20 - Cryptography

Module 20 - Cryptography

What is Cryptography?

Cryptography is the science and practice of securing communication and information by encoding it in a way that only authorized parties can access and understand. It involves the use of mathematical algorithms to transform plaintext (unencrypted information) into ciphertext (encrypted information) and vice versa. Cryptography plays a crucial role in ensuring the confidentiality, integrity, authenticity, and non-repudiation of data in various applications, including communication, data storage, and digital transactions.

Here are some key concepts and components of cryptography:

Encryption: Encryption is the process of converting plaintext into ciphertext using a specific algorithm and a secret key. The encrypted data can only be deciphered (decrypted) by someone who possesses the corresponding decryption key.
Decryption: Decryption is the reverse process of encryption, where ciphertext is transformed back into plaintext using the decryption key. Only authorized parties with the correct key can perform this operation.
Key: A key is a secret or unique piece of information used to control the encryption and decryption processes. The strength of a cryptographic system often depends on the security of the key.
Symmetric Cryptography: In symmetric-key cryptography, the same key is used for both encryption and decryption. Both the sender and the receiver must have access to this shared key.
Asymmetric Cryptography: Asymmetric-key cryptography, also known as public-key cryptography, uses a pair of keys: a public key for encryption and a private key for decryption. Anyone can use the public key to encrypt data, but only the holder of the private key can decrypt it.
Cryptographic Algorithms: These are mathematical procedures and formulas used to perform encryption and decryption. Examples include Advanced Encryption Standard (AES), RSA, and Elliptic Curve Cryptography (ECC).
Hash Functions: Cryptographic hash functions take an input (message or data) and produce a fixed-size output called a hash value or digest. Hash functions are used for data integrity and digital signatures.
Digital Signatures: Digital signatures use asymmetric cryptography to verify the authenticity and integrity of digital messages or documents. They provide a means of confirming that a message was sent by a specific person or entity.
Cryptanalysis: Cryptanalysis is the science of studying and attempting to break cryptographic systems. It involves analyzing encrypted data to discover weaknesses and vulnerabilities in cryptographic algorithms.

Creating Self-Signed Certificate with Inetmgr

Open inetmgr
Click machine name and select Server Certificates
From actions select Create Self signed Certificate
Choose Name and Personal. Go to a Site, choose Bindings from the Action panel
Select Add
Select Https, IP 10.10.10.16, hostname www.goodshopping.com, select the certificate
Go the site and right click refresh one time.

Hash identifier

Hash Identifier https://www.onlinehashcrack.com/hash-identification.php
Hash-identifier (CLI)
Hashid (CLI)
sha256sum

Find/Decrypt Hash Online

Hashes.com

CrackStation.net

CyberChef

Windows

Calculate Hash of text/File by HashCalc

Calculate MD5 Hashes using MD5 Calculator

Encode and Decode Text

Encode and Decode Text using BCTextEncoder

Encode/Decode Text (File Extension is .hex) using CrypTool

File → New → Enter Text → Encrypt/Decrypt → Symmetric (Modern) → RC2 → KEY 05 → Encrypt
File → Open → Encrypt/Decrypt → Symmetric (Modern) → RC2 → KEY 05 → Decrypt

Linux

Decrypt Hash using Hashcat

# In Parrot/Kali
hash-identifier #to identify the type of hash, its mode etc
hashid -m <hash> #alternative
 
hashcat -h

-a attack mode
-m hashtype
900 md4
1000 NTLM
1800 SHA512CRYPT
110 SHA1 with SALT HASH
0  MD5
100 SHA1
1400 SHA256
3200 BCRYPT
160 HMAC-SHA1
        
 #Decrypt Hashes
 hashcat '5f4dcc3b5aa765d61d8327deb882cf99' /usr/share/wordlists/rockyou.txt
 hashcat -a 3 -m 900 hash.txt /usr/share/wordlists/rockyou.txt

Decrypt Hash using John the Ripper

First analyze hash type -> john hashfile.hash
Then crack hash -> john hashfile.hash --wordlist=/usr/share/wordlists/rockyou.txt --format=Raw-SHA1
Show the cracked password -> john --show --format=Raw-SHA1 hashfile.hash OR `john --show hashfile.hash

Perform Disk Encryption using VeraCrypt

Create Encrypted containers which can be mounted as Virtual Disks.

Creation

Click VeraCrypt
Create Volumn
Create an encrypted file container
Specify a path and file name
Set password
Select NAT
Move the mouse randomly for some seconds, and click Format
Exit

Mount Volume

Select a drive, select file, open, mount
Input password
Dismount
Exit

Integrity Checking of file

Hashing is used for integrity checking. You can check if some file has been modified by comparing the hash values

Windows

Get-FileHash is the built-in PowerShell cmdlet that can be used to generate a hash value, allowing you to verify against the reference hash.

Get-FileHash <Location> -A SHA256 (SHA-1/256/384/512/MD5)
(Get-FileHash <Location> -A SHA256 ).hash -eq "<hash value>" #will return true or false

WinMD5Free: A simple and free utility that allows you to calculate and compare MD5 checksums in Windows. You can drag and drop files into the program to generate and compare checksums.
FCIV (Microsoft File Checksum Integrity Verifier): A command-line utility provided by Microsoft that allows you to compute and verify hash values for files. You can use it to create checksums and compare them.
HashMyFiles: A free utility from NirSoft that provides a graphical user interface for calculating and comparing file hashes. It allows you to compare the hashes of multiple files at once.
File Checksum Tool: A user-friendly tool that can calculate and compare checksums for various hash algorithms like MD5, SHA-1, and SHA-256. It provides an easy way to verify file integrity.

Linux

sha256sum (or md5sum, sha1sum): These are built-in Linux commands for calculating the hash (SHA-256, MD5, SHA-1) of a file. You can use them in the terminal to calculate and compare checksums.
GtkHash: A graphical tool for Linux that supports various hash algorithms and provides a user-friendly interface for calculating and comparing file hashes. It integrates well with the Linux desktop environment.
RapidCRC: While primarily designed for Windows, there is a Linux version available. It's a user-friendly tool that supports a variety of checksum algorithms and is particularly useful for comparing and verifying large sets of files.
Hashdeep: A command-line tool for hashing files in Linux and Windows. It can create hash sets for multiple files and directories, and it's useful for verifying file integrity.

Previous19 - Cloud Computing NextStudy Walkthrough

Last updated 1 year ago

20 - Cryptography

Module 20 - Cryptography

What is Cryptography?

Here are some key concepts and components of cryptography:

Encryption: Encryption is the process of converting plaintext into ciphertext using a specific algorithm and a secret key. The encrypted data can only be deciphered (decrypted) by someone who possesses the corresponding decryption key.
Decryption: Decryption is the reverse process of encryption, where ciphertext is transformed back into plaintext using the decryption key. Only authorized parties with the correct key can perform this operation.
Key: A key is a secret or unique piece of information used to control the encryption and decryption processes. The strength of a cryptographic system often depends on the security of the key.
Symmetric Cryptography: In symmetric-key cryptography, the same key is used for both encryption and decryption. Both the sender and the receiver must have access to this shared key.
Asymmetric Cryptography: Asymmetric-key cryptography, also known as public-key cryptography, uses a pair of keys: a public key for encryption and a private key for decryption. Anyone can use the public key to encrypt data, but only the holder of the private key can decrypt it.
Cryptographic Algorithms: These are mathematical procedures and formulas used to perform encryption and decryption. Examples include Advanced Encryption Standard (AES), RSA, and Elliptic Curve Cryptography (ECC).
Hash Functions: Cryptographic hash functions take an input (message or data) and produce a fixed-size output called a hash value or digest. Hash functions are used for data integrity and digital signatures.
Digital Signatures: Digital signatures use asymmetric cryptography to verify the authenticity and integrity of digital messages or documents. They provide a means of confirming that a message was sent by a specific person or entity.
Cryptanalysis: Cryptanalysis is the science of studying and attempting to break cryptographic systems. It involves analyzing encrypted data to discover weaknesses and vulnerabilities in cryptographic algorithms.

Creating Self-Signed Certificate with Inetmgr

Open inetmgr
Click machine name and select Server Certificates
From actions select Create Self signed Certificate
Choose Name and Personal. Go to a Site, choose Bindings from the Action panel
Select Add
Select Https, IP 10.10.10.16, hostname www.goodshopping.com, select the certificate
Go the site and right click refresh one time.

Hash identifier

Hash Identifier https://www.onlinehashcrack.com/hash-identification.php
Hash-identifier (CLI)
Hashid (CLI)
sha256sum

hashid | Kali Linux ToolsKali Linux

Find/Decrypt Hash Online

Hashes.com

Decrypt MD5, SHA1, MySQL, NTLM, SHA256, SHA512, Wordpress, Bcrypt hashes for free online

CrackStation.net

CrackStation - Online Password Hash Cracking - MD5, SHA1, Linux, Rainbow Tables, etc.

CyberChef

CyberChef

Windows

Calculate Hash of text/File by HashCalc

🔓Hashcalc

Calculate MD5 Hashes using MD5 Calculator

5️⃣Md5 Calculator

Encode and Decode Text

Encode and Decode Text using BCTextEncoder

🔐BCTextEncoder

Encode/Decode Text (File Extension is .hex) using CrypTool

File → New → Enter Text → Encrypt/Decrypt → Symmetric (Modern) → RC2 → KEY 05 → Encrypt
File → Open → Encrypt/Decrypt → Symmetric (Modern) → RC2 → KEY 05 → Decrypt

CrypTool PortalCrypTool Portal

Linux

Decrypt Hash using Hashcat

# In Parrot/Kali
hash-identifier #to identify the type of hash, its mode etc
hashid -m <hash> #alternative
 
hashcat -h

-a attack mode
-m hashtype
900 md4
1000 NTLM
1800 SHA512CRYPT
110 SHA1 with SALT HASH
0  MD5
100 SHA1
1400 SHA256
3200 BCRYPT
160 HMAC-SHA1
        
 #Decrypt Hashes
 hashcat '5f4dcc3b5aa765d61d8327deb882cf99' /usr/share/wordlists/rockyou.txt
 hashcat -a 3 -m 900 hash.txt /usr/share/wordlists/rockyou.txt

😺Hashcat

Decrypt Hash using John the Ripper

First analyze hash type -> john hashfile.hash
Then crack hash -> john hashfile.hash --wordlist=/usr/share/wordlists/rockyou.txt --format=Raw-SHA1
Show the cracked password -> john --show --format=Raw-SHA1 hashfile.hash OR `john --show hashfile.hash

🥷John the Ripper

Perform Disk Encryption using VeraCrypt

Create Encrypted containers which can be mounted as Virtual Disks.

Creation

Click VeraCrypt
Create Volumn
Create an encrypted file container
Specify a path and file name
Set password
Select NAT
Move the mouse randomly for some seconds, and click Format
Exit

Mount Volume

Select a drive, select file, open, mount
Input password
Dismount
Exit

🔑Veracrypt

Integrity Checking of file

Hashing is used for integrity checking. You can check if some file has been modified by comparing the hash values

Windows

Get-FileHash is the built-in PowerShell cmdlet that can be used to generate a hash value, allowing you to verify against the reference hash.

Get-FileHash <Location> -A SHA256 (SHA-1/256/384/512/MD5)
(Get-FileHash <Location> -A SHA256 ).hash -eq "<hash value>" #will return true or false

Get-FileHash (Microsoft.PowerShell.Utility) - PowerShellMicrosoftLearn

WinMD5Free: A simple and free utility that allows you to calculate and compare MD5 checksums in Windows. You can drag and drop files into the program to generate and compare checksums.
FCIV (Microsoft File Checksum Integrity Verifier): A command-line utility provided by Microsoft that allows you to compute and verify hash values for files. You can use it to create checksums and compare them.
HashMyFiles: A free utility from NirSoft that provides a graphical user interface for calculating and comparing file hashes. It allows you to compare the hashes of multiple files at once.
File Checksum Tool: A user-friendly tool that can calculate and compare checksums for various hash algorithms like MD5, SHA-1, and SHA-256. It provides an easy way to verify file integrity.

Linux

sha256sum (or md5sum, sha1sum): These are built-in Linux commands for calculating the hash (SHA-256, MD5, SHA-1) of a file. You can use them in the terminal to calculate and compare checksums.
GtkHash: A graphical tool for Linux that supports various hash algorithms and provides a user-friendly interface for calculating and comparing file hashes. It integrates well with the Linux desktop environment.
RapidCRC: While primarily designed for Windows, there is a Linux version available. It's a user-friendly tool that supports a variety of checksum algorithms and is particularly useful for comparing and verifying large sets of files.
Hashdeep: A command-line tool for hashing files in Linux and Windows. It can create hash sets for multiple files and directories, and it's useful for verifying file integrity.

Previous19 - Cloud Computing NextStudy Walkthrough

Last updated 1 year ago