GPG Command Line Examples

Here are some GPG examples for creating symmetric and asymmetric encrypted messages. The code used below is written for PowerShell.

Download keys from a key server

gpg --keyserver pgp.mit.edu --search-keys streeter76@gmail.com
gpg --keyserver pgp.mit.edu --recv-keys 88488596

Import private key

gpg --import ./private.asc

Put the contents of a file into a variable to be encrypted

$a = gc /etc/passwd

Symmetric encryption of the variable contents

$a | gpg --symmetric --armor
# Decrypt the message
$a | gpg --decrypt

Symmetric encryption of the variable contents with the passphrase provided

$a | gpg --symmetric --armor --passphrase password
# Decrypt the message with the passphrase provided
$a | gpg --decrypt --passphrase password

Encrypt the variable contents for a recipient

$a | gpg -e -r joseph.streeter76@gmail.com --armor

Decrypt the message sent to recipient

$b | gpg -d

Get Log Entries For a Range of Time on Linux

You need to check the logs for a problem and you know when it occurred. This will allow you to grab all of the entries for a period of time to make the search for clues easier.

sudo cat secure | awk '/^Dec  1 09:27/,/^Dec  1 09:33/'
Dec  1 09:03:09 u16532612 sshd[24297]: Failed password for root from 43.229.53.54 port 43335 ssh2
Dec  1 09:03:12 u16532612 sshd[24297]: Failed password for root from 43.229.53.54 port 43335 ssh2
Dec  1 09:03:14 u16532612 sshd[24297]: Failed password for root from 43.229.53.54 port 43335 ssh2

Check SHA1 Hash of a File with PowerShell

A short PowerShell script for checking the hash on a file downloaded from the Internet

$FilePath = "C:\users\user\downloads\gpg4win-2.2.4.exe"

$Sha1 = New-Object -TypeName System.Security.Cryptography.SHA1CryptoServiceProvider

$hashSha1 = [System.BitConverter]::ToString($sha1.ComputeHash([System.IO.File]::ReadAllBytes($FilePath)))

If ($hashSha1.Replace("-","") -eq $SourceSha1) {"Match"}Else{"Doesn not Match"}

$hashSha1.Replace("-","")
$SourceSha1.ToUpper()

Read DoD STIG XML file into MS Access Database

The Department of Defense offers public access to the Security Technical Implementation Guides for various equipment and technologies. They come in XML so it’s possible to manipulate the information with PowerShell and put it into an Access Database.

In order to access an MS Access database with PowerShell from Windows 8 you will need to install the Microsoft Access Database Engine.
Download Continue reading “Read DoD STIG XML file into MS Access Database”

Beacon Attack Script

Using MDK3 to create a bunch of fake wireless networks is a neat party trick. This bash script will create a text file with a list of network names, defined in a the “networks” array, if it doesn’t already exist.

Then the script will configure the interface by putting it in monitor mode. Finally the script will fire off MDK3 using the text file created earlier. Continue reading “Beacon Attack Script”

Configure SSHD for Security

The Secure Shell daemon should be hardened to prevent unauthorized access before being put into production.

Verify that /etc/ssh/sshd_config contains the following lines and that they are not commented out.

  • Protocol 2
  • IgnoreRhosts yes
  • HostbasedAuthentication no
  • PermitRootLogin no
  • Banner /etc/issue (See banner example below)
  • PermitEmptyPasswords no
  • AllowTcpForwarding no (unless needed)
  • X11Forwarding no
  • AllowUsers <username1> <username2> (Optional)
  • DenyUsers <username1> <username2> (Optional) Continue reading “Configure SSHD for Security”

Create Legacy IPsec Policy from CLI

The following commands can be used to script the creation of legacy IPsec policies. The example here creates an IPsec policy meant to secure all IP traffic between domain controllers in separate forests in order to secure AD forest trust traffic.
This example uses PSK for authentication, but you should use certificates if possible. Continue reading “Create Legacy IPsec Policy from CLI”