Sending a message to a webmaster with his public key… The idea behind this I actually got from an April fools released by c&t magazine. To cut a long story short they claimed that weak GDPR phrasing could be a reason that common letter post might need to be properly encrypted. They even provided a tool that extracts a websites public key use it to encrypt a provided message.
Anyway. I was thinking how I could use this to send webmasters encrypted messages when they do not offer public keys emailing. And for some reason I do not was to ask them for keys. Maybe because I am incredibly clever and shy at the same time … never mind.
To get a basic understanding how symmetric and asymmetric encryption - to say the relationship between public and private keys - works just watch this video. I started adding captions in English. Hopefully they will be released into the wild soon.
THX @dunkelmunkel Feel free to watch more of his videos 😉
Grab the key
For this example I will use the website of my female fellow Wintermohn
Two things are needed: A public key and a way to send a message. For the message I think webmaster@ or postmaster@… will probably do.
But first things first. I need a key! (Sorry, played too much Blood lately.)
You should visit the target website beforehand using your browser to check if it loads normally and does not have an invalid or expired certificate.
I used this command to directly extract the public key:
gnutls-cli --print-cert wintermohn.de </dev/null 2>/dev/null|openssl x509 -pubkey -noout
gnutls-cli is a part of the
This should give us an output just like this:
—–BEGIN PUBLIC KEY—– MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1AlZC6RLENTnpRB4MzIH amM1B96QqfqUazWBxx7FNPCOG3gWksbfs9gzYyjWY8YZh6h0I5ng0egJdpfyGVmo 47/ToL3EsO0LYlAI3XMpuI5y3TokAD2kXc+9lm74jNXF4bh0tO+bIXDLnTXJyGJc M8Pa8dyp0ItBcPQJ5Cyo9pPMVAPw62VP304P9yhlKYkhu79agJuuB7BDU76KYFfA rQUOpAD4lz4s+2669P6sv9VGrUEPZeFwA0/OvSV7E8lyF58+VC2Mnk11uVmLg7Iw 4QsjXj0EKwgjzK6We5ehsoknpREnjUyzHsPakeehjRLeKx53OqyyuSqOA2mqiIYu fwIDAQAB —–END PUBLIC KEY—–
The output may vary because certificates getting renewed from time to time which obviously causes keys to change.
For further processing the key should be saved into a file, pubkey.txt for example. This can easily be achieved by adding
> pubkey.txt behind the command above.
Use the key
As learned earlier a public key can be used to encrypt a message in a way that the only method to decrypt it is to own the private key. So let’s do it.
To make my live a bit easier first I created a simple text file with my message inside. I call it message.txt and it contains this:
——- PLAIN TEXT ——- Dear Wintermohn, how are you? xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx ——- PLAIN TEXT ——-
There is no need for the PLAIN TEXT stuff, I just added it for better understanding. I censored a part of the message because I want to know if Wintermohn is capable to decrypt the message ;-).
Alright, lets just do a quick summary:
pubkey.txtcontaining our public key
message.txtcontaining our unencrypted message.
encrypted.txtcontaining our encrypted message.
privkey.txtcontaining their private key. More on that one later.
For encrypting the message I used this command:
openssl rsautl -encrypt -pubin -inkey pubkey.txt -in message.txt | base64
The output should look like this:
telIPRnagUFqxxhuv6lFs2fXMfPJxV0bHIZl58NXUp/F2aiiJPotWzVoCN7GAZomadvqRvEWrWFk 33uqAw7VsfWPT1/RmfBY2jRpbZVaukpjn0HWeYeFe0LgVXQjCjVxHXiyOWkRe1LejCJagWdT7SZv cNlOJgRV7R2JHS52DhfzOejd1XA9nJkNU1EAkKxO2LnLhh5K+no6TRtm6vksuYUFt82DUbg6gW00 6r6q8ibbAyhPHCFXYvp+ybqLv+/j6/0c1Kr5R8Dl9o1IRpyeJsh2CEeWzeuSAhlRGpAwBTNPTamn P5hHitwNCcincXmijwONCRrdzkiH0vDMTWwnYg==
We can put it directly into a file using
> encrypted.txt added to the command above.
This is actually not the “plain” encrypted message. It has been converted in a “human readable” way using
base64. Just try to open the encrypted message without
base64 and see the mess…
And done. All left to do is to send the message to the webmaster with some additional information about which public key has been used to encrypt it. Otherwise our receiver will have a very tough time… Or most likely simply discards your message.
Switching the roles
Now I am Wintermohn and received a message encrypted with the public key of my website.
First I need to grab my private key which is usually stored on the webserver and looks something like this:
—–BEGIN PRIVATE KEY—– MIIEpAIBAAKCAQEAtcI5KkctI4K40dXmrxof4IJPmh5o2tgFRJqA6pJil5yUNEfV YVv6Uk52PgRhW5Y9B60ih1MuCfkUgkriaSAUITUWkNPHa6ns5X+0dLoXjWSWrmkA oZDHoKgmhMleQWznzzp827dNTw+IB48BJahwIyrSNs13j1uBiWdHiDokWkkuAD8L 6zyzh65hj3e4iYOSh6zlTmA5Ew9K1gxWgHt5SCNP4e1cRswAzOdz/uAp/7tJ6Osm +qqNVzGGxsDsnhO5mKHC3vi9OVBW0XO4rbz5uzNjelVFsBuc0mp6rBrBLvyXKH1n 1ZwP5S8U7N/WOHI/a8PHYXjMKJ6ixTwU6WcWhwIDAQABAoIBAQCPrW6+6vDVp1ou FaZ7OG2Gbbw7GlrM1AKmDnRl+T2Sl6XYBgi5I5onQfraX2AOpB6uWMB4tNop7Am4 TTXY4BDJh0vFRIPZqcOoT2D4/LntfVxXlo13KhmD+Cgqw3uMwGgmOhfFH4svOhnP z82aVSH/yrPNunIOksk9MrUrDLr72pPyl5YNAxRBt/rfKMtXzibJrrj+L7+d7cGk u7OLM+IAwM/47oKJ8eY3XyvzVLqF+ls7+rdz5cJZ1faTfaYj+76E6MOPe7wqHKa0 f46JihR0J7UhO/Gnx+RwiSJEfyYv4m9hPiHE3M3fkuTz0VzBlM+SvbC9pBHp1zDU HJ4v281BAoGBAOFzpi1DXIgLUqAYjzWG9Iv49zCIv+k3P2DwSCJELSbOtIiKVowZ PD1sdHfpXL9RMndlndBtJY4W6IzlySyDBiBdl4Lni0Cc93JjEPGO9UhOqjavOf/L 1GJNon3tgw6lCd9KQ/kuDFlscjSfwW+XnpZlnuqRvidd8SPEaOlspqcRAoGBAM5i +N7KiivgjSXuABcVmxR5PIRj3BNYsnloEUU/6oR1pLyFgNYBt+MxndS6M2J8Obt7 2b05emk/oZhbFNF2SzT0R/eP76XfhKPy20vS9t1h67FH0zOcBpKfrM4UJJYhQ5g7 7X73bFuJOpDeK5yVuvT1HoKkW70+JUFbOkcq1NQXAoGBANxwh/uZ8c/TwmZnnR9p ZZO3S3tZOsx+CKpwRxe6MavQURVwrk8uHYixku/sbZNjgUTdRwGUtzPHknqx85Ji Sos69/o3DCGRWSGvW9HVRl/9CtGNY9iJJJE597fJlGutU4nQw8XREKIfN0vdKPZD +fx0QH57IsK7SB0A3tPeONUBAoGAC5X0wJUAIqxtYAa3TJRy6zhPFGOCtDdTdYtJ BOksohj0kXyxGdJo30Emyg1V2x58IzE1rPCwFX5z9NiQF54bZLKd46DZ5CbjDE0S 0HPcVdssXvxYN9p3Z/28tqjc0Oy3HbGniGwdUhonBoDiU9z37M5h0xWk7L+zWbLk V6Bo6CsCgYA6CK5YADGuwRxHUtNWpFjl+CK4bijbMySZk+KVxwo64Nmu0JqCfU+x b9jWvaWcv8sbykIGYggZNfoXOlXbdMIxOAi7D3J+MNqZ27gSnxm4p+c1E3BQClI9 jpuNJihMBjUrlys67pyrnKkKmUa6rNAEj3NXs73/amK9xcHhjgmOVg== —–END PRIVATE KEY—–
Storing the key into a file makes it easier to use it in the command line, so new file:
Using this command I can decrypt the message:
base64 -d encrypted.txt |openssl rsautl -decrypt -inkey privkey.txt
I thought this might be interesting. And even not it was fun to write about it. If you do have any comments or questions just answer to this tweet:
New blog post: Message webmasters with their websites public keyhttps://t.co/qtsUbiDMr4— Ben Zucker 🍰 (@DieZuckerbude) June 4, 2019