This is a cryptographically signed message in MIME format. --------------ms8A0EA4FF6CF78031FAE5E6B3 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Jon Mitchell earlier posted information on HP's Secure Web Console (see his post attached below), speculating that it uses a secret decoder ring type "encryption" (encoding) method (and not MD5). That's hard to believe, but if so, the below perl script will encode (and decode) strings passed through SWC. #!/bin/perl # # swc_crypt_test # # Syntax: swc_crypt_test [option] [word] # # encrypt example: swc_crypt_test -e abcd # output: VUTS # # decrypt example: swc_crypt_test -d VUTS # output: ABCD # if(!$ARGV[0]) { &usage; } if($ARGV[0] ne "-e" && $ARGV[0] ne "-d") { &usage; } if($ARGV[0] eq "-e") { $string=$ARGV[1]; $string=~s/(.*)/\u\U$1/g; $string=~y/A-Za-z/S-ZA-za-m/; $output = reverse $string; print $output; } if($ARGV[0] eq "-d") { $string=$ARGV[1]; $string=~y/S-ZA-za-m/A-Za-z/; $string=~s/(.*)/\l\L$1/g; $output = reverse $string; print $output; } sub usage { print "\nUsage: poor_crypt [option] [word]\n"; print "\n-e encrypts the supplied string"; print "\n-d decrypts the supplied string\n"; print "\n***Note: your string MUST be in uppercase.\n"; exit; } Jon Mitchell wrote: The Secure Web Console is a device that looks (and acts) like a JetDirect printserver. It has one ethernet port and one serial port. The idea behind it is that you can connect your console cable from your HP9000 machine to this device and put it on the network. This way you can connect to your HP9000's via a web browser so remote access to the console is easy. Since this is actual console access you could potentially do upgrades or reboots into single user mode safely from this device without being onsite. The problem with this device is the word Secure in the name. This implies that this device is providing secure access from the network. The information on this devices web site http://www.hp.com/go/webconsole states that it currently uses MD5 user digest as the encryption scheme and that future firmware will support SSL. We have the latest firmware installed at this time of A1.6 (A.01.06.001) Upon first connecting we noticed that it would not support an SSL connection as the documentation states. Because even the first page you access on this device is a Java applet, we assumed the best, that encryption was somehow provided through that. However we discovered that it does not appear to be any sort of MD5 encryption scheme (although I'm not an encryption expert), but in actuality what we've deemed Secret Decoder Ring encryption. The letters are one to one with another letter, and even worse, in order as well. Here's an example of two sets of letters: You type: abcd Transmits: VUTS You type: ABCD Transmits: vuts Thanks to Joe Munson for helping debug this and coming up with the Secret Decoder Ring reference (which reminded me of the Little Orphan Annie Ring, that only says to drink more Ovaltine, in the Christmas Story). --------------ms8A0EA4FF6CF78031FAE5E6B3 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIIM4QYJKoZIhvcNAQcCoIIM0jCCDM4CAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCC Cm0wggUCMIIEa6ADAgECAhBi4KikVUVRIQ8eelGrIZXMMA0GCSqGSIb3DQEBBAUAMIHMMRcw FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29y azFGMEQGA1UECxM9d3d3LnZlcmlzaWduLmNvbS9yZXBvc2l0b3J5L1JQQSBJbmNvcnAuIEJ5 IFJlZi4sTElBQi5MVEQoYyk5ODFIMEYGA1UEAxM/VmVyaVNpZ24gQ2xhc3MgMSBDQSBJbmRp dmlkdWFsIFN1YnNjcmliZXItUGVyc29uYSBOb3QgVmFsaWRhdGVkMB4XDTk5MTAyNTAwMDAw MFoXDTAwMTAyNDIzNTk1OVowggEdMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UE CxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazFGMEQGA1UECxM9d3d3LnZlcmlzaWduLmNvbS9y ZXBvc2l0b3J5L1JQQSBJbmNvcnAuIGJ5IFJlZi4sTElBQi5MVEQoYyk5ODEeMBwGA1UECxMV UGVyc29uYSBOb3QgVmFsaWRhdGVkMTMwMQYDVQQLEypEaWdpdGFsIElEIENsYXNzIDEgLSBO ZXRzY2FwZSBGdWxsIFNlcnZpY2UxJDAiBgNVBAMUG1dpbGxpYW0gUmFuZG9scGggUm95ZXJl IElJSTEeMBwGCSqGSIb3DQEJARYPb3NpcmlzQGduc3MuY29tMIGfMA0GCSqGSIb3DQEBAQUA A4GNADCBiQKBgQCoNQ21KaFkjiztN/eU4nfjO969DH/IEHGG7FMz0FXB9/QZCCitELCXxSkw 1t9cXVGcDQ5/Ad4c6yfLQRqUHxVZc2xjOTM5uWmbHaZiLxydlGcQNrA1nddHuGRrBu9naeGg 7jG4AVlcC1q/MBj5nzZBhgYomuwc1JLfNVS222JMTQIDAQABo4IBjzCCAYswCQYDVR0TBAIw ADCBrAYDVR0gBIGkMIGhMIGeBgtghkgBhvhFAQcBATCBjjAoBggrBgEFBQcCARYcaHR0cHM6 Ly93d3cudmVyaXNpZ24uY29tL0NQUzBiBggrBgEFBQcCAjBWMBUWDlZlcmlTaWduLCBJbmMu MAMCAQEaPVZlcmlTaWduJ3MgQ1BTIGluY29ycC4gYnkgcmVmZXJlbmNlIGxpYWIuIGx0ZC4g KGMpOTcgVmVyaVNpZ24wEQYJYIZIAYb4QgEBBAQDAgeAMIGGBgpghkgBhvhFAQYDBHgWdmQ0 NjUyYmQ2M2YyMDQ3MDI5Mjk4NzYzYzlkMmYyNzUwNjljNzM1OWJlZDFiMDU5ZGE3NWJjNGJj OTcwMTc0N2RhNWQzZjIxNDFiZWFkYjJiZDJlODkyMWZhZTZiZjVkNjExNDg5ZmExYmY0NGY5 ZjNlYTQ1MGMwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC52ZXJpc2lnbi5jb20vY2xh c3MxLmNybDANBgkqhkiG9w0BAQQFAAOBgQAk1GPMlziWoSJ8+/CnOHIdJvlivigmJZ+wtvZL VVGliI2Jp+fGacqMRjANSZIy5htk7yTH8mNKHgi37K9wQsvHSb79QKoAoe/BffYggs9FtrQG vJnLjpNhUcMtVcaVnv8rEVENhXSU6d0/hYkKG6tc5KxMNtY0L6YlflarQFfE7zCCAy4wggKX oAMCAQICEQDSdi6NFAw9fbKoJV2v7g11MA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVT MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMSBQdWJsaWMgUHJp bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05ODA1MTIwMDAwMDBaFw0wODA1MTIy MzU5NTlaMIHMMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNpZ24g VHJ1c3QgTmV0d29yazFGMEQGA1UECxM9d3d3LnZlcmlzaWduLmNvbS9yZXBvc2l0b3J5L1JQ QSBJbmNvcnAuIEJ5IFJlZi4sTElBQi5MVEQoYyk5ODFIMEYGA1UEAxM/VmVyaVNpZ24gQ2xh c3MgMSBDQSBJbmRpdmlkdWFsIFN1YnNjcmliZXItUGVyc29uYSBOb3QgVmFsaWRhdGVkMIGf MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC7WkSKBBa7Vf0DeootlE8VeDa4DUqyb5xUv7zo dyqdufBou5XZMUFweoFLuUgTVi3HCOGEQqvAopKrRFyqQvCCDgLpL/vCO7u+yScKXbawNkIz tW5UiE+HSr8Z2vkV6A+HthzjzMaajn9qJJLj/OBluqexfu/J2zdqyErICQbkmQIDAQABo3ww ejARBglghkgBhvhCAQEEBAMCAQYwRwYDVR0gBEAwPjA8BgtghkgBhvhFAQcBATAtMCsGCCsG AQUFBwIBFh93d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvUlBBMA8GA1UdEwQIMAYBAf8C AQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBAgUAA4GBAIi4Nzvd2pQ3AK2qn+GBAXEekmpt L/bxndPKZDjcG5gMB4ZbhRVqD7lJhaSV8Rd9Z7R/LSzdmkKewz60jqrlCwbe8lYq+jPHvhnX U0zDvcjjF7WkSUJj7MKmFw9dWBpJPJBcVaNlIAD9GCDlX4KmsaiSxVhqwY0DPOvDzQWikK5u MIICMTCCAZoCBQKkAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQK Ew5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMSBQdWJsaWMgUHJpbWFyeSBDZXJ0 aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBaFw05OTEyMzEyMzU5NTlaMF8x CzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3Mg MSBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0B AQEFAAOBjQAwgYkCgYEA5Rm/baNWYS2ZSHH2Z965jeu3noaACpEO+jglr0aIguVzqKCbJF0N H8xlbgyw0FaEGIeaBpsQoXPftFg5a27B9hXVqKg/qhIGjTGsf7A01480Z4gJzRQR4k5FVmkf eAKA2txHkSm7NsljXMXg1y2He6G3MrB7MLoqLzGq7qNn2tsCAwEAATANBgkqhkiG9w0BAQIF AAOBgQBSc7qaVdzcP4J9sJCYYiqCTHYAbiU91cIJcFcBDA93Hxih+xxgDqB1O0khQf6nXC1M QknT/yjYjOqd/skH4neCUyPeVfPORJP6+ky9yjbzW2aynsjyDF5e1KG0IQkzyjtZ/JLCOPyt 2ZYk4C36oyn1M2h4TrS8n2k14qiYlHM7xDGCAjwwggI4AgEBMIHhMIHMMRcwFQYDVQQKEw5W ZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazFGMEQGA1UE CxM9d3d3LnZlcmlzaWduLmNvbS9yZXBvc2l0b3J5L1JQQSBJbmNvcnAuIEJ5IFJlZi4sTElB Qi5MVEQoYyk5ODFIMEYGA1UEAxM/VmVyaVNpZ24gQ2xhc3MgMSBDQSBJbmRpdmlkdWFsIFN1 YnNjcmliZXItUGVyc29uYSBOb3QgVmFsaWRhdGVkAhBi4KikVUVRIQ8eelGrIZXMMAkGBSsO AwIaBQCggbEwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNOTkx MjAzMTcwMzA5WjAjBgkqhkiG9w0BCQQxFgQUN/kH2ATJFElqyPEbVjrp6TcHK7owUgYJKoZI hvcNAQkPMUUwQzAKBggqhkiG9w0DBzAOBggqhkiG9w0DAgICAIAwBwYFKw4DAgcwDQYIKoZI hvcNAwICAUAwDQYIKoZIhvcNAwICASgwDQYJKoZIhvcNAQEBBQAEgYAC0pDfD1x1bUOQUJA9 Lx0G+NNLY3JAqpzcyCUYviriVqBua1iSvrjfPIRfMxL94xNJe07L8v8NI7AwtmXdOK5WqpNV +XDqnbrYceaJGZn48Bmr/rtcrY7Kl9u1eHlBN4xWuE0+EuK12LbYqE8Y6fHULMsO8zbDWVMy YNwuA+QlXA== --------------ms8A0EA4FF6CF78031FAE5E6B3--
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:17:09 PDT