forked from MISP/misp-packer
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathverify.txt
121 lines (88 loc) · 4.39 KB
/
verify.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
How to verify the Automate MISP-VMs?
------------------------------------
In this directory you will find the following files:
- OVA File (VirtualBox export of the VM)
- ZIP File (ZIP Packae of the VMware VM)
- ASC File (PGP Armored file of the above files)
- checksums Directory (The directory with all the checksums of the above files)
Verify VirtualBox OVA
---------------------
1. Download signatures
Download the OVA and the ASC into the same directory.
2. Verify signatures
On the command line verify the PGP signature first, example:
$ gpg --keyserver pgp.circl.lu --recv-key 0x34F20B13
$ gpg --verify [email protected] [email protected]
gpg: Signature made Wed 15 May 2019 07:04:42 PM JST
gpg: using RSA key EDEC891834F20B13
gpg: Good signature from "CIRCL MISP (CIRCL MISP VM Release Key) <[email protected]>" [ultimate]
3. Download SFV files
Now download the checksum file and its signature, and verify.
$ wget https://www.circl.lu/misp-images/latest/checksums/[email protected]
$ wget https://www.circl.lu/misp-images/latest/checksums/[email protected]
$ gpg --verify [email protected] [email protected]
gpg: Signature made Wed 15 May 2019 07:15:10 PM JST
gpg: using RSA key EDEC891834F20B13
gpg: BAD signature from "CIRCL MISP (CIRCL MISP VM Release Key) <[email protected]>" [ultimate]
If you get a BAD signature, please download again.
Next, use rhash or go with the manual way.
rhash
-----
$ cat [email protected] |sed 's/@\(.*\)-/@latest-/g' |sed 's/@\(.*\).ova/@latest.ova/g' |rhash -c -v --percents -
--( Verifying [email protected] )-------------------------------
--------------------------------------------------------------------------------
Everything OK
Manual (not recommended)
------------------------
Take any file you want to verify, with sha1-sum for example.
$ shasum [email protected] | cut -f 1 -d\ |grep -o -i -f - [email protected]
D3A2EBF751E31C6972F89DEC4F57D69C4681A142
If you get back a shasum, it worked, the file is safe and sound.
Now you could do this, for all files, for all the checksums (sha1/256/384/512) OR just use rhash.
Verify VMware
-------------
1. Download signatures
Download the ZIP and the ASC into the same directory.
2. Verify signatures
On the command line verify the PGP signature first, example:
$ gpg --verify [email protected] [email protected]
gpg: Signature made Wed 15 May 2019 07:04:42 PM JST
gpg: using RSA key EDEC891834F20B13
gpg: Good signature from "CIRCL MISP (CIRCL MISP VM Release Key) <[email protected]>" [ultimate]
Do step number 3 from above.
$ unzip [email protected]
Archive: [email protected]
inflating: VMware/disk-s001.vmdk
inflating: VMware/disk-s002.vmdk
inflating: VMware/disk-s003.vmdk
inflating: VMware/disk-s004.vmdk
inflating: VMware/disk-s005.vmdk
inflating: VMware/disk-s006.vmdk
inflating: VMware/disk-s007.vmdk
inflating: VMware/disk.vmdk
inflating: VMware/[email protected]
inflating: VMware/[email protected]
extracting: VMware/[email protected]
inflating: VMware/[email protected]
inflating: VMware/[email protected]
$ cd VMware
$ rhash -c -v --percents [email protected]
Config file: /etc/rhashrc
--( Verifying [email protected] )-----------------------------------------------
disk-s001.vmdk OK
disk-s002.vmdk OK
disk-s003.vmdk OK
disk-s004.vmdk OK
disk-s005.vmdk OK
disk-s006.vmdk OK
disk-s007.vmdk OK
disk.vmdk OK
--------------------------------------------------------------------------------
Everything OK
You can be more or less confident that verything is fine.