· 6 years ago · Nov 20, 2019, 01:54 PM
1
2
3Session 25 :
4
5Cryptography
6Steganography
7Encryptions & Hashes Types
8Hash Cracking - Kali Linux
9
10
11
12Cryptography :
13
14This is the method of securing communication between the digital devices
15
16Whatsapp --> Notification : End to End Encryptions
17
18Cryptography --> Its provide security to the communication between two digital Devices
19
20
21Palvinder is good <-- Plain Text
22
23
24Our plain text communication ---> Follow an Algorithm
25
26
27u9u98um98u98u89y765%^&*()nlk09u8y <-- Cipher Text or Encrypted Text
28
29This encrypted text will only be getting decrtpted once its reaches to our dedicated Target :
30
31Palvinder is good <--- Plain Text message will Appear
32
33
34
35Example Rule :
36
37A --> B
38
39B --> C
40
41C --> D
42
43** --> Next One
44
45Partha ---> qbsuib
46
47Palvinder ---> Qbmwjoefs <-- Output
48
49This Output is also called as : Cipher or Encrypted Text
50
51
52Donald Trump --> Media --> News --> Russia
53
54Big Hold on Technology :
55
56Whatsapp <--- USA
57
58Android <-- Google <--- USA
59
60Facebook <--- USA
61
62Apple <--- USA
63
64Windows <--- USA
65
66Linkedin
67
68Twitter
69
70-----------------------
71
72Russia --> USA (Bad Relation)
73
74Russian --> Ban all USA Product in Russia
75
76Whatsapp ---> Telegram (Most Secure)
77
78Facebook ---> vk.com
79
80----------------------
81
82In case of Website : How our Data is Placed
83
84Never website will have customer data in plain text.
85
86Always data in placed in encrypted form :
87
88
891. MD5 - Message Digest Protocol v5
90
91Hammed --> Md5 --> Hashes
92
93Link Here : http://www.miraclesalad.com/webtools/md5.php
94
95a553288817b7309b83c0dc0e76656779
96fcc27c2b2ecc50c6d44e1560eb89a961
9700dd1760df7aa9e9fdb25711b9b32e17
98593d7249e9ad360c703add22b4aee22f <--
99
100Properties :
101
1021. Always will get out of 32 character long
103
1042. Characters : a-f & 0-9
105
106Only these character would be available in Md5
107
108
109Method 1:
110
111Tools : Kali Linux --- Hash Breaking --> Hashcat
112
113Website: https://www.md5online.org/md5-decrypt.html
114
115
116or
117
118
119Method 2:
120
121Tool in Kali :
122
123Step 1: Create a Notepad File, paste all hashes in it.
124
125hdp.txt
126
127Step 2: Open terminal
128
129#hashcat -m 0 -a 0 drag-txt-file-here /usr/share/wordlists/rock-you.txt --force
130
131
132Russian facebook ; www.vk.com <-- 2016 Hacked
133
134All data was in Plain text
135
136
137SHA1 : *** Hash Algt<--
138=========
139
1402f09cdaf8398f1260aa40414d5c44183fc15c030
141a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
142dc724af18fbdd4e59189f5fe768a5f8311527050
143
144Properties in SHA1
145
1461. Length = 40 Character
147
1482. Character : a-f & 0-9
149
150Hashcat
151
152#hashcat -m 100 -a 0 drag-txt-file-here /usr/share/wordlists/rock-you.txt --force
153
154Hashes Values : #hashcat --help
155
156
157
158
159MD5 (Wordpress)
160===============
161
162$H$*****************************
163
164Total Length = 34 Character
165
166A-Z 0-9
167
168
169
170
171MD5 (PHP)
172===========
173
174
175Total Length = 34 Character
176
177A-Z 0-9
178
179
180$P$***************************
181
182
183AES : This is the most secure algorith ever
184===========================================
185
186Pal ---> AES --> 123abc123
187
188Pal --> AES --> 345678
189
190We ll never have same output again in life.
191
192Another, for decrypt, one private key(password) is required, which has been used while encrypted
193
194Demo :
195
196www.encipher.it
197
198Palvinder ----> AES ----> Output
199
200EnCt22b77f4a1834e1d3670af9f080200b7b4c36e0dfe2b77f4a1834e1d3670af9f08NgzPSHKOKAM
201cIUbp012H4T9pyhqm4bY=IwEmS
202
203Palvinder ----> AES ----> Output
204
205EnCt226a373021336cdd52f7ae57e41ddd1b94794718926a37302i1336cdd52f7ae57emkjjZtR=OgK
206Eu2jp012j2VcqsbDOyNE=IwEmS
207
208
209Output will always be different for same word.
210
211Its algorithm is so good, that even single character (a) ---> Will get convert into 90-100 Characters
212
213
214a
215
216EnCt2aa788fed2de51816cca199688ff88d493f4e4a35aa788fed2de51816cca19968EER=yUoWpwN
217GzYnp013lIwEmS
218
219EnCt2aad88547c1933fc920b2749924539a586f8883deaad88547c1933fc920b27499TLerTA2DjAP
220gxuIz1V3sIwEmS
221
222---> Benifit:
223
224Creating a product --> Compete --> Google
225
226Gmail.com <--- Monitoring on our Mail --> Steal our Information | Idea | Product etc
227
228Before sharing any email , first i would make it encrypt
229
230
231
232Hi Partha, our next meeting is on Monday 4:00 PM at BusStand Gate No.6
233
234EnCt276f50179dc436a6061ef640a6a861ecb58b9f12076f50179dc436a6061ef640alThCYW/brwK
23566Zo01V2tFeaUCjMjQVfYGnrYUTL1b/pPxlYlzs+ms936J+MDy10suOSFuNAAZVvrMHNqTw8PP1bs6Cu
236CYQcFnGuGB9qyyJlaPIbfIwEmS
237
238----
239
2409/11 <-- WTC - USA ( HomeLand Security --> FBI )
241
242They was followinga an another level tech. ---> Steganography
243
244
245
246Movie : Zero Dark 30 <----
247
248
249
250Not send a text mssg ---> Instead we ll sharing some media files (Images, Songs, Video)
251
252We ll hide our msg behind the media file, if any normal people will open a file, this will get oprn normally.
253
254Image --> Image
255
256video --> Play
257
258Song --> Music
259
260etc
261
262This technique is called as Steganography
263
264How its done..?
265
266Step 1: Notepad File + Images File on Desktop
267
268
269Step 2: Open cmd --> #cd Desktop
270
271
272Step 3: #copy/b image.jpg + notepad.txt newfilename.jpg
273
274Here neewfilename.jpg will be hving our hidden msg
275
276
277Step 4: Just share this file with Destination
278
279
280Step 5: Just open an Image File using Notepad
281
282
283Step 6: Just go in the very bottom of notepad --->
284
285---------------------------------
286
287Steganography + Encryption
288===========================
289
290The information behind the image file is going t0 get encrypted.
291
292Tool : S-Tools
293
294
295Demo :
296
297
298Destination :
299
300s-tools ---> Hidde.bmp
301
302---------------------------------
303
304Session 26:
305
306Router VAPT
307Router Exploit - GUI Tool
308Router Security
309
310
311We have to find the Loopholes in the Router, so that we can access it. (OSCP)
312
313Realtime --> Access + We also need to create list of patches (security)
314
315Our job is to create a proper report on Vulnerabilities & its exploits
316
317Company --> Tested car glass with Gun --> CEO was sitting in CAR
318
319
320Router is the main, which is making our network/office/home connectivity with outside World.
321
322If Router gets compromised,that mean my complete network becomes vulnerable.
323
324Even we can shutdown the network of complete company etc
325
326VAPT :
327
3281. Internal VAPT
329
3302. External VAPT
331
332---
333
3341. Internal VAPT : When we are connected in their Network <-- Openvpn <-- OSCP
335
3362. External VAPT : When We attacking from another Network
337
338
339
340
341Router VAPT
342
3434 Phases :
344
345Phase 1: Information Gathering
346
347Phase 2: Vulnerability Assessment
348
349Phase 3: Penetration Testing
350
351Phase 4: Report Generating
352--
353
354
355Phase 1: Information Gathering :
356
357Collecting Details of the Router:
358
359Manufacture Company
360
361IP Address of Router
362
363Firmware versions
364
365Login Panel
366
367Model No.
368
369--
370
371Internal VAPT :
372
373IP Address
374
375or
376
377Terminal : #route -n (Linux) <--- OSCP
378
379CMD : #ipconfig (Windows)
380
381Default Gateway : 1.2.3.4 <--- Router's IP
382
383Pal : 192.168.100.1
384
385Par : 192.168.0.1
386
387
388Info of Router :
389
390
391Huawei <--
392
393Model No <-- HG8121H
394
395--------
396
397
398Phase 2 : Vulnerability Assessment
399
400World Wide Database of Vulnerability
401
402Every vulnerability, unique identity : CVE = Common Vulnerability Exposure
403
404CVE-2019-7878
405
406
407Every CVE --> has score of criticality --> 1 - 10
408
4091 means least
410
41110 means most dangerous
412
413CVSS SCORE
414
415www.cvedetails.com
416
417--------------------------------------------------------------