This time it's just hanging around in memory, no need to do anything
about the anti-debug.
$ openssl x509 -noout -modulus -in 300288180.crt|md5sum
f423a009387fb7a306673b517ed4f163 -
$ openssl rsa -noout -modulus -in alibaba-localhost.key.pem|md5sum
f423a009387fb7a306673b517ed4f163 -
You can
On Mon, Dec 25, 2017 at 7:50 PM, Matthew Hardeman via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> Part of the trouble in relying upon the name alone is that on many OS's
> (maybe all -- at least all the ones that matter for client side work) can
> have localhost
I sent the key to Jeremy on Tuesday as Hanno suggested, and it was revoked
at 9am the next morning.
The encrypted private key information is only in memory during startup, so
I identified that bit of code and broke into a debugger. You could pull the
parameters out of OpenSSL's internals too.
On Mon, Dec 25, 2017 at 5:01 PM, Matthew Hardeman via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> On Monday, December 25, 2017 at 10:24:30 AM UTC-6, Hanno Böck wrote:
> > On Mon, 25 Dec 2017 14:43:21 +
> > Jeremy Rowley via dev-security-policy
> >
4 matches
Mail list logo