How to extract IV from ciphertext in XML

I have received an encrypted XML document, that contains a. An encrypted session key – this was encrypted using my public key. I have succesfully decrypted this using:

const decryptedSessionKey = crypto.privateDecrypt( { key: privKey, padding: crypto.constants.RSA_PKCS1_PADDING }, encryptedString );

b. The actual Ciphertext (UTF-8 encoded, 85228 is the character length)

c. The w3 specs suggest that the Initialisation Vector is prefixed to this cipher text, so I converted the cipher text to a Buffer, and sliced the first 16 bytes to create the IV. I then used:

const xmlIV = Buffer.from(message.slice(0, 16), ‘utf-8’);

const cryptoIv = Buffer.alloc(16, xmlIV); // Initialization vector.

const decipher = crypto.createDecipheriv(cryptoAlgorithm, decryptedSessionKey, cryptoIv);

// message.slice is removing the prefixed IV.

let decrypted = decipher.update(message.slice(16), ‘binary’, ‘binary’);

try {

Buffer.concat(decrypted, decipher.final('binary')); 

} catch (err) {

console.error('Authentication failed!'); 

}

console.log(decrypted)

Decrypted is a buffer of length 85200 – which is 12 characters shorter than the message. And converting it to a utf-8 encoded string returns corrupted text.

Any superheroes out there who could help troubleshoot this ? Many thanks!

John the Ripper: Cannot extract hash from PDF because Python keeps opening?

I’m having a really strange issue. I’m attempting to extract a hash from a user-password encrypted .pdf with John the Ripper’s pdf2john tool, but every time I run the command:

c:\...\run\pdf2john.pl mypdf.pdf 

My Python IDE (Visual Studio Code) opens up the pdf2john.pl file and the following appears in the command line:

[main 2020-06-18T10:02:06.775Z] update#setState idle (node:15044) Electron: Loading non context-aware native modules in the renderer process is deprecated and will stop working at some point in the future, please see https://github.com/electron/electron/issues/18397 for more information [main 2020-06-18T10:02:36.776Z] update#setState checking for updates [main 2020-06-18T10:02:36.934Z] update#setState downloading 

Any ideas on how to stop my IDE from opening up and having the command actually work as expected? The latest version of Perl is installed on my machine.

Is it possible to extract an Instagram password hash? [closed]

I have lost access to my instagram account, it might’ve been hacked and I am trying to regain access. The problem is that I don’t have access to the email I used to create an account and neither have I linked it to the Facebook. Support also wasn’t helpful. Therefore I decided I’d give it a go.

I’ve launched a dictionary attack against it but considering its limitations, I would also like to explore other options.

I thought that I might have more luck deciphering the hash. Is it possible to extract instagram’s password hash associated with my account and if yes, how to do so? Are there any other things I can try?

Thanks!

Licorice Extract suppliers

HuaKang Profile
HUNAN HUAKANG BIOTECH INC.,( Stock code: 870480) is a global natural ingredients supplier, specializing in extraction, development and separation of the active ingredients from natural products since 2003. Now Hunan Huakang Biotech Inc. have a strong strength and rich experience on botanical extract. We insist on “ honest & professional” as our service concept, and we continually develop more new organic natural ingredient for Nutraceutical, Health Foods,Cosmetics, Functional Food & Beverages, Sports Nutrition, and Animal Nutrition, Pharmaceuticals. And keep our customers one step ahead of the competition.
Our Factory equipped with a full set of extraction, concentration, column chromatography, refined separation facilities, freeze-drying, vacuum drying, spray drying. Factories in strict accordance with the GMP standards to ensure that our products are stable and high quality.
R & D laboratories equipped with a full set of testing equipment, such as high performance liquid chromatography, thin layer chromatography, gas chromatography, ultraviolet, capillary electrophoresis, to strictly control product quality.
Hunan Huakang Biotech, Inc. has established a perfect quality management system, and certified by ORGANIC, ISO9001, ISO22000(HACCP), KOSHER and HALAL.
HuaKang Exhibition
HUNAN HUAKANG BIOTECH INC. will be your most professional and trusted partner!Licorice Extract suppliers
website:http://www.extracts-online.com/
website2:http://www.biotecherb.com/

extract only single value from multiple rows based on certain condition for same id in Oracle

I’m oracle beginner, and I’m having trouble shooting the below issue –

My table is –

+——-+——+——-+—— + | ID | GRP | ITDESC| DEN |
+——-+——+——-+—— + | 12345 | MANX | Apple | SendV | +——-+——+——-+—— + | 12345 | MANX | Apple | Manual| +——-+——+——-+——- | 12345 | MANX | Apple | UnVeri| +——-+——+——-+—— + | 12346 | MANX | Mango | UnVeri| +——-+——+——-+—— + | 12347 | MANX | PineAp| SendV| +——-+——+——-+—— + 12348 | MANX | Pine | Manual|

I am expecting –

+——-+——+——-+—— + | ID | GRP | ITDESC| DEN |
+——-+——+——-+—— + | 12345 | MANX | Apple | SendV | +——-+——+——-+—— + | 12346 | MANX | Mango | UnVeri| +——-+——+——-+—— + | 12347 | MANX | PineAp| SendV| +——-+——+——-+—— + | 12348 | MANX | Pine | Manual| +——-+——+——-+—— +

I have multiple rows that has only the DEN column different for the same id. My aim is – for the same id perform the check – If the Value of DEN is ‘Manual’ then check to see if there is ‘SendV’ in DEN column for that id. If it is present then consider ‘SendV’ otherwise consider ‘Manual’. Note in the provided example, the order is a random, the SendV can be in 2nd row or 3rd row or 4th row based on the action, however the text of DEN will be same as said above.

select * from table t1 where DEN IN (‘Manual’, ‘SendV’) .I am not aware how to write the condition??

Any suggestions/oracle query help is welcome.

extract public key from Certificate Signing Request

Hi is there a way where we can extract public key from certificate signing request ? if so can this be done using python3 ? here is the sample csr from https://www.digicert.com/order/sample-csr.php as an example. I have some POC regarding this, please let me know the steps of extracting public key from CSR, or do I need to provide more information.

-----BEGIN CERTIFICATE REQUEST----- MIICvDCCAaQCAQAwdzELMAkGA1UEBhMCVVMxDTALBgNVBAgMBFV0YWgxDzANBgNV BAcMBkxpbmRvbjEWMBQGA1UECgwNRGlnaUNlcnQgSW5jLjERMA8GA1UECwwIRGln aUNlcnQxHTAbBgNVBAMMFGV4YW1wbGUuZGlnaWNlcnQuY29tMIIBIjANBgkqhkiG 9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8+To7d+2kPWeBv/orU3LVbJwDrSQbeKamCmo wp5bqDxIwV20zqRb7APUOKYoVEFFOEQs6T6gImnIolhbiH6m4zgZ/CPvWBOkZc+c 1Po2EmvBz+AD5sBdT5kzGQA6NbWyZGldxRthNLOs1efOhdnWFuhI162qmcflgpiI WDuwq4C9f+YkeJhNn9dF5+owm8cOQmDrV8NNdiTqin8q3qYAHHJRW28glJUCZkTZ wIaSR6crBQ8TbYNE0dc+Caa3DOIkz1EOsHWzTx+n0zKfqcbgXi4DJx+C1bjptYPR BPZL8DAeWuA8ebudVT44yEp82G96/Ggcf7F33xMxe0yc+Xa6owIDAQABoAAwDQYJ KoZIhvcNAQEFBQADggEBAB0kcrFccSmFDmxox0Ne01UIqSsDqHgL+XmHTXJwre6D hJSZwbvEtOK0G3+dr4Fs11WuUNt5qcLsx5a8uk4G6AKHMzuhLsJ7XZjgmQXGECpY Q4mC3yT3ZoCGpIXbw+iP3lmEEXgaQL0Tx5LFl/okKbKYwIqNiyKWOMj7ZR/wxWg/ ZDGRs55xuoeLDJ/ZRFf9bI+IaCUd1YrfYcHIl3G87Av+r49YVwqRDT0VDV7uLgqn 29XI1PpVUNCPQGn9p/eX6Qo7vpDaPybRtA2R7XLKjQaF9oXWeCUqy1hvJac9QFO2 97Ob1alpHPoZ7mWiEuJwjBPii6a9M9G30nUo39lBi1w= -----END CERTIFICATE REQUEST----- 

discount Java Tea Extract

Organic Herb Inc. is a joint-stock company established by Changsha Organic Herb Inc. Changsha Organic Herb Inc. was registered in Changsha County,Changsha, Hunan province on 24th December, 2004. It is completed the Joint-Stock System Reorganizationin in July 2015 and updated the company name as Organic Herb Inc. Organic Herb Inc is issued“Business License of Enterprise Legal Person by Changsha Administration for Industry & Commerce on 31th July, 2015 and listed on New OTC Market successfully on 16, October 2015. Organic Herb Inc. ‘s legal representative is Xirong Liu and the business scope of the development, production, marketing for plant extracts; Research and development of biological products, and production of traditional Chinese medicine .
Organic Herb Inc. established a wholly-owned subsidiary of Phyto Nutraceutial Inc.  and Jiangxi Organic Herb Biotechnology co., LTD. which is located in Ychun city, Jiangxi province. Organic Herb Inc. is specialized in Rhodiola Rosea Extract, Bilberry extract, Maca Extract, Tongkat Ali Extract, Resveratrol, Grape Vine Extract, Epimedium Extract, Natural Colors and plant functional components such as the high purity extracts and standardized extracts.
Organic Herb Inc.’s products focus on the combination of technology and market demand to ensure the products have high technical content and the broad applicability, and pay high attention to its environmental protection and high efficiency.discount Java Tea Extract
website:http://www.extract-supplier.com/

Is it possible to extract a certificate that an application uses to connect to an API server?

There’s an API server that only allows connections including specific SSL certificates. Talking about an Android application that has those certificates.

Using Fiddler without SSL descryption as a proxy between the app and the server, I can see the request being accepted by the server. Now how can I extract that certificate and use it to send requests to the API. Is it possible with Fiddler, or other tools are needed, like Wireshark?

I have tried Wireshark and exported Certificates, but using them with Fiddler, still doesn’t let me connect to the server.

Also, is this called SSL pinning from server side?