Installing Ethereum Development tools: geth and truffle on Ubuntu 22

Geth (Go Ethereum) is Ethereum client. It is Ethereal node to access to blockchain, run the Ethereal Virtual Machine (EVM) and mine. Geth is command line application. Truffle is a develop framework to smart contracts. I tried to install both on Ubuntu 22 using CLI only and what happened. With geth was simple, I downloaded… Read More »

ChatGTP client in c#

It is continuation of previous post “Ask ChatGPT to answer a question using curl command” but request to ChatGPT server is sent by c# code. The authentication secret key in example below has been revoked, so if you want copy-paste the code you need to use your own OpenAI authentication secret key or request new… Read More »

Ask ChatGPT to answer a question using curl command.

It is my beginning trail of ChatGPT (Generative pre-trained transformer) from OpenAI. It is possible to chat with ChatGPT there: https://chat.openai.com. However the main goal of this post to ask ChatGPT by sending raw HTTP request. To get access to OpenAI API you need to generate security key using this link: https://platform.openai.com/account/api-keys. The security key… Read More »

ssh Vulnerability DoS test

This test was created when I worked with CVE-2002-20001 vulnerability. The vulnerability is about diffie-hellman-group-exchange-sha256 key exchange algorithm with high computational complexity which is using long exponents that arguably make certain calculations unnecessarily expensive. To test the issue I created small bash script ddosssh.sh to simulate DDoS attack on ssh server using different key exchange… Read More »

How to Replace a Substring in a String in c++ code

A bit away for from security themes just simple c++ coding related to string processing, changing substring in char array. Recently I had a task to hide some private info in log replacing it with asterisks. It is the code, I tried to do it the new substituted substring may longer or shorter then initial… Read More »

OCSP request using openssl command in Linux terminal

This post is continuation of 2 previous ones. It demonstrates how to send Online Certificate Status Protocal (OCSP) request to CA server about certificate revocation status using openssl terminal commands. The procedure consists of the same steps as it was presented in c++ and c# codes: find OCSP URL, get server certificate and certificate chain,… Read More »

Linux c++ OCSP Client based on openssl API

It is functionally similar OCSP (Online Certificate Status Protocol) client as presented in previous post “Windows OCSP Client based on BouncyCastle.Crypto.dll” but oriented for Linux OS and written on C++ using openssl API. The code was tested on Ubuntu 22.04 and CentOS 8 only, but I hope it should be compatible with other Linux OS… Read More »

Windows OCSP Client based on BouncyCastle.Crypto.dll

OCSP (Online Certificate Status Protocol) is generally used to obtain revocation certificate status from certification authority (CA) as alternative to CRL (Certificate Revocation List). OCSP request is sent to server as HTTP POST request with 2 specific header values “application/ocsp-request” as Content-Type and “application/ocsp-response” as Accept. The example of OCSP request I got from Wireshark… Read More »

Golang. UTF-8 String from unsafe pointer

It is a continuation of previous post “Compare storage of string in memory for c++ and golang using dgb” where gbg debugger was used to read characters defined in string variable directly from memory. The example below shows how to read string bytes from memory using unsafe pointer. String encoding is UTF-8, and it contains… Read More »

Compare storage of string in memory for c++ and golang using gdb

Probably everybody knows that c++ string is a sequence of characters terminated by 0. In golang string is stored in different way as a structure with 2 members: pointer to character sequence (type uintptr) and length of character sequence (type integer). Below there are 2 examples how to check and modify string in memory for… Read More »