ElevenPaths ElevenPaths Radio English #2 – Secure Homeworking It is increasingly common to see companies that offer their workers the possibility of working from home, combining it with work from the office, and even companies that are...
ElevenPaths ElevenPaths Joins OpenSSF to Enhance Open Source Software Security This new Open Source Security Foundation (OpenSSF) brings together leading technology companies such as Microsoft, Google, Red Hat and IBM, among others.It combines efforts from the Core Infrastructure Initiative,...
Pablo Alarcón Padellano Securing your Cloud Native Applications in AWS in the New Normal The New Cloud Adoption Reality Yes, we are facing a New Normal, and we are living a new cloud adoption reality as well. Enterprise cloud adoption accelerates in face of...
ElevenPaths SealSign integration with the Azure Key Vault ElevenPaths and Microsoft, thanks to Gradiant technology, have integrated the Azure Key Vault into the SealSign platform. This partnership provides a server-based digital signature and certificate safekeeping service, based...
Innovation and Laboratory Area in ElevenPaths ClipBanker Malware Tries to Stop Our Defence Tool CryptoClipWatcher The malware capable of modifying the clipboard to “switch” the crypto wallet still exists. To fight it, ElevenPaths developed CryptoClipWatcher, a tool that monitors the clipboard and alerts if...
ElevenPaths Cybersecurity Weekly Briefing July 25-31 BootHole: Vulnerability in GRUB2 Eclypsium researchers have discovered a buffer overflow vulnerability in the GRUB2 bootloader that could be used to execute arbitrary code during the boot process. It has...
ElevenPaths Evrial, malware that steals Bitcoins using the clipboard… and the scammed scammers Evrial is the latest cryptocoin malware stealer, and uses the power to control the clipboard as its strongest bet to get “easy money”. Elevenpaths has took a deep...
ElevenPaths Whitepaper “Windows Malicious Events Detection With Security Monitoring” This whitepaper gathers the results of the work carried out by Telefonica Chief Data Officer and ElevenPaths Product Unit in order to detect a sucession of events, not necessarily...
ElevenPaths ElevenPaths Radio English #2 – Secure Homeworking It is increasingly common to see companies that offer their workers the possibility of working from home, combining it with work from the office, and even companies that are...
Gabriel Bergel Cybersecurity and Pandemic (I): People Cybersecurity is even more important in these times of pandemic and increasing cyberattacks, yes, but in addition to being a business focus at the corporate level, it must also...
ElevenPaths ElevenPaths and Chronicle partner to create new advanced managed security services ElevenPaths, Telefónica’s cybersecurity company, today announced a strategic collaboration with Chronicle, a cybersecurity solutions company part of Google Cloud, aimed at bringing more powerful and flexible managed security analytics...
ElevenPaths The hugest collection of usernames and passwords has been filtered…or not (II) Over the last entry we focused on analyzing the content of these files from a critical point of view, this is: on clarifying that when a massive leak freeing...
How to implement Oauth protocol in Powershell (an example with Latch)Florence Broderick 9 April, 2014 Latch already counts with lots of SDKs and plugins, so you can implement it with different languages or use it with your favorite CMS. There is an “unofficial” bash implementation, even. But you may want to experiment with Latch and some Powershell scripting. Since Latch uses some kind of Oauth technique to authenticate, you may use this code to implement any other Oauth protocol with Powershell, with minor changes to this code. Different SDKs and plugins developed so far The best way to deal with this is to create a Powershell module that will export some functions. Creating a module is easy. Just use your editor of choice and write down the functions you need. You will need a Latch account, remember this is just as easy as: Register for free here to get a Latch account in a couple of minutes. Register as a developer. Create your account so you get your Secret and AppId. Download the app for your smartphone: It is available for Android, iOS, Windows Phone and Firefox OS. Coding We will create some funcions so we can interact with the official API. First of all, the constants: Set-Variable API_HOST -option Constant -value "https://latch.elevenpaths.com";Set-Variable API_CHECK_STATUS_URL -option Constant -value "/api/0.6/status";Set-Variable API_PAIR_URL -option Constant -value "/api/0.6/pair";Set-Variable API_UNPAIR_URL -option Constant -value "/api/0.6/unpair"; This will be the code function for the other ones. It will get an URL, the AppId and the Secret. Will return the result (code is simplified): function AuthenticationHeaders{ param( [string] $url, [string] $applicationId, [string] $secretkey ) $requestSignature="GET`n" $date = Get-Date -format u $date = $date.Substring(0,$date.Length-1) $requestSignature+=$date+"`n`n"+$url $sha = new-object System.Security.Cryptography.HMACSHA1 $sha.Key = [Text.Encoding]::ASCII.GetBytes($secretkey) $seedBytes = [Text.Encoding]::ASCII.GetBytes($requestSignature) $digest = $sha.ComputeHash($seedBytes) $base64Encoded = [Convert]::Tobase64String($digest) $wc = New-Object system.net.webclient $wc.Headers.Add("Authorization","11PATHS " + "$($applicationId) $($base64Encoded)") $wc.Headers.Add("X-11Paths-Date", $date) Try { $result = $wc.DownloadString($API_HOST+$url) } Catch { $ErrorMessage = $_.Exception.Message $FailedItem = $_.Exception.ItemName Break } return $result} Now you have the basics, the functionality is easier to achieve. For example, pairing an account would be just this: function Pair{ param( $applicationId, $secretkey, $pairingCode ) $url = "$($API_PAIR_URL)/$($pairingCode)" $result = AuthenticationHeaders $url $applicationId $secretkey return $result} That will just basically call AuthenticationHeaders with the right parameters. To check the status of the account (one of the most important features) just use this, using again the main AuthenticationHeaders function. function Status{ param( $applicationId, $secretkey, $accountID ) $url = "$($API_CHECK_STATUS_URL)/$($accountID)" $result = AuthenticationHeaders $url $applicationId $secretkey return $result} For unpairing: function UnPair{ param( $applicationId, $secretkey, $accountID ) $url = "$($API_UNPAIR_URL)/$($accountID)" $result = AuthenticationHeaders $url $applicationId $secretkey return $result} How to use it There is much more to do and functions to implement, that are left as an exercise to the reader. To use this code, insert a line in the module with the functions you want to export, like: Export-ModuleMember -Function Pair,UnPair,Status Now, you can install this module, (just copying it to %UserProfile%DocumentsWindowsPowerShellModules, for example) and use it like this,. If you named it Latch.ps1, it would be, for example: $l = import-module Latch -ascustomobject$applicationId="bqwRxYXXXXXXX"$secretkey="6O6zi6PDPnLzfVZcXXXXXXXXXXXXXXX"$accountID="543ac56903aee2bc7fa40c88ed274e1XXXXXXXXXXXXXXX"$l.Pair($applicationId,$secretkey,$args[0])$l.Status($applicationId,$secretkey,$accountID)$l.UnPair($applicationId,$secretkey,$accountID) This commands will return a JSON you can parse, just like the specifications in https://latch.elevenpaths.com suggest. An example of using this scripts for pairing, getting the status and unparing For another approach to this problem, the SDK for powershell may be used, that will be available soon. Latch Event Monitor: New tool to integrate Latch with Windows EventsHeartbleed plugin, ready for FaasT
ElevenPaths ElevenPaths Radio English #2 – Secure Homeworking It is increasingly common to see companies that offer their workers the possibility of working from home, combining it with work from the office, and even companies that are...
ElevenPaths ElevenPaths Joins OpenSSF to Enhance Open Source Software Security This new Open Source Security Foundation (OpenSSF) brings together leading technology companies such as Microsoft, Google, Red Hat and IBM, among others.It combines efforts from the Core Infrastructure Initiative,...
Innovation and Laboratory Area in ElevenPaths ClipBanker Malware Tries to Stop Our Defence Tool CryptoClipWatcher The malware capable of modifying the clipboard to “switch” the crypto wallet still exists. To fight it, ElevenPaths developed CryptoClipWatcher, a tool that monitors the clipboard and alerts if...
Gabriel Bergel Cybersecurity and Pandemic (I): People Cybersecurity is even more important in these times of pandemic and increasing cyberattacks, yes, but in addition to being a business focus at the corporate level, it must also...
ElevenPaths Cybersecurity Weekly Briefing July 25-31 BootHole: Vulnerability in GRUB2 Eclypsium researchers have discovered a buffer overflow vulnerability in the GRUB2 bootloader that could be used to execute arbitrary code during the boot process. It has...
Innovation and Laboratory Area in ElevenPaths 4th Anniversary of No More Ransom: ElevenPaths, Partner Entity with Two Tools Discover the tools we contribute to this important initiative launched by Europol to help ransomware victims.
