thursday, September 30, 1999 4:00:00 PM
Valid to: Wednesday, July 16, 2036 3:59:59 PM
Certificate SHA1 Fingerprint: 13 2d 0d 45 53 4b 69 97 cd b2 d5 c3 39 e2 55 76 60 9b 5c c6
Serial Number: 00 9b 7e 06 49 a3 3e 62 b9 d5 ee 90 48 71 29 ef 57
Valid From: Thursday, September 30, 1999 4:00:00 PM
Valid to: Wednesday, July 16, 2036 3:59:59 PM
Certificate SHA1 Fingerprint: 13 2d 0d 45 53 4b 69 97 cd b2 d5 c3 39 e2 55 76 60 9b 5c c6
-----BEGIN CERTIFICATE----- MIIEGjCCAwICEQCbfgZJoz5iudXukEhxKe9XMA0GCSqGSIb3DQEBBQUAMIHKMQsw CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl cmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWdu LCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlT aWduIENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp dHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMIHKMQswCQYD VQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlT aWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJ bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWdu IENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg LSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMu6nFL8eB8aHm8b N3O9+MlrlBIwT/A2R/XQkQr1F8ilYcEWQE37imGQ5XYgwREGfassbqb1EUGO+i2t KmFZpGcmTNDovFJbcCAEWNF6yaRpvIMXZK0Fi7zQWM6NjPXr8EJJC52XJ2cybuGu kxUccLwgTS8Y3pKI6GyFVxEa6X7jJhFUokWWVYPKMIno3Nij7SqAP395ZVc+FSBm CC+Vk7+qRy+oRpfwEuL+wgorUeZ25rdGt+INpsyow0xZVYnm6FNcHOqd8GIWC6fJ Xwzw3sJ2zq/3avL6QaaiMxTJ5Xpj055iN9WFZZ4O5lMkdBteHRJTW8cs54NJOxWu imi5V5cCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAERSWwauSCPc/L8my/uRan2Te 2yFPhpk0djZX3dAVL8WtfxUfN2JzPtTnX84XA9s1+ivbrmAJXx5fj267Cz3qWhMe DGBvtcC1IyIuBwvLqXTLR7sdwdela8wv0kL9Sd2nic9TutoAWii/gt/4uhMdUIaC /Y4wjylGsB49Ndo4YhYYSq3mtlFs3q9i6wHQHiT+eo8SGhJouPtmmRQURVyu565p F4ErWjfJXir0xuKhXFSbplQAz/DxwceYMBo7Nhbbo27q/a2ywtrvAkcTisDxszGt TxzhT5yvDwyd93gN2PQ1VoDat20Xj50egWTh/sVFuq1ruQp6Tk9LhO5L8X3dEQ== -----END CERTIFICATE-----
Root 05 - SHA384 - ECC 384 bits
Name: VeriSign Class 3 Public Primary CA - G4
Serial Number: 2f 80 fe 23 8c 0e 22 0f 48 67 12 28 91 87 ac b3
Valid From: Sunday, November 04, 2007 4:00:00 PM
Valid to: Monday, January 18, 2038 3:59:59 PM
Certificate SHA1 Fingerprint: 22 d5 d8 df 8f 02 31 d1 8d f7 9d b7 cf 8a 2d 64 c9 3f 6c 3a
Serial Number: 2f 80 fe 23 8c 0e 22 0f 48 67 12 28 91 87 ac b3
Valid From: Sunday, November 04, 2007 4:00:00 PM
Valid to: Monday, January 18, 2038 3:59:59 PM
Certificate SHA1 Fingerprint: 22 d5 d8 df 8f 02 31 d1 8d f7 9d b7 cf 8a 2d 64 c9 3f 6c 3a
-----BEGIN CERTIFICATE----- MIIDhDCCAwqgAwIBAgIQL4D+I4wOIg9IZxIokYesszAKBggqhkjOPQQDAzCByjEL MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNyBWZXJpU2ln biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJp U2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9y aXR5IC0gRzQwHhcNMDcxMTA1MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCByjELMAkG A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJp U2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNyBWZXJpU2lnbiwg SW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2ln biBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5 IC0gRzQwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASnVnp8Utpkmw4tXNherJI9/gHm GUo9FANL+mAnINmDiWn6VMaaGF5VKmTeBvaNSjutEDxlPZCIBIngMGGzrl0Bp3ve fLK+ymVhAIau2o970ImtTR1ZmkGxvEeA3J5iw/mjgbIwga8wDwYDVR0TAQH/BAUw AwEB/zAOBgNVHQ8BAf8EBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJ aW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYj aHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFLMW kf3upm7ktS5Jj4d4gYDs5bG1MAoGCCqGSM49BAMDA2gAMGUCMGYhDBgmYFo4e1ZC 4Kf8NoRRkSAsdk1DPcQdhCPQrNZ8NQbOzWm9kA3bbEhCHQ6qQgIxAJw9SDkjOVga FRJZap7v1VmyHVIsmXHNxynfGyphe3HR3vPA5Q06Sqotp9iGKt0uEA== -----END CERTIFICATE-----
Root 06 - SHA1 - RSA 2048 bits
Name: VeriSign Class 2 Public Primary CA - G3
Serial Number: 61 70 cb 49 8c 5f 98 45 29 e7 b0 a6 d9 50 5b 7a
Valid From: Thursday, September 30, 1999 4:00:00 PM
Valid to: Wednesday, July 16, 2036 3:59:59 PM
Certificate SHA1 Fingerprint: 61 ef 43 d7 7f ca d4 61 51 bc 98 e0 c3 59 12 af 9f eb 63 11
Serial Number: 61 70 cb 49 8c 5f 98 45 29 e7 b0 a6 d9 50 5b 7a
Valid From: Thursday, September 30, 1999 4:00:00 PM
Valid to: Wednesday, July 16, 2036 3:59:59 PM
Certificate SHA1 Fingerprint: 61 ef 43 d7 7f ca d4 61 51 bc 98 e0 c3 59 12 af 9f eb 63 11
-----BEGIN CERTIFICATE----- MIIEGTCCAwECEGFwy0mMX5hFKeewptlQW3owDQYJKoZIhvcNAQEFBQAwgcoxCzAJ BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVy aVNpZ24gVHJ1c3QgTmV0d29yazE6MDgGA1UECxMxKGMpIDE5OTkgVmVyaVNpZ24s IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTFFMEMGA1UEAxM8VmVyaVNp Z24gQ2xhc3MgMiBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0 eSAtIEczMB4XDTk5MTAwMTAwMDAwMFoXDTM2MDcxNjIzNTk1OVowgcoxCzAJBgNV BAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNp Z24gVHJ1c3QgTmV0d29yazE6MDgGA1UECxMxKGMpIDE5OTkgVmVyaVNpZ24sIElu Yy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTFFMEMGA1UEAxM8VmVyaVNpZ24g Q2xhc3MgMiBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAt IEczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwoNwtUs22e5LeWU J92lvuCwTY+zYVY81nzD9M0+hsuiiOLh2KRpxbXiv8GmR1BeRjmL1Za6tW8UvxDO JxOeBUebMXoT2B/Z0wI3i60sR/COgQanDTAM6/c8DyAd3HJG7qUCyFvDyVZpTMUY wZF7C9UTAJu878NIPkZgIIUq1ZC2zYugzDLdt/1AVbJQHFauzI13TccgTacxdu9o koqQHgiBVrKtaaNS0MscxCM9H5n+TOgWY47GCI72MfbS+uV23bUckqNJzc0BzWjN qWm6o+sdDZykIKbBoMXRRkwXbdKsZj+WjOCE1Db/IlnF+RFgqF8EffIa9iVCYQ/E Srg+iQIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQA0JhU8wI1NQ0kdvekhktdmnLfe xbjQ5F1fdiLAJvmEOjr5jLX77GDx6M4EsMjdpwOPMPOY36TmpDHf0xwLRtxyID+u 7gU8pDM/CzmscHhzS5kr3zDCVLCoO1Wh/hYozUK9dG6A2ydEp85EXdQbkJgNHkKU sQAsBNB0owIFImNjzYO1+8FtYmtpdf1dcEG59b98377BMnMiIYtYgXsVkXq642RI sH/7NiXaldDxJBQX3RiAa0YjOVT1jmIJBB2UkKab5iXiQkWquJCtvgiPqQtCGJTP cjnhsUPgKM+351psE2tJs//jGHyJizNdrDPXp/naOlXJWBD5qu9ats9LS98q -----END CERTIFICATE-----
Root 07 - SHA1 - RSA 2048 bits
Name: VeriSign Class 2 Public Primary CA - G2
Serial Number: 00 b9 2f 60 cc 88 9f a1 7a 46 09 b8 5b 70 6c 8a af
Valid From: Sunday, May 17, 1998 5:00:00 PM
Valid to: Tuesday, August 01, 2028 4:59:59 PM
Certificate SHA1 Fingerprint: b3 ea c4 47 76 c9 c8 1c ea f2 9d 95 b6 cc a0 08 1b 67 ec 9d
Serial Number: 00 b9 2f 60 cc 88 9f a1 7a 46 09 b8 5b 70 6c 8a af
Valid From: Sunday, May 17, 1998 5:00:00 PM
Valid to: Tuesday, August 01, 2028 4:59:59 PM
Certificate SHA1 Fingerprint: b3 ea c4 47 76 c9 c8 1c ea f2 9d 95 b6 cc a0 08 1b 67 ec 9d
-----BEGIN CERTIFICATE----- MIIDAzCCAmwCEQC5L2DMiJ+hekYJuFtwbIqvMA0GCSqGSIb3DQEBBQUAMIHBMQsw CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xPDA6BgNVBAsTM0Ns YXNzIDIgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBH MjE6MDgGA1UECxMxKGMpIDE5OTggVmVyaVNpZ24sIEluYy4gLSBGb3IgYXV0aG9y aXplZCB1c2Ugb25seTEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazAe Fw05ODA1MTgwMDAwMDBaFw0yODA4MDEyMzU5NTlaMIHBMQswCQYDVQQGEwJVUzEX MBUGA1UEChMOVmVyaVNpZ24sIEluYy4xPDA6BgNVBAsTM0NsYXNzIDIgUHVibGlj IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMjE6MDgGA1UECxMx KGMpIDE5OTggVmVyaVNpZ24sIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25s eTEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazCBnzANBgkqhkiG9w0B AQEFAAOBjQAwgYkCgYEAp4gBIXQs5xoD8JjhlzwPIQjxnNuX6Zr8wgQGE75fUsjM HiwSViy4AWkszJkfrbCWrnkE8hM5wXuYuggs6MKEEyyqaekJ9MepAqRCwiNPStjw DqL7MWzJ5m+ZJwf15vRMeJ5t60aG+rmGyVTyssSv1EYcWskVMP8NbPUtDm3Of3cC AwEAATANBgkqhkiG9w0BAQUFAAOBgQByLvl/0fFx+8Se9sVeUYpAmLho+Jscg9ji nb3/7aHmZuovCfTK1+qlK5X2JGCGTUQug6XELaDTrnhpb3LabK4I8GOSN+a7xDAX rXfMSTWqz9iP0b63GJZHc2pUIjRkLbYWm1lbtFFZOrMLFPQS32eg9K0yZF6xRnIn jBJ7xUS0rg== -----END CERTIFICATE-----
Root 10 - SHA256 - RSA 2048 bits
Name: VeriSign Universal Root CA
Serial Number: 40 1a c4 64 21 b3 13 21 03 0e bb e4 12 1a c5 1d
Valid From: Tuesday, April 01, 2008 4:00:00 PM
Valid to: Tuesday, December 01, 2037 3:59:59 PM
Certificate SHA1 Fingerprint: 36 79 ca 35 66 87 72 30 4d 30 a5 fb 87 3b 0f a7 7b b7 0d 54
Serial Number: 40 1a c4 64 21 b3 13 21 03 0e bb e4 12 1a c5 1d
Valid From: Tuesday, April 01, 2008 4:00:00 PM
Valid to: Tuesday, December 01, 2037 3:59:59 PM
Certificate SHA1 Fingerprint: 36 79 ca 35 66 87 72 30 4d 30 a5 fb 87 3b 0f a7 7b b7 0d 54
-----BEGIN CERTIFICATE----- MIIEuTCCA6GgAwIBAgIQQBrEZCGzEyEDDrvkEhrFHTANBgkqhkiG9w0BAQsFADCB vTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwOCBWZXJp U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MTgwNgYDVQQDEy9W ZXJpU2lnbiBVbml2ZXJzYWwgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAe Fw0wODA0MDIwMDAwMDBaFw0zNzEyMDEyMzU5NTlaMIG9MQswCQYDVQQGEwJVUzEX MBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0 IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAyMDA4IFZlcmlTaWduLCBJbmMuIC0gRm9y IGF1dGhvcml6ZWQgdXNlIG9ubHkxODA2BgNVBAMTL1ZlcmlTaWduIFVuaXZlcnNh bCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEF AAOCAQ8AMIIBCgKCAQEAx2E3XrEBNNti1xWb/1hajCMj1mCOkdeQmIN65lgZOIzF 9uVkhbSicfvtvbnazU0AtMgtc6XHaXGVHzk8skQHnOgO+k1KxCHfKWGPMiJhgsWH H26MfF8WIFFE0XBPV+rjHOPMee5Y2A7Cs0WTwCznmhcrewA3ekEzeOEz4vMQGn+H LL729fdC4uW/h2KJXwBL38Xd5HVEMkE6HnFuacsLdUYI0crSK5XQz/u5QGtkjFdN /BMReYTtXlT2NJ8IAfMQJQYXStrxHXpma5hgZqTZ79IugvHw7wnqRMkVauIDbjPT rJ9VAMf2CGqUuV/c4DPxhGD5WycRtPwW8rtWaoAljQIDAQABo4GyMIGvMA8GA1Ud EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMG0GCCsGAQUFBwEMBGEwX6FdoFsw WTBXMFUWCWltYWdlL2dpZjAhMB8wBwYFKw4DAhoEFI/l0xqGrI2Oa8PPgGrUSBgs exkuMCUWI2h0dHA6Ly9sb2dvLnZlcmlzaWduLmNvbS92c2xvZ28uZ2lmMB0GA1Ud DgQWBBS2d/ppSEefUxLVwuoHMnYH0ZcHGTANBgkqhkiG9w0BAQsFAAOCAQEASvj4 sAPmLGd75JR3Y8xuTPl9Dg3cyLk1uXBPY/ok+myDjEedO2Pzmvl2MpWRsXe8rJq+ seQxIcaBlVZaDrHC1LGmWazxY8u4TB1ZkErvkBYoH1quEPuBUDgMbMzxPcP1Y+Oz 4yHJJDnp/RVmRvQbEdBNc6N9Rvk97ahfYtTxP/jgdFcrGJ2BtMQo2pSXpXDrrB2+ BxHw1dvd5Yzw1TKwg+ZX4o+/vqGqvz0dtdQ46tewXDpPaj+PwGZsY6rp2aQW9IHR lRQOfc2VNNnSj3BzgXucfr2YYdhFh5iQxeuGMMY1v/D/w1WIg0vvBZIGcfK4mJO3 7M2CYfE45k+XmCpajQ== -----END CERTIFICATE-----
Root 11 - SHA1 - RSA 1024 bits
Name: VeriSign Class 4 Public Primary CA - G3
Serial Number: 00 ec a0 a7 8b 6e 75 6a 01 cf c4 7c cc 2f 94 5e d7
Valid From: Thursday, September 30, 1999 4:00:00 PM
Valid to: Wednesday, July 16, 2036 3:59:59 PM
Certificate SHA1 Fingerprint: c8 ec 8c 87 92 69 cb 4b ab 39 e9 8d 7e 57 67 f3 14 95 73 9d
Serial Number: 00 ec a0 a7 8b 6e 75 6a 01 cf c4 7c cc 2f 94 5e d7
Valid From: Thursday, September 30, 1999 4:00:00 PM
Valid to: Wednesday, July 16, 2036 3:59:59 PM
Certificate SHA1 Fingerprint: c8 ec 8c 87 92 69 cb 4b ab 39 e9 8d 7e 57 67 f3 14 95 73 9d
-----BEGIN CERTIFICATE----- MIIEGjCCAwICEQDsoKeLbnVqAc/EfMwvlF7XMA0GCSqGSIb3DQEBBQUAMIHKMQsw CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl cmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWdu LCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlT aWduIENsYXNzIDQgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp dHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMIHKMQswCQYD VQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlT aWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJ bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWdu IENsYXNzIDQgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg LSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK3LpRFpxlmr8Y+1 GQ9Wzsy1HyDkniYlS+BzZYlZ3tCD5PUPtbut8XzoIfzk6AzufEUiGXaStBO3IFsJ +mGuqPKljYXCKtbeZjbSmwL0qJJgfJxptI8kHtCGUvYynEFYHiK9zUVilQhu0Gbd U6LM8BDcVHOLBKFGMzNcF0C5nk3T875Vg+ixiY5afJqWIpA7iCXy0lOIAgwLePLm NxdLMEYH5IBtptiWLugs+BGzOA1mppvqySNb247i8xOOGlktqgLw7KSHZtzBP/XY ufTsgsbSPZUd5cBPhMnZo0QoBmrXRazwa2rvTl/4EYIeOGM0ZlDUPpNz+jDDZq3/ ky2X7wMCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAj/ola09b5KROJ1WrIhVZPMq1 CtRK26vdoV9TxaBXOcLORyu+OshWv8LZJxA6sQU8wHcxuzrTBXttmhwwjIDLk5Mq g6sFUYICABFna/OIYUdfA5PVWw3g8dShMjWFsjrbsIKr0csKvE+MW8VLADsfKoKm fjaF3H48ZwC15DtS4KjrXRX5xm3wrR0OhbepmnMUWluPQSjA1egtTaRezarZ7c7c 2NU8Qh0XwRJdRTjDOPP8hS6DRkiy1yBfkjaP53kPmF6Z6PDQpLv1U70qzlmwr25/ bLvSHgCwIe34QWKCudiyxLtGUPMxxY8BqHTr9Xgn2uf3ZkPznoM+IKrDNWCRzg== -----END CERTIFICATE-----
Root 12 - SHA256 - RSA 2048 bits
Name: Symantec Class 1 Public Primary Certification Authority - G6
Serial Number: 24 32 75 f2 1d 2f d2 09 33 f7 b4 6a ca d0 f3 98
Valid From: Monday, October 17, 2011 5:00:00 PM
Valid to: Tuesday, December 01, 2037 4:59:59 PM
Certificate SHA1 Thumbprint: 51 7f 61 1e 29 91 6b 53 82 fb 72 e7 44 d9 8d c3 cc 53 6d 64
Serial Number: 24 32 75 f2 1d 2f d2 09 33 f7 b4 6a ca d0 f3 98
Valid From: Monday, October 17, 2011 5:00:00 PM
Valid to: Tuesday, December 01, 2037 4:59:59 PM
Certificate SHA1 Thumbprint: 51 7f 61 1e 29 91 6b 53 82 fb 72 e7 44 d9 8d c3 cc 53 6d 64
-----BEGIN CERTIFICATE----- MIID9jCCAt6gAwIBAgIQJDJ18h0v0gkz97RqytDzmDANBgkqhkiG9w0BAQsFADCB lDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8w HQYDVQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRl YyBDbGFzcyAxIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5 IC0gRzYwHhcNMTExMDE4MDAwMDAwWhcNMzcxMjAxMjM1OTU5WjCBlDELMAkGA1UE BhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYDVQQLExZT eW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRlYyBDbGFzcyAx IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHOddJZKmZgiJM6kXZBxbje/SD 6Jlz+muxNuCad6BAwoGNAcfMjL2Pffd543pMA03Z+/2HOCgs3ZqLVAjbZ/sbjP4o ki++t7JIp4Gh2F6Iw8w5QEFa0dzl2hCfL9oBTf0uRnz5LicKaTfukaMbasxEvxvH w9QRslBglwm9LiL1QYRmn81ApqkAgMEflZKf3vNI79sdd2H8f9/ulqRy0LY+/3gn r8uSFWkI22MQ4uaXrG7crPaizh5HmbmJtxLmodTNWRFnw2+F2EJOKL5ZVVkElauP N4C/DfD8HzpkMViBeNfiNfYgPym4jxZuPkjctUwH4fIa6n4KedaovetdhitNAgMB AAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQW BBQzQejIORIVk0jyljIuWvXalF9TYDANBgkqhkiG9w0BAQsFAAOCAQEAFeNzV7EX tl9JaUSm9l56Z6zS3nVJq/4lVcc6yUQVEG6/MWvL2QeTfxyFYwDjMhLgzMv7OWyP 4lPiPEAz2aSMR+atWPuJr+PehilWNCxFuBL6RIluLRQlKCQBZdbqUqwFblYSCT3Q dPTXvQbKqDqNVkL6jXI+dPEDct+HG14OelWWLDi3mIXNTTNEyZSPWjEwN0ujOhKz 5zbRIWhLLTjmU64cJVYIVgNnhJ3Gw84kYsdMNs+wBkS39V8C3dlU6S+QTnrIToNA DJqXPDe/v+z28LSFdyjBC8hnghAXOKK3Buqbvzr46SMHv3TgmDgVVXjucgBcGaP0 0jPg/73RVDkpDw== -----END CERTIFICATE-----
Root 13 - SHA256 - RSA 2048 bits
Name: Symantec Class 2 Public Primary Certification Authority - G6
Serial Number: 64 82 9e fc 37 1e 74 5d fc 97 ff 97 c8 b1 ff 41
Valid From: Monday, October 17, 2011 5:00:00 PM
Valid to: Tuesday, December 01, 2037 4:59:59 PM
Certificate SHA1 Thumbprint: 40 b3 31 a0 e9 bf e8 55 bc 39 93 ca 70 4f 4e c2 51 d4 1d 8f
Serial Number: 64 82 9e fc 37 1e 74 5d fc 97 ff 97 c8 b1 ff 41
Valid From: Monday, October 17, 2011 5:00:00 PM
Valid to: Tuesday, December 01, 2037 4:59:59 PM
Certificate SHA1 Thumbprint: 40 b3 31 a0 e9 bf e8 55 bc 39 93 ca 70 4f 4e c2 51 d4 1d 8f
-----BEGIN CERTIFICATE----- MIID9jCCAt6gAwIBAgIQZIKe/DcedF38l/+XyLH/QTANBgkqhkiG9w0BAQsFADCB lDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8w HQYDVQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRl YyBDbGFzcyAyIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5 IC0gRzYwHhcNMTExMDE4MDAwMDAwWhcNMzcxMjAxMjM1OTU5WjCBlDELMAkGA1UE BhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYDVQQLExZT eW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRlYyBDbGFzcyAy IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNzOkFyGOFyz9AYxe9GPo15gRn V2WYKaRPyVyPDzTS+NqoE2KquB5QZ3iwFkygOakVeq7t0qLA8JA3KRgmXOgNPLZs ST/B4NzZS7YUGQum05bh1gnjGSYc+R9lS/kaQxwAg9bQqkmi1NvmYji6UBRDbfkx +FYW2TgCkc/rbN27OU6Z4TBnRfHU8I3D3/7yOAchfQBeVkSz5GC9kSucq1sEcg+y KNlyqwUgQiWpWwNqIBDMMfAr2jUs0Pual07wgksr2F82owstr2MNHSV/oW5cYqGN KD6h/Bwg+AEvulWaEbAZ0shQeWsOagXXqgQ2sqPy4V93p3ec5R7c6d9qwWVdAgMB AAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQW BBSHjCCVyJhK0daABkqQNETfHE2/sDANBgkqhkiG9w0BAQsFAAOCAQEAgY6ypWaW tyGltu9vI1pf24HFQqV4wWn99DzX+VxrcHIa/FqXTQCAiIiCisNxDY7FiZss7Y0L 0nJU9X3UXENX6fOupQIR9nYrgVfdfdp0MP1UR/bgFm6mtApI5ud1Bw8pGTnOefS2 bMVfmdUfS/rfbSw8DVSAcPCIC4DPxmiiuB1w2XaM/O6lyc+tHc+ZJVdaYkXLFmu9 Sc2lo4xpeSWuuExsi0BmSxY/zwIa3eFsawdhanYVKZl/G92IgMG/tY9zxaaWI4Sm KIYkM2oBLldzJbZev4/mHWGoQClnHYebHX+bn5nNMdZUvmK7OaxoEkiRIKXLsd3+ b/xa5IJVWa8xqQ== -----END CERTIFICATE-----
doc/TorBOX/Dev
v1239 | v1240 | |
---|---|---|
109 | 109 | }}} |
110 | 110 | * (proper) Open question: How to sign a certificate if you have no access to the private key and CSR (certificate signing request)? Therefore created [https://lists.torproject.org/pipermail/tor-talk/2012-July/024701.html tor-talk How to pin the SSL certificate for torproject.org?]. Some suggestions, no suitable solution for TorBOX. |
111 | * (proper) [http://www.mail-archive.com/openssl-users@openssl.org/msg67962.html OpenSSL users Sign public key without having CSR or private key?] | |
111 | * (proper) [http://www.mail-archive.com/openssl-users@openssl.org/msg67962.html OpenSSL users Sign public key without having CSR or private key?]; [http://www.mail-archive.com/openssl-users@openssl.org/msg67968.html might work] - didn't test, not sure if it could work. | |
112 | 112 | |
113 | 113 | == [0.2] [SHELLSCRIPTS] Scroll wheel in VM [OPEN] == |
1. As gnupg is failing to download the public key it can be done manually by this command: curl "https://pgp.mit.edu/pks/lookup?op=get&search=0x4E2C6E8793298290" -o - | gpg --import 2. Gpg key verification can be skipped by replacing a pkgbuild line which is not recommended as tor is a very crucial piece of software. The line is: validpgpkeys=('EF6E286DDA85EA2A4BA7DE684E2C6E8793298290' 'SKIP') Process 1 is safe, 2 is risky and totally your choice. Peace!
AND THEN MODIFY THE REQUEST AND RESPONSE
Inline Scripts
mitmproxy has a powerful scripting API that allows you to modify flows on-the-fly or rewrite previously saved flows locally.
The mitmproxy scripting API is event driven - a script is simply a Python module that exposes a set of event methods. Here's a complete mitmproxy script that adds a new header to every HTTP response before it is returned to the client:
def response(context, flow):
flow.response.headers["newheader"] = ["foo"]
(examples/add_header.py)
The first argument to each event method is an instance of ScriptContext that lets the script interact with the global mitmproxy state. The response event also gets an instance of Flow, which we can use to manipulate the response itself.
We can now run this script using mitmdump or mitmproxy as follows:
> mitmdump -s add_header.py
The new header will be added to all responses passing through the proxy.
Example Scripts
mitmproxy comes with a variety of example inline scripts, which demonstrate many basic tasks. We encourage you to either browse them locally or in our GitHub repo.
Events
start(ScriptContext, argv)
Called once on startup, before any other events.
clientconnect(ScriptContext, ConnectionHandler)
Called when a client initiates a connection to the proxy. Note that a connection can correspond to multiple HTTP requests.
serverconnect(ScriptContext, ConnectionHandler)
Called when the proxy initiates a connection to the target server. Note that a connection can correspond to multiple HTTP requests.
request(ScriptContext, HTTPFlow)
Called when a client request has been received. The HTTPFlow object is guaranteed to have a non-None request attribute.
responseheaders(ScriptContext, HTTPFlow)
Called when the headers of a server response have been received. This will always be called before the response hook. The HTTPFlow object is guaranteed to have non-None request and response attributes. response.content will be None, as the response body has not been read yet.
response(ScriptContext, HTTPFlow)
Called when a server response has been received. The HTTPFlow object is guaranteed to have non-None request and response attributes. Note that if response streaming is enabled for this response, response.content will not contain the response body.
error(ScriptContext, HTTPFlow)
Called when a flow error has occurred, e.g. invalid server responses, or interrupted connections. This is distinct from a valid server HTTP error response, which is simply a response with an HTTP error code. The HTTPFlow object is guaranteed to have non-None request and error attributes.
clientdisconnect(ScriptContext, ConnectionHandler)
Called when a client disconnects from the proxy.
done(ScriptContext)
Called once on script shutdown, after any other events.
API
The main classes you will deal with in writing mitmproxy scripts are:
libmproxy.proxy.server.ConnectionHandler | Describes a proxy client connection session. Always has a client_conn attribute, might have a server_conn attribute. |
---|---|
libmproxy.proxy.connection.ClientConnection | Describes a client connection. |
libmproxy.proxy.connection.ServerConnection | Describes a server connection. |
libmproxy.protocol.http.HTTPFlow | A collection of objects representing a single HTTP transaction. |
libmproxy.protocol.http.HTTPResponse | An HTTP response. |
libmproxy.protocol.http.HTTPRequest | An HTTP request. |
libmproxy.protocol.primitives.Error | A communications error. |
libmproxy.script.ScriptContext | A handle for interacting with mitmproxy's from within scripts. |
netlib.odict.ODict | A dictionary-like object for managing sets of key/value data. There is also a variant called ODictCaseless that ignores key case for some calls (used mainly for headers). |
netlib.certutils.SSLCert | Exposes information SSL certificates. |
The canonical API documentation is the code, which you can browse locally or in our GitHub repo. You can view the API documentation using pydoc (which is installed with Python by default), like this:
> pydoc libmproxy.protocol.http.HTTPRequest
Running scripts in parallel
We have a single flow primitive, so when a script is handling something, other requests block. While that's a very desirable behaviour under some circumstances, scripts can be run threaded by using the
libmproxy.script.concurrent
decorator.import time
from libmproxy.script import concurrent
@concurrent # Remove this and see what happens
def request(context, flow):
print "handle request: %s%s" % (flow.request.host, flow.request.path)
time.sleep(5)
print "start request: %s%s" % (flow.request.host, flow.request.path)
(examples/nonblocking.py)
Make scripts configurable with arguments
Sometimes, you want to pass runtime arguments to the inline script. This can be simply done by surrounding the script call with quotes, e.g.
mitmdump -s "script.py --foo 42"
. The arguments are then exposed in the start event:# Usage: mitmdump -s "modify_response_body.py mitmproxy bananas"
# (this script works best with --anticache)
from libmproxy.protocol.http import decoded
def start(context, argv):
if len(argv) != 3:
raise ValueError('Usage: -s "modify-response-body.py old new"')
# You may want to use Python's argparse for more sophisticated argument parsing.
context.old, context.new = argv[1], argv[2]
def response(context, flow):
with decoded(flow.response): # automatically decode gzipped responses.
flow.response.content = flow.response.content.replace(context.old, context.new)
(examples/modify_response_body.py)
Running scripts on saved flows
Sometimes, we want to run a script on Flow objects that are already complete. This happens when you start a script, and then load a saved set of flows from a file (see the "scripted data transformation" example on the mitmdump page). It also happens when you run a one-shot script on a single flow through the | (pipe) shortcut in mitmproxy.
In this case, there are no client connections, and the events are run in the following order: start, request, responseheaders, response, error, done. If the flow doesn't have a response or error associated with it, the matching events will be skipped.
Spaces in the script path
By default, spaces are interpreted as separator between the inline script and its arguments (e.g.
-s "foo.py 42"
). Consequently, the script path needs to be wrapped in a separate pair of quotes if it contains spaces: -s "'./foo bar/baz.py' 42"
.
Subscribe to:
Posts (Atom)