Innovation and Laboratory Area in ElevenPaths Our Telegram channel CyberSecurityPulse has already a webpage Our Cybersecurity Pulse Telegram channel already has a website. Follow us to keep up to date with the most relevant cybersecurity news.
ElevenPaths Download for Free Our New Book: ‘Irrational Decisions in Cybersecurity: How to Overcome Thinking Errors That Bias Your Judgements’ In the transmedia universe of Blade Runner, replicants are artificial human beings manufactured by bioengineering by Tyrell Corporation. They are physically indistinguishable from a human, except for one detail: their lack of...
Innovation and Laboratory Area in ElevenPaths #CyberSecurityReport19H1: 45,000 apps removed from Google Play, 2% of them detected by antiviruses Currently, there are a number of reports addressing trends and summaries on security. However, at ElevenPaths we want to make a difference. Our Innovation and Labs team has just...
ElevenPaths #CyberSecurityPulse: Guess Riddle… How Is Information Stored In a Bitcoin Address? As we have seen in previous post on ElevenPaths blog, the OP_RETURN field of a Bitcoin transaction is used to store a small portion of information (up to 80...
Innovation and Laboratory Area in ElevenPaths Our Telegram channel CyberSecurityPulse has already a webpage Our Cybersecurity Pulse Telegram channel already has a website. Follow us to keep up to date with the most relevant cybersecurity news.
ElevenPaths Download for Free Our New Book: ‘Irrational Decisions in Cybersecurity: How to Overcome Thinking Errors That Bias Your Judgements’ In the transmedia universe of Blade Runner, replicants are artificial human beings manufactured by bioengineering by Tyrell Corporation. They are physically indistinguishable from a human, except for one detail: their lack of...
ElevenPaths New tool: SKrYPtEd, your Skype conversations local database protector Did you know your Skype conversations are stored in plaintext in your hard drive? Did you know anyone could just grab them with some kind of malware and upload...
ElevenPaths #CyberSecurityPulse: The Boom of JavaScript Miners The most common question in recent months derived from the rebound in the value of numerous cryptocurrency is: Do I invest or not invest? However, as we know, there...
Innovation and Laboratory Area in ElevenPaths Our Telegram channel CyberSecurityPulse has already a webpage Our Cybersecurity Pulse Telegram channel already has a website. Follow us to keep up to date with the most relevant cybersecurity news.
ElevenPaths Download for Free Our New Book: ‘Irrational Decisions in Cybersecurity: How to Overcome Thinking Errors That Bias Your Judgements’ In the transmedia universe of Blade Runner, replicants are artificial human beings manufactured by bioengineering by Tyrell Corporation. They are physically indistinguishable from a human, except for one detail: their lack of...
Innovation and Laboratory Area in ElevenPaths Our Telegram channel CyberSecurityPulse has already a webpage Our Cybersecurity Pulse Telegram channel already has a website. Follow us to keep up to date with the most relevant cybersecurity news.
ElevenPaths New tool: Masked Extension Control (MEC), don’t trust Windows extensions Windows relies too much on extensions to choose the program that must process a file. For instance, any .doc file will be opened by Word, regardless of its “magic...
How to implement Oauth protocol in Powershell (an example with Latch)Florence Broderick 9 April, 2014 Latch already counts with lots of SDKs and plugins, so you can implement it with different languages or use it with your favorite CMS. There is an “unofficial” bash implementation, even. But you may want to experiment with Latch and some Powershell scripting. Since Latch uses some kind of Oauth technique to authenticate, you may use this code to implement any other Oauth protocol with Powershell, with minor changes to this code. Different SDKs and plugins developed so far The best way to deal with this is to create a Powershell module that will export some functions. Creating a module is easy. Just use your editor of choice and write down the functions you need. You will need a Latch account, remember this is just as easy as: Register for free here to get a Latch account in a couple of minutes. Register as a developer. Create your account so you get your Secret and AppId. Download the app for your smartphone: It is available for Android, iOS, Windows Phone and Firefox OS. Coding We will create some funcions so we can interact with the official API. First of all, the constants: Set-Variable API_HOST -option Constant -value "https://latch.elevenpaths.com";Set-Variable API_CHECK_STATUS_URL -option Constant -value "/api/0.6/status";Set-Variable API_PAIR_URL -option Constant -value "/api/0.6/pair";Set-Variable API_UNPAIR_URL -option Constant -value "/api/0.6/unpair"; This will be the code function for the other ones. It will get an URL, the AppId and the Secret. Will return the result (code is simplified): function AuthenticationHeaders{ param( [string] $url, [string] $applicationId, [string] $secretkey ) $requestSignature="GET`n" $date = Get-Date -format u $date = $date.Substring(0,$date.Length-1) $requestSignature+=$date+"`n`n"+$url $sha = new-object System.Security.Cryptography.HMACSHA1 $sha.Key = [Text.Encoding]::ASCII.GetBytes($secretkey) $seedBytes = [Text.Encoding]::ASCII.GetBytes($requestSignature) $digest = $sha.ComputeHash($seedBytes) $base64Encoded = [Convert]::Tobase64String($digest) $wc = New-Object system.net.webclient $wc.Headers.Add("Authorization","11PATHS " + "$($applicationId) $($base64Encoded)") $wc.Headers.Add("X-11Paths-Date", $date) Try { $result = $wc.DownloadString($API_HOST+$url) } Catch { $ErrorMessage = $_.Exception.Message $FailedItem = $_.Exception.ItemName Break } return $result} Now you have the basics, the functionality is easier to achieve. For example, pairing an account would be just this: function Pair{ param( $applicationId, $secretkey, $pairingCode ) $url = "$($API_PAIR_URL)/$($pairingCode)" $result = AuthenticationHeaders $url $applicationId $secretkey return $result} That will just basically call AuthenticationHeaders with the right parameters. To check the status of the account (one of the most important features) just use this, using again the main AuthenticationHeaders function. function Status{ param( $applicationId, $secretkey, $accountID ) $url = "$($API_CHECK_STATUS_URL)/$($accountID)" $result = AuthenticationHeaders $url $applicationId $secretkey return $result} For unpairing: function UnPair{ param( $applicationId, $secretkey, $accountID ) $url = "$($API_UNPAIR_URL)/$($accountID)" $result = AuthenticationHeaders $url $applicationId $secretkey return $result} How to use it There is much more to do and functions to implement, that are left as an exercise to the reader. To use this code, insert a line in the module with the functions you want to export, like: Export-ModuleMember -Function Pair,UnPair,Status Now, you can install this module, (just copying it to %UserProfile%DocumentsWindowsPowerShellModules, for example) and use it like this,. If you named it Latch.ps1, it would be, for example: $l = import-module Latch -ascustomobject$applicationId="bqwRxYXXXXXXX"$secretkey="6O6zi6PDPnLzfVZcXXXXXXXXXXXXXXX"$accountID="543ac56903aee2bc7fa40c88ed274e1XXXXXXXXXXXXXXX"$l.Pair($applicationId,$secretkey,$args[0])$l.Status($applicationId,$secretkey,$accountID)$l.UnPair($applicationId,$secretkey,$accountID) This commands will return a JSON you can parse, just like the specifications in https://latch.elevenpaths.com suggest. An example of using this scripts for pairing, getting the status and unparing For another approach to this problem, the SDK for powershell may be used, that will be available soon. Latch Event Monitor: New tool to integrate Latch with Windows EventsHeartbleed plugin, ready for FaasT
Innovation and Laboratory Area in ElevenPaths Our Telegram channel CyberSecurityPulse has already a webpage Our Cybersecurity Pulse Telegram channel already has a website. Follow us to keep up to date with the most relevant cybersecurity news.
ElevenPaths Download for Free Our New Book: ‘Irrational Decisions in Cybersecurity: How to Overcome Thinking Errors That Bias Your Judgements’ In the transmedia universe of Blade Runner, replicants are artificial human beings manufactured by bioengineering by Tyrell Corporation. They are physically indistinguishable from a human, except for one detail: their lack of...
Sergio De Los Santos New App to Clean Metadata More Easily We are not going to repeat the dangers of metadata, since it has been discussed for quite some time now. However, we can try to make its management and cleaning simpler. Some...
ElevenPaths We Announce Our Digital Operation Centers, Where All Our Digital Services Are Focused The Telefónica Cybersecurity Unit holds its VII Security Innovation Day, under the motto ‘Guards for Digital Lives.’With speakers such as Chema Alonso, Pedro Pablo Pérez, Julia Perea and Ester...
Innovation and Laboratory Area in ElevenPaths EasyDoH Update Hot off the Press: New Improvements and Functionalities Just a few weeks ago, we launched EasyDoH: an extension for Firefox that simplifies the use of DNS over HTTPS. We have been asked about its improvements and several...
Innovation and Laboratory Area in ElevenPaths Google report 17% of Microsoft vulnerabilities. Microsoft and Qihoo, 10% Who finds more vulnerabilities in Microsoft products? What percentage of vulnerabilities are discovered by Microsoft, other companies or vulnerability brokers? How many flaws have unknown discoverers? Over this report we have analyzed...
