dimanche 16 août 2015
Cloud personnel - les services du cloud, contrôlés par l'utilisateur - ...
http://closure-compiler.appspot.com/code/jsc6fb2a9faf778053b12affec34c376cd6/default.js
samedi 15 août 2015
Random GUID generator in Java
RandomGUID.java
/* * RandomGUID * @version 1.2.1 11/05/02 * @author Marc A. Mnich * * From www.JavaExchange.com, Open Software licensing * * 11/05/02 -- Performance enhancement from Mike Dubman. * Moved InetAddr.getLocal to static block. Mike has measured * a 10 fold improvement in run time. * 01/29/02 -- Bug fix: Improper seeding of nonsecure Random object * caused duplicate GUIDs to be produced. Random object * is now only created once per JVM. * 01/19/02 -- Modified random seeding and added new constructor * to allow secure random feature. * 01/14/02 -- Added random function seeding with JVM run time * */ import java.net.*; import java.util.*; import java.security.*; /* * In the multitude of java GUID generators, I found none that * guaranteed randomness. GUIDs are guaranteed to be globally unique * by using ethernet MACs, IP addresses, time elements, and sequential * numbers. GUIDs are not expected to be random and most often are * easy/possible to guess given a sample from a given generator. * SQL Server, for example generates GUID that are unique but * sequencial within a given instance. * * GUIDs can be used as security devices to hide things such as * files within a filesystem where listings are unavailable (e.g. files * that are served up from a Web server with indexing turned off). * This may be desireable in cases where standard authentication is not * appropriate. In this scenario, the RandomGUIDs are used as directories. * Another example is the use of GUIDs for primary keys in a database * where you want to ensure that the keys are secret. Random GUIDs can * then be used in a URL to prevent hackers (or users) from accessing * records by guessing or simply by incrementing sequential numbers. * * There are many other possiblities of using GUIDs in the realm of * security and encryption where the element of randomness is important. * This class was written for these purposes but can also be used as a * general purpose GUID generator as well. * * RandomGUID generates truly random GUIDs by using the system's * IP address (name/IP), system time in milliseconds (as an integer), * and a very large random number joined together in a single String * that is passed through an MD5 hash. The IP address and system time * make the MD5 seed globally unique and the random number guarantees * that the generated GUIDs will have no discernable pattern and * cannot be guessed given any number of previously generated GUIDs. * It is generally not possible to access the seed information (IP, time, * random number) from the resulting GUIDs as the MD5 hash algorithm * provides one way encryption. * * ----> Security of RandomGUID: <----- * RandomGUID can be called one of two ways -- with the basic java Random * number generator or a cryptographically strong random generator * (SecureRandom). The choice is offered because the secure random * generator takes about 3.5 times longer to generate its random numbers * and this performance hit may not be worth the added security * especially considering the basic generator is seeded with a * cryptographically strong random seed. * * Seeding the basic generator in this way effectively decouples * the random numbers from the time component making it virtually impossible * to predict the random number component even if one had absolute knowledge * of the System time. Thanks to Ashutosh Narhari for the suggestion * of using the static method to prime the basic random generator. * * Using the secure random option, this class compies with the statistical * random number generator tests specified in FIPS 140-2, Security * Requirements for Cryptographic Modules, secition 4.9.1. * * I converted all the pieces of the seed to a String before handing * it over to the MD5 hash so that you could print it out to make * sure it contains the data you expect to see and to give a nice * warm fuzzy. If you need better performance, you may want to stick * to byte[] arrays. * * I believe that it is important that the algorithm for * generating random GUIDs be open for inspection and modification. * This class is free for all uses. * * * - Marc */ public class RandomGUID extends Object { public String valueBeforeMD5 = ""; public String valueAfterMD5 = ""; private static Random myRand; private static SecureRandom mySecureRand; private static String s_id; /* * Static block to take care of one time secureRandom seed. * It takes a few seconds to initialize SecureRandom. You might * want to consider removing this static block or replacing * it with a "time since first loaded" seed to reduce this time. * This block will run only once per JVM instance. */ static { mySecureRand = new SecureRandom(); long secureInitializer = mySecureRand.nextLong(); myRand = new Random(secureInitializer); try { s_id = InetAddress.getLocalHost().toString(); } catch (UnknownHostException e) { e.printStackTrace(); } } /* * Default constructor. With no specification of security option, * this constructor defaults to lower security, high performance. */ public RandomGUID() { getRandomGUID(false); } /* * Constructor with security option. Setting secure true * enables each random number generated to be cryptographically * strong. Secure false defaults to the standard Random function seeded * with a single cryptographically strong random number. */ public RandomGUID(boolean secure) { getRandomGUID(secure); } /* * Method to generate the random GUID */ private void getRandomGUID(boolean secure) { MessageDigest md5 = null; StringBuffer sbValueBeforeMD5 = new StringBuffer(); try { md5 = MessageDigest.getInstance("MD5"); } catch (NoSuchAlgorithmException e) { System.out.println("Error: " + e); } try { long time = System.currentTimeMillis(); long rand = 0; if (secure) { rand = mySecureRand.nextLong(); } else { rand = myRand.nextLong(); } // This StringBuffer can be a long as you need; the MD5 // hash will always return 128 bits. You can change // the seed to include anything you want here. // You could even stream a file through the MD5 making // the odds of guessing it at least as great as that // of guessing the contents of the file! sbValueBeforeMD5.append(s_id); sbValueBeforeMD5.append(":"); sbValueBeforeMD5.append(Long.toString(time)); sbValueBeforeMD5.append(":"); sbValueBeforeMD5.append(Long.toString(rand)); valueBeforeMD5 = sbValueBeforeMD5.toString(); md5.update(valueBeforeMD5.getBytes()); byte[] array = md5.digest(); StringBuffer sb = new StringBuffer(); for (int j = 0; j < array.length; ++j) { int b = array[j] & 0xFF; if (b < 0x10) sb.append('0'); sb.append(Integer.toHexString(b)); } valueAfterMD5 = sb.toString(); } catch (Exception e) { System.out.println("Error:" + e); } } /* * Convert to the standard format for GUID * (Useful for SQL Server UniqueIdentifiers, etc.) * Example: C2FEEEAC-CFCD-11D1-8B05-00600806D9B6 */ public String toString() { String raw = valueAfterMD5.toUpperCase(); StringBuffer sb = new StringBuffer(); sb.append(raw.substring(0, 8)); sb.append("-"); sb.append(raw.substring(8, 12)); sb.append("-"); sb.append(raw.substring(12, 16)); sb.append("-"); sb.append(raw.substring(16, 20)); sb.append("-"); sb.append(raw.substring(20)); return sb.toString(); } /* * Demonstraton and self test of class */ public static void main(String args[]) { for (int i=0; i< 100; i++) { RandomGUID myGUID = new RandomGUID(); System.out.println("Seeding String=" + myGUID.valueBeforeMD5); System.out.println("rawGUID=" + myGUID.valueAfterMD5); System.out.println("RandomGUID=" + myGUID.toString()); } } }
Download RandomGUID. -- generates truly random GUIDs in the standard format.
Java Exchange is dedicated to servlet-based technologies for Java. The current focus is on servlet-based applications involving database backends. Database expertise is centered around Oracle® and Solid®.
JSTemplate
JSTemplate allows you to create flexible templates from any URL source. The templates take advantage of free format, user defined tags. One of the immediate problems encountered in designing Web Based applications is that of having HTML in your code or the alternative of having code in your HTML (as with ASP or JSP). After experimenting with both of these problems, I decided to build a very simple, straightforward solution that leverages the power of HTML without imposing arbitrary and rigid tag definitions. The result is JSTemplate. JSTemplate allows you to call up a template from any URL source and has two methods for the replacement of on-the-fly tags. Tags may be replaced only once (performance benefit) or as many times as you may specify.Here are some sample tags:
- [MyTag] (A tag which is visible in the template and in the resulting instance if not replaced)
- <!MyTag> (A tag which is not visible in the template and remains invisible if not replaced)
- <!--MyTag>Some other text in here <--> (A tag which can be used to hide or display a section of HTML. Only the <!--MyTag> needs to be replaced to control the section of HTML)
- Think of your own tag to do just about anything you need to do without have ayy HTML in your code!
- You can store and move your templates anywhere on the Internet. Have your Web server running on one machine and your templates on another.
- When used with Web Serving caching, this system can outperform systems that use file system based templates.
- JSTemplate Source Code
######################################################
/**
* JSTemplate
*@version 2.0.1 11/20/97
*@author Marc A. Mnich
*@Copyright Marc A. Mnich 1997
*/
package com.javaexchange.jstemplate;
import java.io.*;
import java.net.*;
import java.util.*;
/**
* JSTemplate
* A Java Servlet Template Engine.
* Creates flexible templates from any URL source
* and allows for user defined tags.
*@version 2.0.1 11/20/97
*@author Marc A. Mnich
*/
public class JSTemplate {
private String content=null;
private long timeLoaded;
private String buffContent;
private URL url;
/* Creates a new Template for the given URL. The template is
* reloaded only if the timestamp of the URL has changed since the last load.
*/
public JSTemplate(URL url) throws IOException {
this.url=url;
loadURL(url);
}
/* Load the template by getting the data from the URL.
*/
public void loadURL(URL url) throws IOException {
Date now = new Date();
try {
StringBuffer buffer = new StringBuffer();
URLConnection uc = url.openConnection();
uc.connect();
InputStream in = uc.getInputStream();
int i;
while ( ( i = in.read() ) != -1 ) {
buffer.append( ( char )i );
}
content = buffer.toString();
timeLoaded = now.getTime();
} catch (IOException e) {
throw new IOException("JSTemplate construction error --> " + e);
}
buffContent = content; // Local copy
}
public int replaceTagRange(String tag1, String tag2, String text,
int howMany) {
int pointer=0, count=0, index1, index2;
boolean done=false;
while(!done) {
index1 = buffContent.indexOf(tag1,pointer);
if(index1 > -1) {
index2 = buffContent.indexOf(tag2,pointer + tag1.length());
if(index2 > -1) { //Found both tags, now replace
buffContent = buffContent.substring(0,index1) +
text +
buffContent.substring(index2 + tag2.length());
pointer = index1 + text.length();
count++;
if(howMany > 0 && count >= howMany) {
done=true;
}
} else {
done=true;
}
} else {
done=true;
}
}
return count;
}
public int replaceTag(String tag, String text, int howMany) {
int pointer=0, count=0, index;
boolean done=false;
while(!done) {
index = buffContent.indexOf(tag,pointer);
if(index > -1) {
buffContent = buffContent.substring(0,index) +
text + buffContent.substring(index + tag.length());
pointer = index + text.length();
count++;
if(howMany > 0 && count >= howMany) {
done=true;
}
} else {
done=true;
}
}
return count;
}
public int replaceTagRange(String tag1, String tag2, String text) {
return replaceTagRange(tag1,tag2,text,-1);
}
public int replaceTag(String tag, String text) {
return replaceTag(tag,text,-1);
}
public String toString() {
return buffContent;
}
/**
** Reload the template from the source only if it has changed.
** Use this only if you have created the template in the init section.
*/
public void reloadOnChanged() throws IOException {
URLConnection conn = url.openConnection();
long mod = conn.getLastModified(); // Not much traffic for this
if((mod - timeLoaded) > 0) { // Reload if it has changed
loadURL(url);
}
}
// Allow template to be reset without reloading from source
public void reset() {
buffContent = content;
}
}
jeudi 6 août 2015
mercredi 5 août 2015
Kali Linux Downloads
We generate fresh Kali Linux image files every few months, which we make available for download. This page provides the links to download Kali Linux in it’s latest release. For a release history, check our Kali Linux Releases page.
| Image Name |
| Direct |
| Torrent |
| Size |
| Version |
| Kali Linux 64 bit |
| ISO |
| Torrent |
| 3.0G |
| Kali Linux 32 bit |
| ISO |
| Torrent |
| 3.1G |
| Kali Linux 64 bit mini |
| ISO |
| Torrent |
| 28M |
| Kali Linux 32 bit mini |
| ISO |
| Torrent |
| 28M |
| Kali Linux armel |
| Image |
| Torrent |
| 2.1G |
| Kali Linux armhf |
| Image |
| Torrent |
| 2.0G |
Download Kali Linux VMware and VirtualBox images
Are you looking for Kali Linux VMWare or VirtualBox images? The good folks at Offensive Security
(who are also the funders, founders, and developers of Kali Linux) have
generated alternate flavours of Kali using the same build
infrastructure as the official Kali releases. VMWare, VirtualBox and ARM architecture Kali images produced by Offensive Security can be found at the Official Offensive Security Kali Linux ARM and VMWare Images page.
Download Kali Linux Images Securely
When you download an image, be sure to download the SHA1SUMS and SHA1SUMS.gpg files that are next to the downloaded image (i.e. in the same directory on the Kali Linux Download Server).
Before verifying the checksums of the image, you must ensure that the
SHA1SUMS file is the one gene
rated by Kali. That’s why the file is
signed by Kali’s official key with a detached signature in SHA1SUMS.gpg.
Kali’s official key can be downloaded like so:
Kali Linux Downloads
Download Kali Linux Images
We generate fresh Kali Linux image files
every few months, which we make available for download. This page
provides the links to download Kali Linux in it’s latest release. For a release history, check our Kali Linux Releases page.
| Image Name | Direct | Torrent | Size | Version | |
| Kali Linux 64 bit | ISO | Torrent | 3.0G | ||
| Kali Linux 32 bit | ISO | Torrent | 3.1G | ||
| Kali Linux 64 bit mini | ISO | Torrent | 28M | ||
| Kali Linux 32 bit mini | ISO | Torrent | 28M | ||
| Kali Linux armel | Image | Torrent | 2.1G | ||
| Kali Linux armhf | Image | Torrent | 2.0G |
Download Kali Linux VMware and VirtualBox images
Are you looking for Kali Linux VMWare or VirtualBox images? The good folks at Offensive Security
(who are also the funders, founders, and developers of Kali Linux) have
generated alternate flavours of Kali using the same build
infrastructure as the official Kali releases. VMWare, VirtualBox and ARM architecture Kali images produced by Offensive Security can be found at the Official Offensive Security Kali Linux ARM and VMWare Images page.
Download Kali Linux Images Securely
When you download an image, be sure to download the SHA1SUMS and SHA1SUMS.gpg files that are next to the downloaded image (i.e. in the same directory on the Kali Linux Download Server).
Before verifying the checksums of the image, you must ensure that the
SHA1SUMS file is the one generated by Kali. That’s why the file is
signed by Kali’s official key with a detached signature in SHA1SUMS.gpg.
Kali’s official key can be downloaded like so:
$ wget -q -O - https://www.kali.org/archive-key.asc | gpg --import
# or...
$ gpg --keyserver hkp://keys.gnupg.net --recv-key 7D8D0BF6
# ...and verify that the displayed fingerprint matches the one below
$ gpg --list-keys --with-fingerprint 7D8D0BF6
pub 4096R/7D8D0BF6 2012-03-05 [expires: 2018-02-02]
Key fingerprint = 44C6 513A 8E4F B3D3 0875 F758 ED44 4FF0 7D8D 0BF6
uid Kali Linux Repository devel@kali.org
sub 4096R/FC0D0DCB 2012-03-05 [expires: 2018-02-02]
# or...
$ gpg --keyserver hkp://keys.gnupg.net --recv-key 7D8D0BF6
# ...and verify that the displayed fingerprint matches the one below
$ gpg --list-keys --with-fingerprint 7D8D0BF6
pub 4096R/7D8D0BF6 2012-03-05 [expires: 2018-02-02]
Key fingerprint = 44C6 513A 8E4F B3D3 0875 F758 ED44 4FF0 7D8D 0BF6
uid Kali Linux Repository devel@kali.org
sub 4096R/FC0D0DCB 2012-03-05 [expires: 2018-02-02]
Once you have downloaded both SHA1SUMS and SHA1SUMS.gpg, you can verify the signature as follows:
$ gpg --verify SHA1SUMS.gpg SHA1SUMS
gpg: Signature made Thu Mar 7 21:26:40 2013 CET using RSA key ID 7D8D0BF6
gpg: Good signature from "Kali Linux Repository devel@kali.org"
gpg: Signature made Thu Mar 7 21:26:40 2013 CET using RSA key ID 7D8D0BF6
gpg: Good signature from "Kali Linux Repository devel@kali.org"
If you don’t get that “Good signature”
message or if the key ID doesn’t match, then you should stop the process
and review whether you downloaded the images from a legitimate Kali
mirror.
Want an Updated or Custom Kali Image ?
Feeling a little more adventurous? Want
to build the latest version of Kali? Want to customize your ISO? Looking
for KDE, LXDE, MATE, XFCE and other customizations? This is the option
for you. With everything set up correctly, the basic process is as
simple as:
apt-get install git live-build cdebootstrap
git clone git://git.kali.org/live-build-config.git
cd live-build-config
./build.sh
git clone git://git.kali.org/live-build-config.git
cd live-build-config
./build.sh
Ready for the OSCP?
Join the ever growing group of well trained and highly skilled Offensive Security Certified Professionals. Learn hands-on, real world penetration testing from the creators of Kali Linux.
$ wget -q -O - https://www.kali.org/archive-key.asc | gpg --import
# or...
$ gpg --keyserver hkp://keys.gnupg.net --recv-key 7D8D0BF6
# ...and verify that the displayed fingerprint matches the one below
$ gpg --list-keys --with-fingerprint 7D8D0BF6
pub 4096R/7D8D0BF6 2012-03-05 [expires: 2018-02-02]
Key fingerprint = 44C6 513A 8E4F B3D3 0875 F758 ED44 4FF0 7D8D 0BF6
uid Kali Linux Repository devel@kali.org
sub 4096R/FC0D0DCB 2012-03-05 [expires: 2018-02-02]
# or...
$ gpg --keyserver hkp://keys.gnupg.net --recv-key 7D8D0BF6
# ...and verify that the displayed fingerprint matches the one below
$ gpg --list-keys --with-fingerprint 7D8D0BF6
pub 4096R/7D8D0BF6 2012-03-05 [expires: 2018-02-02]
Key fingerprint = 44C6 513A 8E4F B3D3 0875 F758 ED44 4FF0 7D8D 0BF6
uid Kali Linux Repository devel@kali.org
sub 4096R/FC0D0DCB 2012-03-05 [expires: 2018-02-02]
Once you have downloaded both SHA1SUMS and SHA1SUMS.gpg, you can verify the signature as follows:
$ gpg --verify SHA1SUMS.gpg SHA1SUMS
gpg: Signature made Thu Mar 7 21:26:40 2013 CET using RSA key ID 7D8D0BF6
gpg: Good signature from "Kali Linux Repository devel@kali.org"
gpg: Signature made Thu Mar 7 21:26:40 2013 CET using RSA key ID 7D8D0BF6
gpg: Good signature from "Kali Linux Repository devel@kali.org"
If you don’t get that “Good signature”
message or if the key ID doesn’t match, then you should stop the process
and review whether you downloaded the images from a legitimate Kali
mirror.
Want an Updated or Custom Kali Image ?
Feeling a little more adventurous? Want to build the latest version of Kali? Want to customize your ISO? Looking for KDE, LXDE, MATE, XFCE and other customizations? This is the option for you. With everything set up correctly, the basic process is as simple as:
apt-get install git live-build cdebootstrap
git clone git://git.kali.org/live-build-config.git
cd live-build-config
./build.sh
git clone git://git.kali.org/live-build-config.git
cd live-build-config
./build.sh
Ready for the OSCP?
Join the ever growing group of well trained and highly skilled Offensive Security Certified Professionals. Learn hands-on, real world penetration testing from the creators of Kali Linux.
Inscription à :
Articles (Atom)