Deep Dive into Parsing SSH Keys To Exploit Improperly Sanitized Screenshots

Name: Deep Dive into Parsing SSH Keys To Exploit Improperly Sanitized Screenshots
Uploaded: 2023-02-13T21:43:16Z
Channel: IppSec
Description: 00:00 - Intro 00:55- Generating our SSH Key and Base64 Decoding it 02:15 - Opening the SSH Key in Bless 03:45 - Showing information from the SSH RFC whi...

IppSec · Beginner ·🔐 Cybersecurity ·3y ago

00:00 - Intro 00:55- Generating our SSH Key and Base64 Decoding it 02:15 - Opening the SSH Key in Bless 03:45 - Showing information from the SSH RFC which will tell us what we are parsing 04:25 - Start of parsing the SSH Key 07:00 - Opening an Encrypted Key and showing the slight changes 10:15 - Back to the unencrypted SSH Key and showing the private key does contain the private key 12:10 - Extracting the Exponent and N our of the Public Key portion 14:30 - Start of Private Key Information in the Private Key 16:00 - Extracting the variables from the Private Key Field 18:15 - Extracting Q, whic…

Watch on YouTube ↗ (saves to browser)

Chapters (13)

Intro

2:15 Opening the SSH Key in Bless

3:45 Showing information from the SSH RFC which will tell us what we are parsing

4:25 Start of parsing the SSH Key

7:00 Opening an Encrypted Key and showing the slight changes

10:15 Back to the unencrypted SSH Key and showing the private key does contain the p

12:10 Extracting the Exponent and N our of the Public Key portion

14:30 Start of Private Key Information in the Private Key

16:00 Extracting the variables from the Private Key Field

18:15 Extracting Q, which is the big prime that we used in Response to rebuild the k

19:00 Showing the comment which contains the username and hostname of the person tha

20:40 Extracting E/N from the Public Key

23:00 Extracting Q from the Private Key again and using RsaCtfTool to generate the k

Playlist

Uploads from IppSec · IppSec · 0 of 60

← Previous Next →