[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] My private key

It will be a bit harder than that in this case ;)

That’s the private key necessary to decrypt the second file I sent out.  I’ve 
written a cool encryption program that basically allows me to keep whatever I 
want “in the cloud” secure.  Granted, I really shouldn’t post my private key, 
but in this case, it is AES-256 encrypted via a password with a 16 byte salt 
(then converted to base64 so that it is fully portable).  Yes, the salt is 
included with the private key XML (I call it a “fob”) but each fob has its own 
unique salt.

With that private key, I can decrypt the RSA2048 encrypted random AES256 key 
that is stored in the encrypted file XML (and the IV).   So I’ve got my “secret 
data” encrypted within the “TGP Container” XML and the private key in the other 
file.  What’s cool is that I don’t have to worry about storing it anywhere – 
the internet (“the cloud”) does it for me.  That email is already on about 5 
different archive lists.  No matter where I am, all I have to do is find a 
browser somewhere, search for my file, and copy and paste the bits into my TGP 
client.   It’s totally portable, totally secure, “cloud” encryption.

Of course, TGP is free, just like all the crap I write and post.  I’m working 
up the documentation now – I’ll post details and the binary later.

t

From: Benji [mailto:me@xxxxxxxxx]
Sent: Saturday, June 12, 2010 5:50 AM
To: Larry Seltzer
Cc: Thor (Hammer of God); full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] My private key

And then gets his identity stolen?

Sent from my iPhone

On 12 Jun 2010, at 12:12, Larry Seltzer 
<larry@xxxxxxxxxxxxxxxx<mailto:larry@xxxxxxxxxxxxxxxx>> wrote:
Oh cool, this is like those TV ads where the guy parades his social security # 
around, right?

From: 
full-disclosure-bounces@xxxxxxxxxxxxxxxxx<mailto:full-disclosure-bounces@xxxxxxxxxxxxxxxxx>
 
[mailto:full-disclosure-bounces@xxxxxxxxxxxxxxxxx<mailto:full-disclosure-bounces@xxxxxxxxxxxxxxxxx>]
 On Behalf Of Thor (Hammer of God)
Sent: Friday, June 11, 2010 11:33 PM
To: full-disclosure@xxxxxxxxxxxxxxxxx<mailto:full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: [Full-disclosure] My private key

This is my private key.  I’ll explain later.

<?xml version="1.0"?>

<!--TGP - Thor's Godly Privacy: KeyFob XML Document-->

<KeyFobs><KeyFobName>TGP

<FobName>PrivateTest</FobName>

<PublicKey></PublicKey>

<EncPrivateKey>kUnv1MSq305Ebj8lSJbdMhJ03/mXU/eUrydhzbdrlksE2zwpdfnfuWbUXb4Tz8BibUXI3drAMx1llXwCArSP9zKblfOB78owYLp1haY8+yx+ZhKLv0s7y7WpdKdFzQxNeOBCdsz7mIUwgc8rGsyl4/3t/rA04IfkyZHRPwXpOz5YBnTHaVoo2gSZdR6xGk27Tq59PZNsb+z2BiMozKA6s3vXY/mKzPoMhm0hpOPCxx6Ho2QmYJHuPbOr2tLlFr6ICPyiAWZFw/g+qNBDST0LrQVHh6R0yAu15mo7L2R5WlERhOGTx8+/Y7pXWvH1sqxnLKUZ6sEqt2+zlW0lUYyvvpgDTabOvuHmsvZz3WthvdV8C0iManQkmSHQpaDKkzuYc8wv3Zz7uHbLTupEBA3MEckNXLvIwFRG6KGetLVG43Nxj/vhXQJjrBTEXB6Cnaf+Q+AKwhPDRv8e5lRcHoGK8jB59uLRx3DKUg6NC70Xr4do0sSWGCNdOtEVMVZuARiHgEtzzRnabQJDn6f8Mc2S+HKOvLxBnG4SBdYu1uWE/s7z8ygn8ROqWv5EN2R5Yo46ihB4NTHOg5CgiNO/QDTaXPqqMR1V7sVvdRLiME51X0fn/EFqD2+BmetpyiAb/QRQZvjHYkZgSi06nMTZ0u847nMnerlAsleak3NJuLH3au2YMIQ9UIMrUSWrtFsU99Xljje5lnQ2hKnwZUe3xpmXmo2Mm+3KOmw0/9cirHemcL9wcMd1ywCQjWwvcug+yIjU8UseLKtrH2se+VZB3EjagpH1SKOtroyH29lOrg45Q25EkE1Pk0xF+CdOL4pEmBFzw5Gxw6vkEzmWmMwmeCLKYD+dPP9TqsQM1V7czKeV/zUL3hSeO8svJdNHbNCN4fWI5STtEvdhSLh41S39HbIVOQbhAjAoD7LalhQRiTugkLLuqtmF8amGyAHmGA9aAldE0U28DHakcAKRWSPUTEluvWSTcnREgIpKAf7WSpUYqWq53Ht/c6HiZ2S+RgW4N8LCpIR8VCyxkfW46wzQVgurPP/UiddBZmzG0KpbYmktXNfb5L6SiECEpXfPQSoqjVqX7QYC/YjcvVUhIbtTddNJ8Tpsrno55gq+3fSx7nmKd1SDjjGl7z+2or/2d9GRe063ZnYg7GNjqjYN/wDZIuROUhKGYKF5+JhMU7UNZuuGy6P6NSWdJNwvnRcUu7WPOWO4WZocDmsY98PuvQt6FGjn+yIi3xYlNkvajxZDiAUUapM9CJssi1cmdpLasaCGdvKnXdDBQBGGdmHZuvkWLKGRIp6h1hTqlnt1Rne+04JaaQ4wGxxt4pKyVZoJinS35rrLuIsCr9Pa2HcSHUWcLMhG3Qpt7auZBU2m50EPNtqLgFGx8CQmGRD9EiLN/fqjc9j+GWWT/BeJrYXBUgkPWHTaDyIm+okMEQue1Zl59UYxFKhUeCM2b8PksoDWn851lgFO5EjPZ9mbGny9OAE9WzxdmpqnOaq6qYxuusg/9H/heQ6IjydPhUhH5FZl+e7q/n+nLDtuXjgkd/776T0SohGqIA88TKFNba9LpyhDKOO26uaK1GpGb/4gRgs+kLTdd2AYfW1u8nWO1Ug3/7WZ89inByJNtI5eHqyxPl7cTVl3WhSuGLcxfQnb+ajx8yZpBhrNtz7jC4T8xZm8rh2FVhV7Qu4l3VosSJh/giSrGmC55Mau9X1/K2tsDJuPOLibK3ZYSi4ZlAAuktLBDjomX3dbfNuvK5FthP+rjvfVAg8bRHvReTnsQ/cA2iMW11blCE42HcnSyq/ulFkch+Y6vlSNhNR+Crh5nXrXixaFDcA8hO3PjPHp5ocRGbZMXtBf3xptrFmfga9nMvzdJS5VminYHlV4kgh7HK8L+uh38UqVir/Dusj9JtJMxYzVZWmAqO2JO+rKdPdzXNEm896O/uF6zlgoHIG64HRE8I+NAyxxew8rN5lyIWFqhsx058sGsIiWoX7yAL4CIY8mgSsP4tR2wzBh2UhSlqwdSsUt/Flkk/cwS+8jrkIGxLDNHvcRqFlrH3iydqkz3LwUCproQrNZQ7sI2Wjmcsw+bETAVvRQhkvYdxUghGxZqM5MxjonuUrZ1fNWxFkQsaa9gJu1TK7lGIXtSA2RkS2HwYBNpp74fYpLiKSTeRMeMdmrClQ3CdHjv1epn6TZrqFtpvaMwVb5EbSzBSzmkSIKGtkP6ZOD6vItsp1Lkpvx0XeIEgY3sACUS+RhYiLxZF1XEDQXxbyNNl28XeQmL/v3qq3NlyviO8NqfttLHyl7tRc3Llx0LBjc2d34CEXFB19aFj2LHNG7Y1lpgOjKYjxRsFyy3I9Q3d3TUKWXqbgATYdc3UFT0OyRVXuFK2CRKO0T1JjH30m58RRw29Zsn6BLKxIPavwLD+MVxSeukYhD4Vr3j/Ke/yyklJMTpNqw+UQey9+Xu3hoVw==</EncPrivateKey>

<KeyHash>ir3Co+lV+P6GnGKKlCOeKOtyex/b0p2fNHgoIhuW9Ek=</KeyHash>

<KeyNaCl>d9OkMGXGWswbSqhxw2VsUw==</KeyNaCl>
</KeyFobName></KeyFobs
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/