Recent Notes

Certificate & Key File Types

3 min read

Certificate & Key File Types

This guide provides an overview of common cryptographic file formats used in security testing, authentication, and secure communications. Understanding these file types is essential for penetration testing and security analysis.

1. .key (Private Key File)

  • Purpose: Contains the private key component of an asymmetric cryptographic key pair.

  • Security Importance: Must be kept confidential; serves as the cryptographic proof of identity.

  • Usage:

    • Decrypts data that was encrypted with the corresponding public key
    • Enables authentication to secure services (e.g., HTTPS, LDAPS, SSH)
    • Signs digital content to verify authenticity

  • Example Commands:

    # Check if the key is encrypted (requires passphrase):
openssl rsa -in baker.key -check
 
# Use with a certificate for authentication (e.g., WinRM):
evil-winrm -i dc01.scepter.htb -S -c baker.crt -k baker.key

2. .crt (Certificate File)

  • Purpose: Contains a public certificate that binds an identity to a public key through a trusted signature.

  • Structure: Includes the public key, identity information, and a digital signature from a Certificate Authority (CA).

  • Usage:

    • Validates the authenticity of a server or client
    • Establishes encrypted connections for protocols like HTTPS, LDAPS, or SMB
    • Verifies the legitimacy of digital signatures

  • Example Commands:

    # Inspect certificate details (issuer, validity, subject):
openssl x509 -in baker.crt -text -noout
 
# Use with LDAPS:
openssl s_client -connect dc01.scepter.htb:636 -cert baker.crt -key baker.key

3. .pfx (PKCS#12 File)

  • Purpose: A secure container format that bundles multiple cryptographic objects together.

  • Contents:

    • Certificate (public key with identity information)
    • Private key
    • Potentially intermediate certificates
    • Usually protected with password encryption

  • Common Use: Facilitates the secure transfer of cryptographic material between systems, particularly in Windows environments.

  • Example Commands:

    # Extract hash for password cracking:
pfx2john clark.pfx > clark_hash.txt
john --wordlist=rockyou.txt clark_hash.txt
 
# Convert PFX to PEM (if password is known):
openssl pkcs12 -in clark.pfx -out clark.pem -nodes
 
# Convert .crt and .key to .pfx:
openssl pkcs12 -export -out baker.pfx -inkey baker.key -in baker.crt -passout pass:

Key Security Considerations

  • Private Key (.key):

    • Critical security asset that requires strict access controls
    • Compromised keys enable impersonation and decryption of sensitive data
    • Encrypted keys should be assessed for password strength using tools like john + ssh2john

  • Certificate (.crt):

    • Examine CA status to identify potential attack vectors: openssl x509 -in file.crt -text | grep "CA:TRUE"
    • CA certificates enable the creation of trusted certificates, potentially allowing domain escalation

  • PFX (.pfx):

    • Target for password cracking to extract valuable cryptographic material

    • Powerful tool for authentication when used with exploitation frameworks:

      certipy auth -pfx clark.pfx -dc-ip 10.10.11.65 -username clark -domain scepter.htb

Tool Reference Table

ToolCommand ExamplePurpose
opensslopenssl x509 -in file.crt -textInspect certificates
pfx2johnpfx2john file.pfx > hash.txtExtract PFX hash for cracking
evil-winrmevil-winrm -i IP -c cert.crt -k key.keyAuthenticate to WinRM with cert
Certipycertipy auth -pfx file.pfx ...AD CS exploitation

Graph View

Recent Notes