Security

Cryptographic Fundamentals Key Pair (Public Key + Private Key) The foundation of TLS. Generated together mathematically. # Generate key pair openssl genrsa -out private.key 2048 openssl rsa -in private.key -pubout -out public.key What they do: Encrypt with public key → Only private key can decrypt Sign with private key → Anyone with public key can verify Certificate (X.509) A certificate = public key + identity information + signature from CA. ┌─────────────────────────────────────────────────────────────────┐ │ Certificate Contents │ │ │ │ Subject: CN=api.example.com, O=MyCompany ← Who this is │ │ Issuer: CN=DigiCert CA ← Who signed it │ │ Valid From: 2026-01-01 │ │ Valid To: 2027-01-01 │ │ Public Key: MIIBIjANBgkqhkiG9w0BAQEFA... ← Embedded │ │ Signature: a7f3b2c1d4e5f6... ← CA's stamp │ └─────────────────────────────────────────────────────────────────┘ Certificate is NOT secret - it contains public key and can be shared freely. ...

The Bandit wargame taught me the basics needed to be able to play other wargames. Level 0 –> 1 Login : ssh bandit0@bandit.labs.overthewire.org -p 2220 Password : bandit0 Steps to resolve : cat readme Level 1 -> 2 Login : ssh bandit1@bandit.labs.overthewire.org -p 2220 Password : ZjLjTmM6FvvyRnrb2rfNWOZOTa6ip5If Steps to resolve : cat ./- prefix the filename with a path Level 2 -> 3 Login : ssh bandit2@bandit.labs.overthewire.org -p 2220 Password : 263JGJPfgU6LtdEvgfWU1XP5yac29mFx ...

What is a Shell? Shell = command interpreter program that provides an interactive environment for running commands. Common shells: /bin/bash - Bourne Again Shell (most common) /bin/sh - Bourne Shell (POSIX standard) /bin/zsh - Z Shell /bin/dash - Debian Almquist Shell What shells do: Provide interactive prompt for typing commands Interpret and execute commands Run other programs Handle scripting with shell syntax Manage environment (variables, paths, job control) Understanding /etc/passwd /etc/passwd = file containing user account information ...