SSH security

helpers/ciphertext-tampering/Cargo.lock

@@ -0,0 +1,93 @@
+# This file is automatically @generated by Cargo.
+# It is not intended for manual editing.
+version = 3
+
+[[package]]
+name = "cfg-if"
+version = "1.0.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd"
+
+[[package]]
+name = "chacha20"
+version = "0.9.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c3613f74bd2eac03dad61bd53dbe620703d4371614fe0bc3b9f04dd36fe4e818"
+dependencies = [
+ "cfg-if",
+ "cipher",
+ "cpufeatures",
+]
+
+[[package]]
+name = "cipher"
+version = "0.4.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "773f3b9af64447d2ce9850330c473515014aa235e6a783b02db81ff39e4a3dad"
+dependencies = [
+ "crypto-common",
+ "inout",
+]
+
+[[package]]
+name = "ciphertext-tampering"
+version = "0.1.0"
+dependencies = [
+ "chacha20",
+]
+
+[[package]]
+name = "cpufeatures"
+version = "0.2.13"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "51e852e6dc9a5bed1fae92dd2375037bf2b768725bf3be87811edee3249d09ad"
+dependencies = [
+ "libc",
+]
+
+[[package]]
+name = "crypto-common"
+version = "0.1.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3"
+dependencies = [
+ "generic-array",
+ "typenum",
+]
+
+[[package]]
+name = "generic-array"
+version = "0.14.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "85649ca51fd72272d7821adaf274ad91c288277713d9c18820d8499a7ff69e9a"
+dependencies = [
+ "typenum",
+ "version_check",
+]
+
+[[package]]
+name = "inout"
+version = "0.1.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a0c10553d664a4d0bcff9f4215d0aac67a639cc68ef660840afe309b807bc9f5"
+dependencies = [
+ "generic-array",
+]
+
+[[package]]
+name = "libc"
+version = "0.2.158"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d8adc4bb1803a324070e64a98ae98f38934d91957a99cfb3a43dcbc01bc56439"
+
+[[package]]
+name = "typenum"
+version = "1.17.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "42ff0bf0c66b8238c6f3b578df37d0b7848e55df8577b3f74f92a69acceeb825"
+
+[[package]]
+name = "version_check"
+version = "0.9.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0b928f33d975fc6ad9f86c8f283853ad26bdd5b10b7f1542aa2fa15e2289105a"

helpers/ciphertext-tampering/Cargo.toml

@@ -0,0 +1,7 @@
+[package]
+name = "ciphertext-tampering"
+version = "0.1.0"
+edition = "2021"
+
+[dependencies]
+chacha20 = "0.9.1"

helpers/ciphertext-tampering/src/main.rs

@@ -0,0 +1,32 @@
+use chacha20::cipher::KeyIvInit;
+use chacha20::cipher::StreamCipher;
+use chacha20::cipher::StreamCipherSeek;
+
+fn main() {
+    let key: chacha20::Key = [
+        0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 19, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24,
+        25, 26, 27, 28, 29, 30, 31,
+    ]
+    .into();
+    let nonce: chacha20::Nonce = [0; 12].into();
+    let mut cipher = chacha20::ChaCha20::new(&key, &nonce);
+
+    let mut plaintext = "ls -l /etc".as_bytes().to_vec();
+    eprintln!("{:x?}", plaintext);
+    cipher.apply_keystream(&mut plaintext);
+
+    eprintln!("{:x?}", plaintext);
+    flippit(&mut plaintext);
+    eprintln!("{:x?}", plaintext);
+
+    cipher.seek(0);
+    cipher.apply_keystream(&mut plaintext);
+    eprintln!("{:x?}", plaintext);
+    eprintln!("{:x?}", String::from_utf8(plaintext).unwrap());
+}
+
+fn flippit(ciphertext: &mut [u8]) {
+    ciphertext[0] ^= 0b0001_1110;
+    ciphertext[1] ^= 0b0001_1110;
+    ciphertext[4] ^= 0b0001_1110;
+}