The first post “Installing Ethereum Development tools: geth and truffle on Ubuntu 22” was about preparation of development and testing environment to create first simple smart contract application. Now let us create application itself. Again, everything on Ubuntu 22 machine. Create working directory and initialize new and empty Ethereum project: # mkdir -p /workspace/contract1 #… Read More »
Geth (Go Ethereum) is Ethereum client. It is Ethereal node to access to blockchain, run the Ethereal Virtual Machine (EVM) and mine. Geth is command line application. Truffle is a develop framework to smart contracts. I tried to install both on Ubuntu 22 using CLI only and what happened. With geth was simple, I downloaded… Read More »
It is continuation of previous post “Ask ChatGPT to answer a question using curl command” but request to ChatGPT server is sent by c# code. The authentication secret key in example below has been revoked, so if you want copy-paste the code you need to use your own OpenAI authentication secret key or request new… Read More »
It is my beginning trail of ChatGPT (Generative pre-trained transformer) from OpenAI. It is possible to chat with ChatGPT there: https://chat.openai.com. However the main goal of this post to ask ChatGPT by sending raw HTTP request. To get access to OpenAI API you need to generate security key using this link: https://platform.openai.com/account/api-keys. The security key… Read More »
This test was created when I worked with CVE-2002-20001 vulnerability. The vulnerability is about diffie-hellman-group-exchange-sha256 key exchange algorithm with high computational complexity which is using long exponents that arguably make certain calculations unnecessarily expensive. To test the issue I created small bash script ddosssh.sh to simulate DDoS attack on ssh server using different key exchange… Read More »
A bit away for from security themes just simple c++ coding related to string processing, changing substring in char array. Recently I had a task to hide some private info in log replacing it with asterisks. It is the code, I tried to do it the new substituted substring may longer or shorter then initial… Read More »
This post is continuation of 2 previous ones. It demonstrates how to send Online Certificate Status Protocal (OCSP) request to CA server about certificate revocation status using openssl terminal commands. The procedure consists of the same steps as it was presented in c++ and c# codes: find OCSP URL, get server certificate and certificate chain,… Read More »
It is functionally similar OCSP (Online Certificate Status Protocol) client as presented in previous post “Windows OCSP Client based on BouncyCastle.Crypto.dll” but oriented for Linux OS and written on C++ using openssl API. The code was tested on Ubuntu 22.04 and CentOS 8 only, but I hope it should be compatible with other Linux OS… Read More »
OCSP (Online Certificate Status Protocol) is generally used to obtain revocation certificate status from certification authority (CA) as alternative to CRL (Certificate Revocation List). OCSP request is sent to server as HTTP POST request with 2 specific header values “application/ocsp-request” as Content-Type and “application/ocsp-response” as Accept. The example of OCSP request I got from Wireshark… Read More »
It is a continuation of previous post “Compare storage of string in memory for c++ and golang using dgb” where gbg debugger was used to read characters defined in string variable directly from memory. The example below shows how to read string bytes from memory using unsafe pointer. String encoding is UTF-8, and it contains… Read More »