Ceh v8 labs module 19 cryptography
Upcoming SlideShare
Loading in...5
×

Like this? Share it with your network

Share
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
288
On Slideshare
288
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
65
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. CEH L ab M a n u a l C r y p to g r a p h y M o d u le 19
  • 2. M odule 19 - C ryptography C r y p to g r a p h y Cy t ga h ist esu ya dartof h in in r a o in h mnu r a a le r po r p y h t d n id g fom ti n u a ne d b fo at. rm ICON KEY V a lu a b le Lab Scenario T h e a b ility to p r o te c t a n d s e c u re in fo r m a tio n is v i t a l t o th e g r o w th o t e le c tr o n ic m fo rm a tio n c o m m e rc e Test yo u r to W e b e x e rc is e m W o r k b o o k re to th e g ro w th u s e c o m m u n ic a t io n s p la y s ** and a a ro u n d la r g e m a jo r r o le th e w o r ld a m o u n ts m e th o d s to p ro c e s s o f m o n e y p ro te c t I n t e r n e t it s e lf. M a n y p e o p le o r w a n t th e d a ta F o r e x a m p le , one b an k c u s to m e rs m a c h in e s . T h e r e fro m b o ttle s f lo w e r s b y e n c r y p t io n o n ly yo u a re is o f s e c u re d e t a ils w o rk w ith an in s tr u c t use o f w in e s c r e d it te c h n iq u e s . c o n n e c tio n f in a n c ia l to th e yo u w h e n to th e u s in g o f s tro n g e t h ic a l e n c ry p t th e m e n c r y p t io n and and u s in g a In te rn e t th e at and c a rd u n fo r g e a b le p e n e tr a t io n use e n c r y p t io n tr a n s a c tio n s k n o w and e n v ir o n m e n t IT w ill S in c e d ir e c to r 111 th e o th e r T in s m e th o d s . a lg o r it h m s a re in c lu d in g to in fo r m a tio n te s te r, y o u r t e lle r s e llin g a n y d u n g lik e e n c r y p t io n e n c r y p t in g tra n s fe r o f b ro w s e rs , I n te r n e t w o u ld c r e d it m e th o d s th e a u to m a te d th e s e In te rn e t m u lt i- n a t io n a l v a r io u s a ls o b an k s h o p p in g m a lls s e c u re t h e ir o ve r hacker d a ta th e and s e n d in g r e la t e d e x p e rt to C u s to m e rs use use a n o th e r. B a n k s n u m b e rs and even o ve r c a rd s to ID a re m a n y c o m p a n ie s m ade banks f in a n c ia l tr a n s a c tio n s . T h is in v o lv e s fro m t h e ir need s e c u r it y 11 1 d if f e r e n t a re a s . E n c r y p t in g d a ta s e c u r it y . 111 to and o f th e w ill o rd e r to s e c u re th e o r g a n iz a t io n ’s in f o r m a t io n . Lab Objectives T in s la b w i l l s h o w y o u h o w h o w to e n c r y p t d a ta a n d h o w t o u s e it . I t w i l l te a c h y o u to : ■ U s e e n c r y p tin g /d e c r y p tin g c o m m a n d s ■ G e n e r a te h a s h e s a n d c h e c k s u m f ile s Lab Environment & Tools d e m o n stra te d in th is lab a re available in D:CEHToolsCEHv 8 Module 19 Cryptography T o e a r n ‫ ־‬o u t d ie la b , y o u n e e d : Window S erver 2012 ■ A c o m p u te r r u n n in g ■ A w e b b ro w s e r w ith In te rn e t access Lab Duration T im e : 5 0 M in u t e s Overview of Cryptography C r y p t o g r a p h y is t h e p r a c t ic e a n d s t u d y o f hiding in f o r m a t io n . M o d e r n c r y p to g r a p h y in t e r s e c t s t h e d i s c ip l in e s o f m a t h e m a t i c s , c o m p u t e r s c ie n c e , a n d e l e c t r ic a l e n g in e e r in g . C E H Lab Manual Page 915 Ethical Hacking and Countenneasures Copyright © by EC-Council All Rights Reserved. Reproduction is Stricdy Prohibited.
  • 3. M odule 19 - C ryptography C r y p t o lo g y p r io r t o th e m o d e r n a g e w a s a lm o s t s y n o n y m o u s w it h conversion m TASK 1 . o f in fo r m a tio n f r o m encryption, d ie a r e a d a b le s ta te t o o n e a p p a r e n t ly w i t h o u t s e n s e . Lab Tasks Overview R e c o m m e n d e d la b s t o a s s is t y o u i n C r y p t o g r a p h y : ■ B a s ic D a t a E n c r y p t in g U s i n g H ashC alc ■ B a s ic D a t a E n c r y p t i n g U s i n g MD5 C alc u lato r ■ B a s ic D a t a E n c r y p t i n g U s i n g A dvance E ncryption P a c k a g e ■ B a s ic D a t a E n c r y p t i n g U s i n g TrueC rypt ■ B a s ic D a t a E n c r y p t i n g U s i n g CrypTool ■ E n c r y p t in g a n d D e c r y p t in g th e D a ta U s in g ■ B a s ic D a t a E n c r y p t i n g U s i n g B C T extE ncoder R ohos Disk E ncryption Lab Analysis A n a l y z e a n d d o c u m e n t t h e r e s u lt s r e la t e d t o t h e la b e x e r c is e . G i v e y o u r o p i n i o n o n y o u r t a r g e t ’s s e c u r it y p o s t u r e a n d e x p o s u r e . P L E A S E T A L K T O Y O U R I N S T R U C T O R R E L A T E D C E H Lab Manual Page 916 T O T H I S I F Y O U H A V E Q U E S T I O N S L A B . Ethical Hacking and Countenneasures Copyright © by EC-Council A ll Rights Reserved. Reproduction is Stricdy Prohibited.
  • 4. M odule 19 - C ryptography Lab B a s ic D a ta E n c r y p tin g U s in g H a s h C a lc HashCalc e a leyou t c muem ltip h s e, c eku s a dHAL4Csfor n b s o o p t u le ah s hc s m, n files, te t, a dh xsrn s It s p ot MD2, MD4, AIDS, SHA1, SHA2 x n e ti g . u p rs (SHA256, SH.4J84, SHA512), RIPEMD160, PANAMA, TIGER, CRCJ2,ADUERJ2, a dt eh s ue in e o k ya de n t os n h a h s d D n e n M le o l . ICON KEY / V a lu a b le information .v* Test yo u r _______k n o w le d g e _________ ^ W e b e x e r c is e Lab Scenario L a p to p s access th e W o r k b o o k r e v ie w h ig h ly s to ra g e r e q u ir e s m e d ia . to th e ft a k e y in D is k and f r e q u e n t ly o rd e r to e n c r y p t io n c o n ta in s ta rt th e e n c ry p ts v a lu a b le o p e r a t in g a ll d a ta d a ta . s y s te m a 0 11 and s y s te m , t ile s , f o ld e r s , a n d t h e o p e r a t i n g s y s t e m . T i n s is m o s t a p p r o p r i a t e w h e n p h y s ic a l s e c u r it y 0 1‫ ־‬d e s k to p s im p le m e n te d , w h ile s u s c e p tib le e n c r y p t io n th e in c lu d in g la p to p s £ Q a re B o o t d is k e n c r y p t io n e n c ry p te d , p a r t ie s 111 e t h ic a l hacker th e o f th e th a t ca n n o t even t and o f s y s te m a re n o t p r o v id e s be is an v ie w e d th e ft, lo s s , p e n e tr a t io n n o t a 111 a s s u re d . p h y s ic a lly enhanced E x a m p le s s e c u re d d is c o v e r e d 0 1‫ ־‬in te r c e p t io n . yo u W h e n le v e l o f a s s u ra n c e 0 1‫ ־‬o th e r w is e te s te r , in c lu d e a re a . m u st 111 o rd e r u n d e rs ta n d to tr a v e lin g p r o p e r ly th e d a ta , b y u n a u th o r iz e d to be d a ta an e x p e rt e n c r y p t io n u s in g e n c r y p t in g a lg o r it h m s . Lab Objectives T h i s la b w i l l s h o w y o u h o w h o w to e n c r y p t d a ta a n d h o w ■ H Tools d e m o n stra te d in th is lab a re available in D:CEHToolsCEHv 8 Module 19 Cryptography C E H Lab Manual Page 917 t o u s e it . I t w i l l te a c h y o u to : U s e e n c r y p tin g /d e c r y p tin g c o m m a n d ■ G e n e r a te h a s h e s a n d c h e c k s u m f ile s Lab Environment T o c a r r y o u t t h e la b , y o u n e e d : ‫י‬ H ash C alc l o c a t e d a t D:CEH-T00lsCEHv 8 M odule 19 CryptographyM D 5 H ash C alc u lato rsH a sh C a lc Ethical Hacking and Countenneasures Copyright © by EC-Council A ll Rights Reserved. Reproduction is Stricdy Prohibited.
  • 5. M odule 19 - C ryptography ■ Y o u c a n a ls o d o w n lo a d t h e la t e s t v e r s io n o f H ash C alc fro m th e lin k h t t p : / / w w w . s la v a s o t t. c o m / h a s h c a lc / ■ I f y o u d e c id e t o 1 1 1 t h e la b d o w n lo a d th e la te s t v e rsio n , t h e n s c r e e n s h o ts s h o w n m ig h t d iff e r ■ F o llo w th e w iz a r d d r iv e n in s ta lla t io n in s tr u c t io n s ■ R u n t in s t o o l 1 1 1 ■ A d m in is t r a t iv e p r iv ile g e s t o W indow s S e rv e r 2012 r u n to o ls Lab Duration T im e : 1 0 M in u te s Overview of Hash H a s h C a lc is a fa s t and d ig e sts, ch e c k su m s, o ffe r s a c h o ic e o f and 13 o f e a s y -to -u s e c a lc u la t o r HMACs for files, th e m ost th a t a llo w s as w e ll as f o r p o p u la r hash and c o m p u t in g m essage te x t and hex strings. checksum a lg o n t lu n s It fo r c a lc u la t io n s . 3 TASK 1 C alculate th e H ash Lab Tasks 1. L a u n ch th e S ta rt m e n u b y h o v e r in g th e m o u s e c u r s o r o n th e lo w e r - le ft c o r n e r o f th e d e s k to p . ■3 Windows Server 2012 c a Y o u can also Window Server 2 1 ReviseQnflidau C s 02 0t»c< r m Evaluatorcop;. 9u d M C ! O **I do w n lo a d HashCalc fro m i v n i ^ h t tp : / /w w w .slavasoft.com F IG U R E 1.1: W indows Server 2012—Desktop view 2. C E H Lab Manual Page 918 C lic k th e H ash C alc a p p to o p e n th e H ashC alc w in d o w . Ethical Hacking and Countermeasures Copyright © by EC-Council All Rights Reserved. Reproduction is Stricdy Prohibited.
  • 6. M odule 19 - C ryptography S ta rt Server Manager Windows PowerShell Hyper-V Manager Google Chrome Fa m <9 ‫וי‬ Computer Contfol Panel Hyper-V Virtual Machine... SQL Server Installation Center... Worlcspace Studio Mozilla Firefox V ¥ Command Prompt & e H ashCalc sim ple F‫־‬ Inlrmr* i*plnm 5 dispenses w ith glitz to p la in ly lis t in p u t and results. < © Nmap Zenmap GUI dialog-si2 e interface HashCalc O ₪ F IG U R E 1.2: W indow s Server 2012 —Apps 3. T h e m a in w in d o w o t H ashC alc a p p e a rs as s h o w n 111 d ie f o llo w in g f ig u r e . 4. F ro m d ie D ata F o rm at d r o p - d o w n lis t , s e le c t H 1- HashCalc Data Format: File. 1° T Data: 1 r x -1 Key Format: HMAC Key: | Text string W MD5 r MD4 lv SHA1 r r SHA256 SHA384 r H ash algorithm s RIPEMD160 r m SHA512 I* PANAMA r s u p p o rt three in p u t data form ats: file, te xt string, TIGER r r and hexadecim al string. MD2 A D LER 32 17 CRC32 ‫ —ן‬eD onkey/ eMule 1 ‫־‬ S la v a S o ft | Calculate | Close 1 Help 1 F IG U R E 1.3: HashCalc m a in w in d o w 5. 6. C h o o s e th e a p p r o p r ia te 7. C E H Lab Manual Page 919 E n te r/B ro w s e th e d a ta t o N o w , c lic k c a lc u la t e . H ash a lg o rith m s a n d c h e c k th e c h e c k b o x e s . C alcu late. Ethical Hacking and Countemieasures Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.
  • 7. M odule 19 - C ryptography HashCalc Data Format: IS Data: H I| C :P f0gtam Files (x86lHashCalcHashCalc.exe Key Foirnat: r R MD5 r MD4 e922301da3512247ab71407096ab7810 W SHA1 ‫ט‬ r HashCalc is used to generate c iy p tin g text. K ey________________________________ IT ext shing ‫|•״‬ HMAC 67559307995703808ed2f6n723e00556dbb0e01 SHA256 r SHA384 r SHA512 I ? RIPEMD160 T a751 ce46a02b73b792564Gcb0ccf810bc00dd6b4 PANAMA r r r TIGER MD2 ADLER32 W CRC32 ‫ —ן‬eD onkey/ eMule S la v a S oft. Help Calculate ~| F IG U R E 1.4: Hash is generated fo r chosen hash string Lab Analysis D o c u m e n t a ll H a s h , A J D 5 , a n d C R C v a lu e s f o r f u r t h e r r e fe r e n c e . P L E A S E T A L K T O Y O U R I N S T R U C T O R R E L A T E D T o o l/U tility I n f o r m a tio n O u tp u t: ‫י‬ H a s h C a lc T O T H I S I F Y O U H A V E Q U E S T I O N S L A B . C o lle c te d /O b je c tiv e s A c h ie v e d G e n e ra te d H a s h e s f o r M D 5 ‫י‬ S H A 1 ‫י‬ R IP E A ID 1 6 0 ‫י‬ C E C 3 2 Questions 1. C E H Lab Manual Page 920 D e te r m in e h o w to c a lc u la t e m u lt ip l e c h e c k s u m s s im u lt a n e o u s ly . Ethical Hacking and Countermeasures Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.
  • 8. M odule 19 - C ryptography I n te r n e t C o n n e c tio n □ Yes P la tfo r m 0 C E H Lab Manual Page 921 R e q u ir e d 0 No 0 !L a b s S u p p o rte d C la s s r o o m Ethical Hacking and Countenneasures Copyright © by EC-Council A ll Rights Reserved. Reproduction is Stricdy Prohibited.
  • 9. M odule 19 - C ryptography B a s ic D a ta E n c r y p tin g U s in g M D 5 C a lc u la to r MD5 Calculator is a sm le a pc tio that c lc lae t eAIDS h s of a i p p li a n a u ts h ah gv nfile. It c n b ue nith bg ( o / GB). Itfeatures apo r s c u t r ie a e sd i files s ue r ge s o ne a d a textfieldfrom w ic t efinal AID ‫ כ‬h s c n b e sy c pe t t e n hh h a h a e a il o i d o h cp o r . li b ad ■ con £__ key ‫ ־־‬Lab Scenario V a lu a b le T h e re has been a need to p ro te c t in fo r m a tio n th a t c o u ld o th e r w is e fro m “ p r y in g e y e s .” 111 th e in f o r m a t i o n e le c tr o n ic >> in d iv id u a l m can e s p io n a g e Test your k n o w le d g e — a g e , in fo r m a tio n am ong s e c u r it y W e b e x e r c is e a ls o m e a s u re s p e rs o n a l fre e d o m , W o r k b o o k r e v ie w w is h to e n c ry p t w is h e s e n c r y p t io n and used s y s te m , to s a fe p e n e tr a t io n be used o f th e o f th o s e th e yo u A n d , eyes. m u st g ro u p s to a tte m p t to and 111 it w h o n a tu re a v o id o r o fte n th o s e o p p r e s s iv e a re r e la t iv e ly d a ta p r y in g te s te r, w h o such b u s in e s s e s p la c e . in fo r m a tio n d e c r y p t io n Iro m in to o u t s id e e n c ry p t a g a in s t c o m p e t it iv e p u t c e r ta in a g a in s t t h e a re be h ig h ly b e n e fit o r a g ro u p in d iv id u a ls . r e q u ir e s w is h to th e s to re s o rd e r u n d e rs ta n d s y s te m to be d a ta an e x te n s iv e e x e r c is e S t ill, m ay p e n a lt ie s th e m e th o d s tr a ig h t fo r w a r d ; e n c r y p t io n in fo r m a tio n e x p e rt e n c r y p t io n e t h ic a l u s in g o r In d u s tr ia l th a t o f g o v e rn m e n ts , s u ffe r in g c o n t r o l. e d u c a te t h e ir a ls o o f g o in g o t d a ta a lg o r it h m s t ile s o n th e hacker and e n c r y p t in g a lg o r it h m s . Lab Objectives T in s la b w i l l g iv e y o u e x p e r ie n c e o n e n c r y p t in g d a ta a n d s h o w y o u h o w H Tools d e m o n stra te d in th is lab a re available in D:CEHToolsCEHv8 Module 19 Cryptography C E H Lab Manual Page 922 I t w ill te a c h y o u h o w t o d o it . to : ■ U s e e n c r y p tin g /d e c r y p tin g c o m m a n d s ■ C a lc u la te t h e M D 5 v a lu e o f th e s e le c te d t ile Lab Environment T o e a r n * o u t t h e la b , y o u n e e d : Ethical Hacking and Countenneasures Copyright © by EC-Council A ll Rights Reserved. Reproduction is Stricdy Prohibited.
  • 10. M odule 19 - C ryptography ■ MD5 C a lc u la to r l o c a t e d a t D :CEH -ToolsCEH v8M odule19 CryptographyM D 5 H ash C alculatorsM D 5 C a lc u la to r ■ Y o u c a n a ls o d o w n lo a d t h e la t e s t v e r s io n o f MD5 C a lc u la to r fro m th e lin k h t tp : / / w w w . b u llz 1p .c o m / p r o d u c t s / m d 5 / in f o . p h p ■ I f y o u d e c id e t o 1 1 1 t h e la b d o w n lo a d th e la te s t v ersio n , th e n s c re e n s h o ts s h o w n m ig h t d iff e r ■ F o llo w th e w iz a r d d r iv e n in s ta lla t io n in s t m c t io n s ■ R u n t h is t o o l 1 1 1 ■ A d m in is t r a t iv e p r iv ile g e s t o r u n W indow s S e rv e r 2012 t o o ls Lab Duration T im e : 1 0 M in u te s Overview of MD5 Calculator M D 5 C a lc u l a t o r is a b a r e - b o n e s p r o g r a m fo r calculating and com paring M D 5 f ile s . W h i l e it s l a y o u t le a v e s s o m e d u n g t o b e d e s ir e d , it s r e s u lt s a r e f a s t a n d s im p le . TASK 1 C alculate MD5 C hecksum Lab Tasks 1. T o f in d M D 5 C a lc u la to r H a s h o f a n y t ile , r ig h t - c lic k t h e f ile fro m a n d s e le c t MD5 th e c o n te x t m e n u . mw| | I L& Install nd5calc( 0 .0).ms Repair Uninstall CmdHere MD5 Calculator Troubleshoot compatibility Open with ► Share with ► Add to archive... Add to "md5calc(1.0.0.0).rar" Compress and email... m M D 5 checksum is § used to generate M D 5 hash. Compress to "md5calc(1.0.0.0).rar" and email Restore previous versions * Send to Cut Copy Create shortcut Delete Rename Properties F IG U R E 2.1: M D 5 o p tio n in co n te s t m enu 2. C E H Lab Manual Page 923 MD5 C a lc u la to r s h o w s th e M D 5 d ig e s t o f t h e s e le c te d t ile . Ethical Hacking and Countermeasures Copyright © by EC-Council All Rights Reserved. Reproduction is Stricdy Prohibited.
  • 11. M odule 19 - C ryptography Note: A l t e r n a t i v e l y , y o u C a lc u la te b u t t o n t o th e c a n b r o w s e a n y file c a lc u la t e t h e M D 5 to c a lc u la t e t h e M D 5 MD5 Calculator B|C:Llsefs'.AdministratorDesktopVnd5calcl'1.0.0.0).i h a s h a n d c lic k h a s h o f th e file . B ’ % “ ■ ‫ ■׳.־‬‫■־‬ ■ r ~ • x '‫־‬ Calculate M D 5 hash (or checksum) fu n ctio n s as a com pact d igital fin g e rp rin t o f a file. MD5 Digest J Compare To 19434b8108cdecab051867717cc58dbdf ‫ו‬ 1 1 1 I I Uppercase Exit F IG U R E 2.2: M D 5 is generate f o r the chosen file Lab Analysis A n a l y z e a n d d o c u m e n t d i e r e s u lt s r e la t e d t o d i e la b e x e r c is e . P L E A S E T A L K T O Y O U R I N S T R U C T O R R E L A T E D T o o l/U tility M D 5 I n f o r m C a lc u la to r T O a tio n O u tp u t: I F T H I S Y O U H A V E C o lle c te d /O b je c tiv e s M D 5 Q U E S T I O N S L A B . A c h ie v e d H a s h e s f o r s e le c te d s o f t w a r e Questions 1. W h a t a re t h e a lte r n a t iv e s 2. Is th e A ID S to th e A ID S ( M e s s a g e - D ig e s t a l g o r it h m c r y p to g r a p h ic h a s h f u n c t io n w i t h C E H Lab Manual Page 924 sum c a lc u la t o r ? 5 ) c a lc u la t o r a w id e ly u s e d a 1 2 8 - b it h a s h v a lu e ? Ethical Hacking and Countenneasures Copyright © by EC-Council All Rights Reserved. Reproduction is Stricdy Prohibited.
  • 12. M odule 19 - C ryptography I n te r n e t C o n n e c tio n □ Yes R e q u ir e d C E H Lab Manual Page 925 No 0 P la tfo r m 0 !L a b s S u p p o rte d Ethical Hacking and Countermeasures Copyright © by EC-Council A ll Rights Reserved. Reproduction is Stricdy Prohibited.
  • 13. M odule 19 - C ryptography 3 B a s ic D a ta E n c r y p tin g A d v a n c e d E n c r y p tio n U s in g P a c k a g e A va c dEncryption P c a eis m s n t w rh for itsflexibility; n to lyc n d ne ak g ot oe ot y o n a yon e cy t n r pfilesforyouro n ro c o , b tyonc ne yce t "selfdecrypting' w p te ti n u a asil r ae v r io s of yourfiles that oh r c n ru w h u n e i g this o a y oh r es n t es a n it o t e dn r n te soft!!are. I CON KEY Lab Scenario / V a lu a b le D a ta e n c r y p t io n and d e c r y p t io n o p e r a t io n s a re m a jo r s e c u r it y a p p lic a tio n s to in f o r m a tio n s e c u re >> Test your k n o w le d g e — m W e b e x e r c is e d a ta . H o w e v e r, a llo w to a p p lic a tio n s and p ro te c te d . w h e re 111 b lo c k to c ip h e r s , c ip h e r s s u b je c t s id e s id e - c h a n n e l to keys fro m a tta c k s be r e s id e an o n such such as as d e v ic e s a b y th re a t. p ro g ra m A E S as a tta c k s . These s ta n d a rd . w e ll as These p a s s iv e ly C o u n te rm e a s u re s a re a s s e ts p u b lic A E S , s id e - c h a n n e l c h a n n e ls . a p p lic a tio n s w h e r e s e c re t k e y s o rd e r b lo c k s e c re t o th e r a e ro s p a c e and o f a re e x tra c t c o n s u m p t io n , a lg o r it h m s , use a lg o r it h m s , a d v e r s a r ie s m ilit a r y s y s te m s im p le m e n ta tio n s c r y p to g r a p h ic p o w e r W o r k b o o k r e v ie w M o s t a re o th e r a tta c k s m o n it o r in g r e q u ir e d in c lu d e i n f o r m a t i o n , c la s s if ie d th a t m a y n o t e x p e r t e th ic a l h a c k e r a n d a lw a y s be p e n e tr a t io n fo r s e v e ra l d a ta , p h y s ic a lly te s te r, y o u m u s t u n d e r s t a n d d a ta e n c r y p t e d o v e r f ile s . Lab Objectives T i n s la b w i l l g iv e y o u e x p e r ie n c e o n e n c r y p t in g d a t a a n d s h o w y o u h o w I t w ill te a c h y o u h o w H Tools d e m o n stra te d in th is lab a re available in D:CEHToolsCEHv8 Module 19 Cryptography C E H Lab Manual Page 926 t o d o it . to : ■ U s e e n c r y p t in g /d e c r y p t in g c o m m a n d s ■ C a lc u la te t h e e n c r y p t e d v a lu e o f t h e s e le c te d f ile Lab Environment T o c a r r y o u t t h e la b , y o u n e e d : ” A d vanced E ncryption P a c k a g e l o c a t e d a t D:CEH-ToolsCEHv8 M odule 19 C ry ptographyC ryptography T oolsA dvanced E ncryption Package Ethical Hacking and Countermeasures Copyright © by EC-Council A ll Rights Reserved. Reproduction is Strictly Prohibited.
  • 14. M odule 19 - C ryptography ■ Y o u c a n a ls o d o w n lo a d d ie la te s t v e r s io n o f P ackage ■ fro m I f y o u d e c id e t o 1 1 1 t h e la b A dvanced E ncryption th e li n k h t t p : / / w w w . s e c u r e a c t io n . c o m / e n c r y p t io n la te s t v e rsio n , d o w n lo a d th e p ro / t h e n s c r e e n s h o ts s h o w n m ig h t d iff e r ■ F o llo w th e w iz a r d - d r iv e n in s t a lla t io n in s tr u c t io n s ■ R u n t in s t o o l 1 1 1 ■ A d m in is t r a t iv e p r iv ile g e s t o W indow s S e rv e r 2012 r u n to o ls Lab Duration T im e : 1 0 M in u t e s Overview of Advanced Encryption Package file sh re d d e r d i a t w i p e s o u t d i e c o n t e n t s W indows Explorer, a l l o w i n g y o u a v o i d h a v i n g a n o t h e r w indow c l u t t e r y o u r A d v a n c e d E n c r y p t io n P a c k a g e in c lu d e s a o f y o u r o n g u i a l t ile s . I t a ls o in t e g r a t e s m c e lv w i d i t o u s e E x p lo r e r 's c o n t e x t m e n u s a n d s c re e n . = TASK 1 Encrypting a File Lab Tasks 1. L a u n ch S ta rt th e m e n u b y h o v e r in g th e m o u s e c u r s o r o n th e lo w e r - le ft c o r n e r o f th e d e s k to p . ■3 Windows Server 2012 W d w vmir 2 0 3 <2‫ *י<א‬C aKo*srm.‫׳־‬ in o s ‫ 1< ו‬arxM L » t1 rc sy. B ild80:‫׳‬ v l*4 0 o u m Y o u can also m m do w n lo a d Advance F IG U R E 3.1: W indows Server 2012—D esktop view7 E n c ry p tio n Package fro m h ttp ://w w w .s e c u re a c tio n .c om 2. A d v an ced E ncryption P a c k a g e E ncryption P a c k a g e w i n d o w . C lic k th e a p p to < *rvor row Sw H r Control H/per-V Manager Advanced CrxryplKXi o 8 h ‫®י‬ Hyp«-V Virtual SQL Server installation S L V «? V Com and m S3 Workspace Studio Mozilla Prompt E“ 5 ■ « Nmap - ‫—יס‬ ‫*יי‬ A dvanced Administrator £ S ta rt fL o p e n th e HashCak o■ a F IG U R E 3.2: W in d o w s Server 2012 - A p ps C E H Lab Manual Page 927 Ethical Hacking and Countermeasures Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.
  • 15. M odule 19 - C ryptography 3. T h e R e g iste r A dvanced E ncryption P a c k a g e 2013 w in d o w a p p e a rs . C lic k t r ia l p e r io d Try Now!. Advanced Encryption Package 2013 Professional 01 1‫׳‬ Register Advanced Encryption Package 2013 Professional now You m ay use AEP PRO d urin g th e tria l period. It expires in 30 days. Please click Buy Now! if yo u w o u ld like to co n tin u e using it after th a t period. You can order th e registered version online. Im m ediate online delivery is available fro m w w w .aepp ro.com Try Now! 11 Buy Now! 1|~ Activate ]| Cancel F IG U R E 3.3: A c tiv a tio n W in d o w 4. T h e m a in w in d o w 111 th e o f A dvanced E ncryption P a c k a g e a p p e a rs , sh o w f o l i o w m g f ig u r e . Advanced Encwlion Package 2012 v5 67 ■ V<*i‫־‬n Trial . □ Fie E-M Options Tools Help ail > ►a m A d vance E n c ry p tio n c: Encrypt Package is easy to use fo r novices. || ZIP Delete > 2 * j[ SFX 01 || E-mail O | Decrypt Encryption Mode: Password ‫ | | ! ״‬PubkcKey I <■1 Password: □ 0 Again: Ridde: Algorithm: jD ESX 128-bit key v| [“ Pack file, then crypt Source Files r Delete after encryption I” Securely delete Wes Fiter C Show all files Set Output Folder (• Current folder [7 7 7] (• Apply filter... ------------------------------- |1 1 Apply ^ Custom: 1 1 1 — Logflmfl: Encrypt Now! m three b lo c k ciphers, A E S 128, A E S -192 and A E S - < > A dvanced E n c ry p tio n Package is a sym m etric-key en cryp tio n com prisin g F IG U R E 3.4: W elcom e screen o f A dvance E n c ry p tio n Package 5. 256. 6. S e l e c t t h e s a m p l e f i l e t o e n c r y p t . T h e t i l e i s l o c a t e d D:CEHToolsCEHv8 M odule 19 C ryptographyC ryptography T oolsA dvanced E ncryption P a c k a g e . 111 th e 7. C E H Lab Manual Page 928 E ncrypt. I t P a ssw o rd C lic k E ncrypt Now!. C lic k w ill a s k y o u to e n te r th e p a s s w o rd . T y p e f ie l d , a n d a g a in t y p e t h e p a s s w o r d i n th e th e p a s s w o rd A gain f ie ld . Ethical Hacking and Countemieasures Copyright © by EC-Council All Rights Reserved. Reproduction is Stricdy Prohibited.
  • 16. M odule 19 - C ryptography -rmm File E Mil O tio s T o H lp - a p n o ls e > fc C : A r a D: A ± CEH-Tods t> M CEHv Module 02 Footpmbng and Reconnaissance > CEHv Module 03 Scanrmg Networks t> >) C&tv Module 04 Enumeration ^ CEHv Module 05 System Hacking > J4 C&tv Module 07 Viruses and Worms a CEHv Module 18 Cryptography J Advance Enaypbon Package sppprn.m «i Sample File.docx t> M H 4h(JAk A > M 5 Calculator O » New folder ►‫ ״‬E: 8 8 8 8 8 8 0 13 1] [_ Encrypt | Delete O Decrypt L Z IP 1 6‫׳‬ ‫™־‬ SFX Encryption Mode: Password | [ Public Key ] Pwd 1 ( of 16) 6 E- Again: 2 “‫1־״״־‬ Riddle: 2* Algorithm: jD ESX r 128*it key v| Pack fite, then crypt Source FJes P Delete after enaypbon ■ Securely delete Files Fiter r Show all files Set Output Folder (• Current folder (• Apply filter... ‫ם‬ Apply & Tools d e m o n stra te d in th is lab a re available in D:CEHToolsCEHv8 Module 19 Cryptography F IG U R E 3.5: W elcom e screen o f Advance E n c ry p tio n Package T h e e n c r y p t e d s a m p le f ile c a n b e s h o w n 111 th e o r ig in a l t ile , a s s h o w n 1 1 1 t h e f o ll o w i n g s a m e lo c a tio n o f th e f ig u r e . Advanced Encryption Package 2012 Professional v5 67 • Trial Version File E Mil O tio s T o H lp - a p n o ls e .C: ± t> > > t> > a CEH-Tools CEHv Module 02 Footprntmg and Recormarssance CB‫־‬tv Module 03 Scamrxj Networks ,. CEHv Module 04 Enumeration j . CEHv Modiie 05 System Hacking J. C&tv Module 07 Viruses and Worms j . CEHv Module 18 Cryptography a J . Advance Encryption Package aeppro.msi g!* Sample File.docx I |« 3 Sample File.doot.aep| > J HashCalc M Calculator D5 , New folder 8 8 8 8 8 8 0 0 Encryption Mode: Password EE >J. 1 PQ: □C Riddle: Algorithm: D ESX 128■bit key I- Pack fie, then crypt Source Files P Delete after encryption f ” Securely delete Files Filter r Show all files Set Output Folder (• Current folder Q Apply Logg^g: 0 0 8 D D:CEH-T lsCEHv Module 18 CryptographyVVdvance Encryption Packaged Sample Fie.docx [18 K ] -> Sample F4e.docx.aep [18 K ] B B 0 Done. Processed 1files. Succeeded: 1. Failed: 0 0 Processed 18 K . Average speed: 18 KB/s B C E H Lab Manual Page 929 ^ | a v I Ethical Hacking and Countermeasures Copyright © by EC-Council All Rights Reserved. Reproduction is Stricdy Prohibited.
  • 17. M odule 19 - C ryptography F IG U R E 3.6: Encrypting the selected file 9. T o d e c r y p t d ie p r o m p t y o u to 10. C lic k D ecrypt; t ile , f i r s t s e le c t t h e e n c r y p t e d f ile . C l ic k it w ill e n te r th e p a s s w o rd . D ecrypt Now!. rc— Advanced Encryption Fie E- a O tio s lools H lp Mi p n e m ** CEH-Tods CEHv Module 02 Footpnntmg and Recomassance CEHv Module 03 Scamng Networks CEHv Module 04 Enumeration CEHv Module 05 System Hadang C&tv Module 07 Viruses and Worms CB‫־‬tv Module 18 Cryptography a ,. Advance Encryption Package $ aeppro.msi .*T! Sample File.docx |<3 Sample File.docx.aep | 8 8 8 8 8 8 J4 ,. ,. JA ^ I t creates encrypted self-extracting files to send as em ail attachm ents. I I Delete O | ZIP E-mai Decryption Mode: Password Pnv Key | Password: ....1 > ^ H sh a a Ck □E Find password on U Stock SB > J . M 5 Calculator O . New folder 1 Source fite(s): (• Leave it alone r Files Fiter r Show afl files Delete Set Ojtput Folder (• Current folder (• Apply filter... Q Apply Logging: 0 0 8 Q D CEH ls'CEHv Module 18 CryptographyWivance Encryption PackageV :V -T Sample Ne.docx [18 K ] -> Sample He.docx.aep [18KB] B 0 Done. Processed 1 files. Succeeded: 1. Faled: 0 0 Processed 18 K . Average speed: 18 KB/s B F IG U R E 3.7: D e c ry p tin g tlie selected file Lab Analysis A n a l y z e a n d d o c u m e n t d i e r e s u lt s r e la t e d t o t l i e la b e x e r c is e . P L E A S E T A L K T O Y O U R I N S T R U C T O R R E L A T E D T o o l/U tility I n f o r m a tio n T O T H I S I F Y O U H A V E Q U E S T I O N S L A B . C o lle c te d /O b je c tiv e s A c h ie v e d A d v a n c e E n c r y p t io n C E H Lab Manual Page 930 O u tp u t: E n c ry p te d s im p le F ile . d o c x . a p e Ethical Hacking and Countermeasures Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.
  • 18. M odule 19 - C ryptography P a cka g e Questions 1. W h ic h a lg o r it h m d o e s A d v a n c e d E n c r y p t io n P a cka g e use to p ro te c t s e n s itiv e d o c u m e n ts ? 2. Is th e r e a n y o t h e r w a y t o p r o t e c t th e u s e o f p r iv a t e k e y t ile w i t h a p a s s w o rd ? I n te r n e t □ C o n n e c tio n Y e s R e q u ir e d C E H Lab Manual Page 931 N o 0 P la tfo r m 0 !L a b s S u p p o rte d Ethical Hacking and Countenneasures Copyright © by EC-Council A ll Rights Reserved. Reproduction is Stricdy Prohibited.
  • 19. M odule 19 - C ryptography B a s ic D a ta E n c r y p tin g U s in g T r u e C r y p t Tru eCrypt is a s fw r sse for e t bis in a d m in in g a o -hfly ot ae yt m sa l h g n a ta in n nt e e cy t dv lu e (d soa e d vc ). O - e e cy to ma sthat d ta is n r pe o m ata t r g e i e n th fly n r pi n e n a a to a aye a p do d cy t drightbf r it is lo d do s v d nithouta y u m tic ll n y te r e r pe eoe a e r ae , n u e inev nio . sr t re t n I CON KEY / V a lu a b le Lab Scenario C iT x is a b illio n - d o lla r c o m p a n y and d o e s n o t w a n t to ta k e chances 0 1‫ ־‬r is k th e in f o r m a t i o n d a ta >> Test your k n o w le d g e — m W e b e x e r c is e s to re d in fo r m a tio n , W o r k b o o k r e v ie w la p to p s . c u s to m e r d a ta to b e lo s t t o d is k e n c r y p t io n e n c ry p ts it s 0 11 a ll d a ta d a ta , a n y o f it s These and la p to p s f in a n c ia l in f o r m a t io n . c o m p e t it o r s . T h e its c o n ta in to p ro te c t 0 11 a s y s te m , in c lu d in g d a ta fro m C iT x p r o p r ie t a r y C iT x c a n n o t a ffo rd C o m p a n y p r e y in g eyes. f ile s , f o ld e r s and s ta rte d F u ll th e d is k uses one 0 1‫ ־‬m o re c r y p to g r a p h ic keys to u s in g e n c ry p t its fu ll e n c r y p t io n o p e r a t in g T i n s is m o s t a p p r o p r i a t e w h e n t h e p h y s i c a l s e c u r i t y o f t h e s y s t e m E n c r y p t io n p a rtn e r s y s te m . is n o t a s s u r e d . and d e c ry p t th e d a ta th a t th e y p r o te c t. Lab Objectives T h i s la b w i l l g iv e y o u e x p e r ie n c e 0 1 1 e n c r y p t in g d a t a a n d s h o w y o u h o w I t w ill te a c h y o u h o w ■ C E H Lab Manual Page 932 U s e e n c r y p tin g /d e c r y p tin g c o m m a n d s ■ & Tools d e m o n stra te d in th is lab a re available in D:CEHToolsCEHv 8 Module 19 Cryptography t o d o it . to : C re a te a v ir t u a l e n c r y p te d d is k w i t h a file Lab Environment T o c a r r y o u t t h e la b , y o u n e e d : ■ T rueC rypt l o c a t e d a t D:CEH-T00lsCEHv 8 M odule 19 C ryptographyD isk E ncryption ToolsT rueC rypt ■ Y o u c a n a ls o d o w n lo a d t h e la te s t v e r s io n o f T rueC rypt fro m th e lin k h t t p : / / w w w .t r u e c r v p t . o r g / d o w n lo a d s Ethical Hacking and Countemieasures Copyright © by EC-Council All Rights Reserved. Reproduction is Stricdy Prohibited.
  • 20. M odule 19 - C ryptography ■ I f y o u d e c id e t o 1 1 1 t h e la b d o w n lo a d d ie la te s t v ersio n , d ie n s c r e e n s h o ts s h o w n m ig h t d iff e r th e w izard-driven in sta lla tio n ■ F oU ow ■ R u n t in s t o o l 11 1 ■ A d m in is t r a t iv e p r iv ile g e s t o in s tr u c t io n s W indow s S e rv e r 2012 r u n to o ls Lab Duration T im e : 1 0 ]M in u te s Overview of TrueCrypt TrueCrypt is a s o f t w a r e a p p l i c a t i o n u s e d f o r o n - d i e - f l y e n c r y p t i o n ( O T F E ) . I t i s d i s t r i b u t e d w i t h o u t c o s t , a n d d i e s o u r c e c o d e is a v a ila b le . I t c a n c r e a t e a en cry p ted disk B TASK 1 C reate a Volume virtual w i d i u i a t ile o r e n c r y p t a p a r t it io n o r a n e n t ir e s to r a g e d e v ic e . Lab Tasks 1. L a u n c h th e S ta rt m e n u b y h o v e r in g th e m o u s e c u r s o r o n th e lo w e r - le lt c o r n e r o f th e d e s k to p . F IG U R E 4.1: W indows Server 2012—Desktop view 2. m C lic k th e T rueC rypt a p p to o p e n th e T rueC rypt w in d o w . Y o u can also do w n lo a d T ru e cryp t fro m h t tp : / /w w w .true crypt.o rg F IG U R E 4.2: W in d o w s Server 2012 - A p ps 3. C E H Lab Manual Page 933 T h e T rueC rypt m a in w in d o w a p p e a rs . Ethical Hacking and Countermeasures Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.
  • 21. M odule 19 - C ryptography 4. S e le c t t h e d e s ir e d v o l u m e to C re a te Volume. TrueCrypt □ Volumes m b e e n c r y p te d a n d c lic k T ru e C ry p t is a Drive softw are app lica tion used System Favorites Tools Settings Help Homepage Size Volume Encryption algorithm Typ e a f o r o n -th e -fly e ncryption (O T F E ). I t is distrib u te d e : ‫־‬ ^TT w ith o u t cost and die source code is available. *» : #K *#*l: >^N: "^O: s * ‫ ״‬P: s-Q: «^R: x^»T : Volume Properties... Create Volume Wipe Cache Volume - T ru e C ry p t have die m 1 a b ility to create and ru n a h idden encrypted operating W Select File. Never save history Volume Tools. Select Device. system w hose existence m ay be denied. Auto-Mount Devices Dismount All Exit F IG U R E 4.3: T ru e C ry p t M a in W in d o w W ith Create V o lu m e O p tio n ‫.כ‬ 6. m IM P O R T A N T : N o te th a t T ru e C ry p t w ill n o t encrypt any existing files (w hen creating a T ru e C ry p t file container). I f y o u select an existing file in d iis step, i t w ill be o v e rw ritte n and replaced b y the new ly created vo lu m e (so the o v e rw ritte n file w ill be lost, n o t encrypted). Y o u w ill be able to encrypt existing files (later on) b y m o v in g d ie m to the T ru e C ry p t vo lu m e th a t we are creating now . T h e S e l e c t the C re a te an e n c ry p te d file c o n ta in e r option. creates a virUial encrypted disk w ithin a tile. T rueC rypt V olum e C reatio n W izard B y d e fa u lt, th e C lic k □ N ext w in d o w a p p e a rs . C re a te an e n c ry p te d file c o n ta in e r T h is opdon o p t i o n is s e le c te d . to p ro c e e d . TrueCrypt Volume Creation Wizard TrueCrypt Volume Creation Wizard ‫ ׳‬Create an encrypted file container • Creates a vrtual encrypted disk within a file. Recommended for inexperienced users. More mformabon Encrypt a non-system partition/drive Encrypts a non-system partition on any internal or external drive (e.g. a flash drive). Optionally, creates a hidden volume. Encrypt the system partition or entire system drive Encrypts the partition/drive where Windows is installed. Anyone who wants to gain access and use the system, read and write files, etc., will need to enter the correct password each time before Windows boots. Optionally, aeates a hidden system. More information about system encryption Help < Back Next > Cancel F IG U R E 4.4: T ru e C ry p t V o lu m e C reation W izard-C reate E n c ry p te d File C ontainer C E H Lab Manual Page 934 Ethical Hacking and Countenneasures Copyright © by EC-Council All Rights Reserved. Reproduction is Stricdy Prohibited.
  • 22. M odule 19 - C ryptography 8. 11 1 th e n e x t s te p o f th e w iz a r d , c h o o s e th e 9. S e le c t S ta n d a rd T rueC rypt volum e; ty p e o f v o lu m e . norm al th is c re a te s a T ru e C ry p t v o lu m e . 10. N ext C lic k to p ro c e e d . rzz------------------------------------------------------------------- 1 1‫^ ״‬ — □ TrueCrypt Volume Creation Wizard Volume Type | ♦ Standard TrueCrypt volume | Select this option if you want to create a normal TrueCrypt volume. N o te : A fte r you co p y existing unencrypted files to a T ru e C ryp t volum e , yo u should C securely erase (,wipe) the o rig in a l unencrypted files. T he re are softw are tools Hidden TrueCrypt volume It may happen that you are forced by somebody to reveal the password to an encrypted volume. There are many situations where you cannot reflise to reveal the password (for example, due to extortion). Using a so-called hidden volume allows you to solve such situations without revealing the password to your volume. th a t can be used f o r the purpose o f secure erasure (m any o f them are free). More information about hidden volumes < Back F IG U R E 4.5: T ru e C ry p t V o lu m e Creation W iz a rd -V o lu m e Type 1 1 . 111 t h e n e x t w i z a r d , s e l e c t t h e V olum e Location. S e le c t File..., 1 2 . C lic k w ‫־‬ TrueCrypt Volume Creation Wizard Volume Location [ * Never save history m A TrueCrypt volume can reside in a file (called TrueCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A TrueCrypt container is just like any normal file Ot can be, for example, moved or deleted as any normal file). Click ,Select File' to choose a filename for the container and to select the location where you wish the container to be created. T ru e C ry p t supports a conce pt called plausible deniability. WARNING: I f you select an existing file, TrueCrypt will NOT encrypt it; the file w i be deleted and replaced with the newly created TrueCrypt container. You will be able to encrypt existing files (later on) by moving them to the TrueCrypt container that you are about to create now. Help | < Back | Next > | Cancel F IG U R E 4.6: T ru e C ry p t V o lu m e C reation W iz a rd -V o lu m e L o c a tio n 13. T h e s ta n d a r d W in d o w s C reation W izard 1 4 . S e le c t a d e s ir e d C E H Lab Manual Page 935 file w in d o w s e le c to r a p p e a rs . T h e T rueC rypt Volum e r e m a in s o p e n 1 1 1 t h e b a c k g r o u n d . lo cation ; p r o v id e a File nam e ancl Save it . Ethical Hacking and Countermeasures Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.
  • 23. M odule 19 - C ryptography □ Specify Path and File Name © © ‫״‬ ^ [" - Organize ▼ Documents > ^ M usic a Search Documents Name 8/8/2012 2:22 PM File folder J i Snagit 8/7/2012 11:42 PM File folder J i SQL Server M anagem ent Studio Videos Date m odified J i Hyper-V - Pictures t> § ‫־‬r C New folder > 0 t> S V ► Libraries ► Documents 8/9/2012 5:40 PM File folder 9/4/2012 2:58 PM File folder Visual Studio 2010 | Type ^ 1 9 C om puter >ib Local Disk (C:) T h e m ode o f P 1_ * Local Disk (D:) o p e ratio n used b y T ru e C ry p t fo r encrypted > <_* Local Disk (E:) m p a rtitions, drives, and v irtu a l volum es is X T S . t % = Network V File name: >‫ו‬ ‫ייי‬ MyVolum e Save as type: A ll Files (‫ף.״‬ Hide Folders F IG U R E 4.7: W in d o w s Standard-Specify P ath and F ile N a m e W in d o w 1 5 . A f t e r s a v in g th e f ile , th e V olum e L ocation w iz a r d c o n tin u e s . C lic k N ext to p ro c e e d . □ TrueCrypt Volume Creation Wizard Volume Location [ C:VJsefsAdministrat0 r p 0 QjmentsV>1 yV0 ▼j Select File.‫״‬ I W Never save history m A TrueCrypt volume can reside in a file (called TrueCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A TrueCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. T ru e C ry p t volum es d o n o t contain k n o w n file headers and th e ir content is indistinguishable fro m ra n d o m data. WARNING: I f you select an existing file, TrueCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created TrueCrypt container. You will be able to encrypt existing files (later on) by moving them to the TrueCrypt container that you are about to create now. Help < Back | Next > j Cancel F IG U R E 4.8: T ru e C ry p t V o lu m e C reation W iz a rd -V o lu m e L o c a tio n 16. E ncryption O p tions 17. S e le c t a p p e a r 111 th e w iz a r d . AES E ncryption A lgorithm N ext. and RIPEMD-160 H ash A lgorithm a n d c lic k C E H Lab Manual Page 936 Ethical Hacking and Countermeasures Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.
  • 24. M odule 19 - C ryptography r = ------------------------------------------------------------L3 TrueCrypt Volume Creation Wizard Encryption Options m T ru e C ry p t curre ntly Test supports d ie fo llo w in g hash algorithm s: ‫־‬ FlPS-approved cipher (Rjjndael, published in 1998) that may be used by U.S. government departments and agencies to protect classified information up to the Top Secret level. 256-bit key, 128-bit block, 14 rounds (AES-256). Mode of operation is XTS. R IP E M D - 160 ■ S H A -512 More information on AES Benchmark I ■ W h irlp o o l Hash Algorithm |RIPEMD-160 ]▼] Information on hash algorithms F IG U R E 4.9: T ru e C ry p t V o lu m e C reation W iz a rd -E n c ry p tio n O p tio n s 1 8 . 111 t h e n e x t s t e p , V olum e Size o p t io n a p p e a rs . 1 9 . S p e c if ) * t h e s iz e o f t h e T r u e C r y p t c o n t a i n e r t o b e 2 m e g a b y te a n d c lic k Next. TrueCrypt Volume Creation Wizard □ Volume Size C kb <* MB c GB Free space on drive C: is 10.47 G B N o te : T he b u tto n " N e x t " w ill be disabled Please specify the size o f the container you want to create. u n til passwords in b o th in p u t fields are the same. I f you create a dynamic (sparse-file) container, this parameter w l specify its maximum possible size. Note that the minimum possible size of a FAT volume is 292 KB. The minimum possible size o f an NTFS volume is 3792 KB. F IG U R E 4.10: T ru e C ry p t V o lu m e C reation W iz a rd -V o lu m e Size 20. T h e V olum e P a ssw o rd o p t io n a p p e a r s . T h i s is o n e im p o r t a n t s te p s . R e a d th e in f o r m a t io n o f th e m o s t d is p la y e d 1 1 1 t h e w i z a r d w i n d o w o n w h a t is c o n s id e r e d a g o o d p a s s w o r d c a r e f u ll y . 2 1 . P r o v id e Confirm C E H Lab Manual Page 937 a g o o d p a s s w o r d 11 1 th e f ir s t in p u t f ie ld , r e - ty p e i t 11 1 th e f ie ld , a n d c lic k Next. Ethical Hacking and Countenneasures Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.
  • 25. M odule 19 - C ryptography □ TrueCrypt Volum e Creation Wizard |- |□ Volume Password Password: Confirm: | r Keyfiles... Usekeyfiles V~ Display password m ------------* It is very important that you choose a good password. You should avoid choosing one that contains only a single word that can be found in a dictionary (or a combination o f 2, 3, or 4 such words). It should not contain any names or dates of birth. It should not be easy to guess. A good password is a random combination of upper and lower case letters, numbers, and special characters, such as @ A = $ * + etc. We recommend choosing a password consisting o f more than 20 characters (the longer, the better). The maximum possible length is 64 characters. T h e lo nger yo u m ove the mouse, the better. T his s ig nifican tly increases the c r y p to g r a p h ic s t r e n g t h o f the en cryp tio n keys. Help | < Back | Next > | Cancel FAT F ilesy stem , a n d set F IG U R E 4.11: T ru e C ry p t V o lu m e C reation W iz a rd -V o lu m e Password 22. T h e d ie V olum e F o rm at o p t i o n D efault. a p p e a r s . S e le c t c lu s te r t o 2 3 . M o v e y o u r m o u s e as r a n d o m ly as p o s s ib le w i t h i n W iz a r d w in d o w 24. C lic k th e V olum e C reatio n a t le a s t t o r 3 0 s e c o n d s . Form at. " [3 TrueC rypt V o lum e C reatio n W izard |— | ‫ם‬ Volume Format Options - Filesystem m Cluster |Default ▼] 1 “ Dynamic Random Pool: 933382CB6290ED4B3&33B13E03911ESE-J17 Header Key: Master Key: T ru e C ry p t volum es have n o "signature" o r I D strings. U n til decrypted, they appear to consist solely o f ra ndom data. Done Speed Left IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength o f the encryption keys. Then dick Format to create the volume. < Back | Format | Cancel F IG U R E 4.12: T ru e C ry p t V o lu m e C reation W iz a rd -V o lu m e F o rm a t 2 5 . A f t e r c lic k in g c re a te a f ile F orm at v o l u m e MyVolume c a lle d c r e a t io n b e g m s . T r u e C r y p t w i l l n o w 111 th e p r o v id e d o n th e T r u e C r y p t c o n ta in e r ( it w ill c o n ta in f o ld e r . T in s f ile depends th e e n c ry p te d T r u e C r y p t v o lu m e ) . 2 6 . D e p e n d in g o n t h e s iz e o f t h e v o l u m e , t h e v o l u m e c r e a t i o n m a y t a k e a lo n g t im e . A f t e r i t f in is h e s , t h e C E H Lab Manual Page 938 f o ll o w i n g d ia lo g b o x a p p e a r s . Ethical Hacking and Countemieasures Copyright © by EC-Council All Rights Reserved. Reproduction is Stricdy Prohibited.
  • 26. M odule 19 - C ryptography TrueCrypt Volume Creation Wizard m Free space o n each o T ru e C ry p t vo lu m e is fille d T he TrueC ryp t vo lu m e has been su ccessfully created. w ith ra n d o m data w h e n die vo lu m e is created. OK F IG U R E 4.13: T ru e C ry p t V o lu m e C reatio n W iz a rd - V o lu m e Successfully Created D ia lo g B o x 27. OK C lic k 28. Y o u to c lo s e t h e d ia lo g b o x . h a v e s u c c e s s f u lly c r e a t e d a T r u e C r y p t v o lu m e 2 9 . 111 t h e T rueC rypt V olum e C reatio n □ ( file c o n ta in e r ) . w iz a r d w in d o w , c lic k Exit. TrueCrypt Volume Creation Wizard _ □ x Volume Created 1y=! T ru e C ry p t is unable The TrueCrypt volume has been created and is ready for use. I f you wish to create another TrueCrypt volume, dick Next. Otherwise, dick Exit. to secure data o n a c o m p u te r i f an attacker physically accessed it and T ru e C ry p t is used o n the com prom ised co m puter by the user again. [II 1^1 Help < Back F IG U R E 4.14: T ru e C ry p t V o lu m e C reation W iz a rd -V o lu m e Created 30. T o Mount a Volume C E H Lab Manual Page 939 m o u n t a v o lu m e , la u n c h 3 1 . 111 t h e m a i n w i n d o w o f TrueC rypt. TrueC rypt. c lic k S e le c t File... Ethical Hacking and Countermeasures Copyright © by EC-Council All Rights Reserved. Reproduction is Stricdy Prohibited.
  • 27. M odule 19 - C ryptography □ TrueCrypt Volum es m System Favorites Tools Settings Help H om epage M o u n t op tio n s affect the param eters o f the vo lu m e being m ounted. T ire M o u n t O p tio n s dialog can be opened by clickin g o n the M o u n t O p tio n s b u tto n in tlie passw ord en try dialog. Wipe Cache Create Volume j j H H hH Select File... | r Iv Never save history Volume Tools... Auto-Mount Devices Select Device... Dismount All F IG U R E 4.15: T ru e C ry p t M a in W in d o w w ith Select F ile B u tto n 32. T h e s ta n d a r d tile 3 3 . 111 t h e t i l e s e le c to r w in d o w s e le c to r , b r o w s e t o a p p e a rs . t h e c o n t a in e r t ile , s e le c t t h e f ile , a n d c lic k Open. Select a TrueCrypt Volum e B ( ^ 1 ( 1* > ' 7 ) ) ^ Organize ▼ 13 ■ Desktop J Downloa (. ^ op tio n s can be config ure d in the m ain program Recent p J* Music Name Date modified 8/8/2012 2:22 PM 1 . SQL Server Management Studio , Visual Studio 2010 File folder 8/7/2012 11:42 PM Hyper-V J t Snagit Type File folder 8/9/2012 5:40 PM File folder 9/4/2012 2:58 PM Size File folder 9/25/2012 3:02 PM * ^1 ® C | | Search Documents SE E preferences (Settings ‫)־‬ Preferences). v New folder * " if Favorites £ U i D e fa u lt m o u n t * Libraries ► Documents File Libraries ( j Documei > Music t> B Pictures >3 Videos * ;P» Computer I L Local Dis ' File name: | MyVolume v | All Files (*.*) Open Cancel F IG U R E 4.16: W in d o w s Standard File Selector W in d o w 3 4 . T lie t ile s e le c to r w in d o w d is a p p e a r s a n d r e tu r n s to th e m a in TrueC rypt w in d o w . C E H Lab Manual Page 940 Ethical Hacking and Countermeasures Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.
  • 28. M odule 19 - C ryptography 3 5 . 111 t h e m a i n T rueC rypt w in d o w , c lic k □ Mount. TrueC rypt Volum es Drive System Favorites Tools Settings Help H om epage Volume Size Encryption algorithm Type /s <*»G: --»‫ ״‬L T h is o p tio n can be ■>-»P set in the passw ord entry dialog so d ia t it w ill apply '-■*Q o n ly to th a t p articular m o u n t attem pt. I t can also be set as default in the Preferences. N *S s^T m - Create Volume Volume Properties... Wipe Cache I Volume | C:VJsersAdministratorVDocumentsWyVolume ‫ב־‬ 17 Never save history Volume Tools... Auto-Mount Devices Select Device... Dismount All F IG U R E 4.17: T ru e C ry p t M a in W in d o w w ith M o u n t B u tto n 36. T h e m W h e n a corre ct passw ord is cached, volum es are autom atically m o u n te d after you clic k M o u n t. I f yo u need to change m o u n t o ptio ns f o r a vo lu m e being m ounted using a cached password, h o ld d o w n d ie C o n tro l 37. T yp e P a ssw o rd p rom pt th e p a s s w o rd P a ssw o rd d ia lo g w in d o w a p p e a rs . ( w h ic h y o u s p e c if ie d e a r lie r f o r t in s v o lu m e ) i n in p u t f ie ld a n d c lic k th e OK. ------------------------- 1 ---------------------------- 1-----------------------Enter password for C:UsersAdministratorDocu...MyVolume Password: (C trl) key w h ile clicking M o u n t, o r select M o u n t 3C3CXX:3CXXX3Cxj F w ith O p tio n s fro m the V o lu m e s menu. OK Cache passwords and keyfiles in memory Cancel I‫ ־־‬Display password [‫ ”־‬U sekeyfiles K eyfiles... Mount O ptions... F IG U R E 4.18: T ru e C ry p t Password W in d o w 38. T ru e C ry p t n o w a t t e m p t s t o m o u n t t h e v o l u m e . A f t e r t h e p a s s w o r d is v e r if ie d , T r u e C r y p t w i ll m o u n t th e v o lu m e . C E H Lab Manual Page 941 Ethical Hacking and Countenneasures Copyright © by EC-Council All Rights Reserved. Reproduction is Stricdy Prohibited.
  • 29. M odule 19 - C ryptography m N o data stored o n an encrypted vo lu m e can be read (decrypted) w ith o u t using the corre ct password o r corre ct e n cryp tio n key. F IG U R E 4.19: T ru e C ry p t M a in W in d o w 3 9 . M y V o lu m e h a s s u c c e s s f u lly m o u n t e d 4 0 . T h e v i r t u a l d i s k is e n t i r e l y e n c r y p t e d th e c o n ta in e r as a v ir t u a l d is k I:. ( in c lu d in g f ile n a m e s , a llo c a t io n ta b le s , t r e e s p a c e , e tc .) a n d b e h a v e s li k e a r e a l d is k . 41. Y o u c a n s a v e ( o r c o p y , m o v e , e tc .) t ile s t o t in s v ir m a l d is k a n d t h e y w i l l b e e n c r y p te d o n th e f ly as th e y a re b e in g w r itt e n . 42. T o d i s m o u n t a v o lu m e , s e le c t d ie v o l u m e D ism ount. C E H Lab Manual Page 942 t o d is m o u n t a n d c lic k T h e v o l u m e is d is m o u n t e d . Ethical Hacking and Countermeasures Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.
  • 30. M odule 19 - C ryptography □ 1 TrueCrypt Volumes System Favorites Tools Settings Help -i °r» H om epage Drive I Volume Size I Encryption algorithm Type ^ •■-Hi I: C:yjsersAdministrator documents V^lyVolume ‫־‬ «*»K • ‫״‬M W »^N •+*0 s*P s*.Q U UJ T ru e C ry p t cannot 5 «*««S autom atically d ism o u n t all m o unted T ru e C ry p t ■^T volum es o n system sh u td o w n /re sta rt. Create Volume Volume Properties... | Wipe Cache Volume 1C:VJsersAdministrator documents V^lyVolume ­ ‫פ‬ I? Never save history Volume Tools.. Auto-Mount Devices _ Select File... Select Device... j . Dismount All F IG U R E 4.20: T ru e C ry p t M a in W in d o w w ith D is m o u n t B u tto n Lab Analysis A n a l y z e a n d d o c u m e n t d i e r e s u lt s r e la t e d t o d i e la b e x e r c is e . P L E A S E T A L K T O Y O U R I N S T R U C T O R R E L A T E D T o o l/ U t ility T O In fo r m a tio n E n c ry p te d I F T H I S Y O U H A V E Q U E S T I O N S L A B . C o lle c te d /O b je c t iv e s A c h ie v e d V o lu m e : I T ru e C ry p t V o lu m e F ile S y s te m : F A T Questions 1. D e t e r m in e w h e t h e r t h e r e is a n y w a y t o re c o v e r th e f ile s f r o m th e T r u e C r y p t v o lu m e i f y o u fo r g e t th e v o lu m e p a s s w o rd . 2. E v a lu a t e w h e t h e r T r u e C r y p t u s e s a n y t r u s t e d p r o g r a m ( T P M ) to p r e v e n t a tta c k s . I f y e s , h n d C E H Lab Manual Page 943 m o d u le o u t th e r e le v a n t T P M . Ethical Hacking and Countemieasures Copyright © by EC-Council All Rights Reserved. Reproduction is Stricdy Prohibited.
  • 31. M odule 19 - C ryptography In te rn e t C onnectio n R equired □ Yes 0 No P la tfo rm Supported 0 Classroom C E H Lab Manual Page 944 0 !L abs Ethical Hacking and Countermeasures Copyright © by EC-Council A ll Rights Reserved. Reproduction is Stricdy Prohibited.
  • 32. M odule 19 - C ryptography Lab B a s ic D a ta E n c r y p t in g U s in g C ry p T o o l CiypTool is a freeware program that enables yon to apply and anajy-^e cryptographic mechanisms. It has the typical look andfeel of a modern Windows application. CrypTool includes every state-of-the-art cryptographic function and allows yon to learn and use cryptography within the same environment. I CON KEY L a b S c e n a r io /Valuable information M security initiatives are defensive strategies aim at protecting the ost ed perim of the netw B these efforts m ignore a crucial vulnerability: eter ork. ut ay sensitive data stored 0 netw 11 orked servers is at risk from attackers who only need to find one w inside the netw to access this confidential inform ay ork ation. A dditionally, perim defenses like firew cannot protect stored sensitive eter alls data fromthe internal threat of em ployees w the m to access and exploit ith eans this data. Encryption can provide strong security for sensitive data stored 0 11 local or netw servers. 111 order to be an expert ethical hacker and penetration ork tester, you m have know of cryptography functions. ust ledge > Test your > know ledge — Web exercise m Workbook review L a b O b je c t iv e s This labw give you experience 0 encryptingdata and showyou howto do it. ill 11 It w teach you howto: ill & Tools ■ U encrypting/decrypting com ands se m dem onstrated in ■ V isualize several algorithm s this lab are available in ■ C alculate hashvalues and analysis D E:C H T E v8 oolsC H L a b E n v ir o n m e n t M 19 odule C ryptography To carryout the lab, you need: ■ C ool located at D E -T 0 E v8M 19 rypT :C H 0 lsC H odule CryptographyCryptanalysis ToolsC rypTool C E H Lab Manual Page 945 Ethical Hacking and Countermeasures Copyright © by EC-Council A ll Rights Reserved. Reproduction is Stricdy Prohibited.
  • 33. M odule 19 - C ryptography ■ Y can also dow ou nload the latest version of C ool fromthe link rypT http:/ /w w w .cn~ptool.org/en/download-ctl -en ■ If you decide to dow nload the latest version, then screenshots show n 111 the lab m differ ight ■ Followthe w izard-driven installation instructions ■ R tliis tool 0 W s Server 2012 host m un 11 indow achine ■ A inistrative privileges to nin the tool dm ca C y T o i afe r p o l s re e l a i gapiainfr - e m n plcto o Wnos idw. L a b D u r a t io n T e: 1 M im 0 inutes O v e r v ie w o f C r y p T o o l C ool is atree, open-source e-leam application used111theim entation rypT ing plem andanalysis ot cryptographic algorithm It w onguiallydesignedfor internal s. as business application for inform securitytraining. ation — TAS K 1 Encrypting the D ata Lab Tasks 1 Launch the Start m byhovering the m cursor 0 the low . enu ouse 11 er-left corner of the desktop. : | Windows Server 2 12 0 Wfxs eeX Blcc Cr idt Dtcn if evSrvr )V eaa ad ae aaet Y e fwajo cp.M 5* c ur i oy O 4 ■ I . ■ FIGURE 51W n o sSre 2 1 —D s t pv e .: i d w evr 0 2 e k o i w 2. C the C ool app to open the C lick rypT rypTool w . indow m You c nas a lo dwla CyTo fo onod rpol rm h t:/w.rpolog tp/wwcyto.r Server Manager Windows PowerShell Fa. T Computer Control Panel Q ? Command Prompt Workspace Studio Mozilla Firefox e FT‫־‬ Hyper-V Manager CrypTool 9 t‫נ‬ Google Chrome m C l Hyper-V Virtual Machine... SQL Server Installation Center... 3 ‫■ 3־‬ Nmap Zenmap GUI HashCalc o m FIGURE 52 W ndowsSre 2 1 —A p .: i evr 0 2 p s C E H Lab Manual Page 946 Ethical Hacking and Countermeasures Copyright © by EC-Council All Rights Reserved. Reproduction is Stricdy Prohibited.
  • 34. M odule 19 - C ryptography 3. The H to Start dialog box appears. C D showthis dialog ow heck on’t again and click C lose. How to Start m 16 41 F6 4F CrypTool is a free e-learning program, designed to demonstrate the application and analysis of encryption algorithms. 6 8 6 FB A BB CrypTool includes an extensive online help database. Context-sensitive information can be accessed by pressing the F1 key while selecting any menu item or viewing any dialog box. If you press the F1 key now. the online help vill present an introduction to CrypTool Have fun! 4K B 1 4F 2C Close [* IDon't show this dialog again m C y T o Oln r p o l nie p o i e a ectn isgt r v d s n xiig nih it tew r do no h o l f c y t l g w t avrey r p o o y i h ait o cpesa de c y t o f ihr n n r p i n mdos eid. FIGURE 53 How t SatD a o Window .: o tr i l g 4. The m w am indowot C ool appears, as show in die follow rypT n ing figure. C die startingexample-en.txt w lose indowin C ool. rypT CrypTool 1.4.31 Beta 5 [VS2010] - startingexample-en.txt File Edit View Enjrypt/Decrypt Digital Signatures/PKI p|cg|tflHiai x i» la l * M Jndiv. Procedures Analysis Qptions Window Help W l FIGURE 54 satneapee.x windowi C y T o .: trigxml-ntt n rpol 5 To encrypt die desired data, clickthe File option and select N from . ew die m bar. enu C E H Lab Manual Page 947 Ethical Hacking and Countermeasures Copyright © by EC-Council All Rights Reserved. Reproduction is Stricdy Prohibited.
  • 35. M odule 19 - C ryptography 0 -°T CrypTool 1.4.31 Beta 5 [VS2010] File 1 Edit View Encrypt/Decrypt Digital Signatures/PKI N ew Ctrl+N Open... Analysis Options W in d o w x Help f|¥?| Ctrl♦ 0 Close | Indiv. Procedures Ctrl+F4 Save Ctrl+S Save as... D ocum ent Properties... Print... Ctrl♦ P Print Setup... Recent Files Alt+F4 Exit 1 l L I Creates a new docum ent FIGURE 55 C y T o M i Window .: r p o l a n 05 C y T o w s =! r p o l a oiial d s g e fr rgnly e i n d o itra bsns nenl uies apiainfri f r a i n plcto o n o m t o scrt. euiy 6 Type a fewlines 111 the opened Unnam Notepad of C ool. . edl rypT 7. On the m bar, select Encrypt/D enu ecrypt. Sym etric (m m odern), and select anyencryptingalgorithm . 8 Select the R 2 encryptingalgorithm . C . CrypTool 1.4.31 Beta 5 [VS2010] ‫ ־‬U nnam edl File Edit View ^ n c r y p ^ D e c r y p ^ Digital Signatu es/PKI Dla‫־‬r U f Indiv. Procedures Analysis Options W in d o w Help Sym m etric (classic) Sym m etric (m odem ) Asym m etric RC2... Hybrid RC4... The CrypTool portal is a centralized place forj project- The CrypTool project develops the w < programs in the area of cryptography and cry DES (ECB)... DES (C B Q ... Triple DES (ECB)... Triple DES (CBC)... Rijndael (AES)... Shift + Strg + R Further Algorithm s A ES (self extracting)... Encryption / decryption with RC2 L:1 C:227 P:227 NUM FIGURE 56 Slc teRC2 E c y tag r t m .: eet h n r p loih 9 11the K E R 2w . 1 ey ntry: C izard, select K length fromthe dropey dow list n 1 . Enter the keyusinghexadecim characters and click Encrypt. 0 al C E H Lab Manual Page 948 Ethical Hacking and Countenneasures Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.
  • 36. M odule 19 - C ryptography Key Entry: RC2 Enter the key using hexadecimal characters (0..9, A..F). Key length: Encrypt ! bits ‫3־‬ Decrypt Cancel FIGURE 57 SlcigKeyL n t i teh x d c m lcaatr .: eetn e g h n h e a e i a hrce 1 . R 2 encryption of U ed1notepad w appear as show 111 the 1 C nnam ill n follow figure. ing RC2 encryption of <Unnamed1>, key <00> m C y T o icue r p o l nlds eeysaeo-h-r vr tt-fteat cytgahcfnto a d rporpi ucin n alw y ut l a a due los o o e m n s cytgah wti des m rporpy ihn i a e e vrnet n iomn. 4 2 4 7 4 00000000 E 5 4 2 1 IB A 7 E 6 D IB C 5 F 3 6 D E 7 0000000c 40 73 6E 09 A 3A 9 FI 24 El C A 2 D 9 D 7 3 5 6 8 3 D F C 00000018 A 4 3 B 2 B 3 2 4 6 2 B 00000024 9 C C 4 5 8 E 9 7 4 4 E B 8 9 B 7 7 2 6 1 8 6 3 00000030 6 4 4 1 A 2 2 4 5 C 0 4 B F 1 2 E A B 2 7 C 9 3 B C 4 4 2 C 8 B B 1 0000003C D 2 F 9 E A C 6 9 6 0 7 D6 6 8 8 7 B 6 6 7 9 4 8 A 00000048 9 9 7 5 4 A E B 9 9 3 7 00000054 B A 7 C 2 8 5 5 A 9 8 F E 9 A E B 1 8 0 0 4 C 4 A 7 A 2 8 C 8 00000060 D E 8 A 6 BD 5 5 IB B 8 E 7 Al A 7 A A 6 2 2 4 F 0 9 C 0000006C 2 9 B D D B 6 2 4 4 4 F 00000078 F 3 0 5 5 0 8 7 B 7 4 4 3 0 2 F B 3 B 7 9 6 1 E 00000084 9 0 7 8 3 C 3 6 B F E 0 6 A 2 1 A 7 0 A B 8 4 8 8 0 0 B A 9 4 8 D A B D 00000090 C 0 F 8 E B 8 C B 2 F 9 0000009C 6 2 3 9 B 6 D 5 ID F C F B D C 1 9 E D D 8 3D nnnnnrufi F 8 F 17 3 5 1F 3 7 ? ‫ ח‬an 9 ‫ח‬ ‫ח 9 ? ח‬ 9 4 9 0 0 ■ .U #...r .g.. O ten .1=.#.6(Cm/. ...KU ...qHF. kO ..*+BU..C A l . b ..........k.q ..x K W 8 z ..z. +.XP _ _ _ ....UZ....x. * b$0@ I. .0._[..w .vAN . .r . : .0 j. . . . * k-<..n.].... 9 ■rl 1 - FIGURE 58 O t u o RC2 e c y t ddt .: u p t f n r p e aa L a b A n a ly s is A nalyzeanddocum dieresults relatedto dielabexercise. ent P LE AS E TALK TO YOUR I NSTRUCTOR IF YOU HAVE QUESTIONS RE L A T E D TO THI S LAB. Tool/Utility CrypTool C EH Lab Manual Page 949 Information Collected/Objectives Achieved Encrypted Algorithm R 2 : C Result: Encrypted data for selected text Ethical Hacking and Countermeasures Copyright © by EC-Council All Rights Reserved. Reproduction is Stricdy Prohibited.
  • 37. M odule 19 - C ryptography Q u e s t io n s 1 W are the alternatives to C . liat rvpTool for encrypting data? 2. H canyou differentiate betw encrypting data 111 CrypTool and ow een other encrypting tools? Internet Connection Required □Y es Platform Supported 0 Classroom C E H Lab Manual Page 950 0 No 0 1L abs Ethical Hacking and Countermeasures Copyright © by EC-Council A ll Rights Reserved. Reproduction is Strictly Prohibited.
  • 38. M odule 19 - C ryptography E n c r y p t in g U s in g a n d D e c r y p t in g D a ta B C T e x tE n c o d e r B C TextE 11 code/* simplifies encoding and decoding text data. Plaintext data is compressed, encrypted, and convetted to text format, which can then he easily copied to the clipboard or saved as a textfile. I CON KEY [£ 7Valuable Z information Test your know ledge — Web ex ercise m Workbook review L a b S c e n a r io 111 order to be an expert ethical hacker and penetration tester you m ust have know of cryptography functions. ledge L a b O b je c t iv e s Tins labw give you experience 0 encryptingdata and showyou howto do it. ill 11 It w teach you howto: ill ■ U encode/decode text data encryptedw apassw se ith ord L a b E n v ir o n m e n t & Tools dem onstrated in this lab are available in D E:C H T E v8 oolsC H M 19 odule C ryptography To carryout the lab, you need: ■ BCTextEncoder located at D E -T 0 E v8M 19 :C H 0 lsC H odule CryptographyCryptography ToolsBCTextEncoder ■ Y can also dow ou nload the latest version of BCTextEncoder fromthe link http://www.jet1c0.com/e11ciT 10 -bctexte11c0 pt 11 der/ ■ If vou decide to dow nload the latest version, then screenshots show n 111 the lab m differ ight ■ Run tins tool 0 W s Server 2012 host m 11 indow achine ■ A inistrative privileges to run the tool dm L a b D u r a t io n T 1M une: 0 inutes C E H Lab Manual Page 951 Ethical Hacking and Countenneasures Copyright © by EC-Council A ll Rights Reserved. Reproduction is Strictly Prohibited.
  • 39. M odule 19 - C ryptography O v e r v ie w o f B C T e x t E n c o d e r B TextEncoder uses public keyencryption m C ethods asw aspassw ell ord-based encryption. T utilitysoftw uses strongandapprovedsym etric andpublic ins are m keyalgonthm for data encryption. s a T» s ■ 1 Encrypting the D ata Lab T asks 1 D . ouble-click the BCTextEncoder.exe file. The m w ain indowof BCTextEncoder appears, as displayed111 the follow figure. ing L‫ ־‬I ° ‫- ׳‬ B T xtE co e U C e n d r tility v 1 0 . .0 .6 File Edit Key Options [3 0 Decoded plain text: Help s? ? Encode by: password vI I Encode | A I m You c nas a lo dwla BTxEcdr onod Cetnoe fo rm h t : / w .eiocm t p / w wjtc.o V Encoded text: [_ Decode ] A V FIGURE61 M i w n o o B T x E c d r .: a n i d w f C e t n o e 2 To encrypt the text, type die text 111 C . lipboard (O ) select the secret R data and put it to clipboardw C V ith trl+ . C E H Lab Manual Page 952 Ethical Hacking and Countemieasures Copyright © by EC-Council All Rights Reserved. Reproduction is Stricdy Prohibited.
  • 40. M odule 19 - C ryptography m BTxEcdr Cetnoe uiie tefloig tlzs h olwn e c y t o agrtm: n r p i n loihs • ZLIBc m r s i n opeso a grtm loih • AES (inal Rjde) e c y t o a g r t mfr n r p i n loih o p s w r bsd a s o d ae ecy t o nrp i n • RSA a y m t i smerc e c y t o a g r t mfr n r pi n l oih o pbi k ye c y t o ul c e n r p i n 3. C Encode. The Enter Password w lick indoww appear. Set the ill passw and confirmthe sam passw 111 the respective fields. ord e ord 4 C O. . lick K ‫־ ^ די‬ B T xtE co e U C e n d r tility v 1 0 . .0 .6 File Edit Key Options Help Decoded plain text: 130 B Encode by: Login Usern Passw password E te p ssw rd n r a o Session key algorithm AES-256 Password: B TextEncoder is C intended for fast encoding and decoding text data •••••••••‫׳‬ Cancel Confirm : Encoded text: FIGURE 63 Stdep s w r frec y t o .: e i a s o d o n r p i n 5 The encoded text appears, as show111 the follow figure. . ing C E H Lab Manual Page 953 Ethical Hacking and Countermeasures Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.
  • 41. M odule 19 - C ryptography BCTextEncoder Utility v. 1.00.6 File Edit Key Options Decoded plain text: 128 B m Ti m i a v n a e le a n d a t g o B T x E c d ri f Cetnoe s s p o to pbi k y u p r f ulc e ecyto. nrpin 1 1 °‫־‬ X Help Encode by: password v| | Encode | A Login Infomation: Username:samchoang®yahoo.com Password:asdfgh V [ Encoded text: 664 B Decode A - BEGIN ENCODED MESSAGEVersion: BCTextEncoder Utility v. 1.00.6 wy4ECQMCDgigsNHLCPBgULNwLKVwVmExFmiL/zkMcw9wj0hkL7w/dsw2sfC51pJ3 OnABN+yXn 12R9NYpU6NlvNRNFwV +S9hLNrkA6A3eBumfSyNE70qdguFmjYs8yhV0 b5b5-fblmROaUBQjcYNM5XqpnTi4pfbsspMtTMzQgXATaiEEcS8 MhEgyPqpdUrR5 pmeRQVEVQY0 8 GUbT+HiOyS40 - END ENCODED MESSAGE- FIGURE 64 E c d dtx .: n o e et 3 t as k 2 D ecryptingthe D ata 6 To decrypt the data, you first clean the D . ecoded plain text clipboard. 7. C the Decode button lick FIGURE 65 D c d n tedt .: e o i g h aa 8 The Enter password for encoding text w w appear. Enter . idow ill the passw 111 the Password held, and click O . ord K C E H Lab Manual Page 954 Ethical Hacking and Countermeasures Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.
  • 42. M odule 19 - C ryptography B T xtE co e U C e n d r tility v 1 0 . .0 .6 File Edit Key Options Help Encode by; Decoded plain text: £fl B A c i eicue C r h v nlds teBC KeyM n g ruiiy h a a e tlt t m n g y u own o a a e or pbi/ertk ypi a ulcsce e ar s w l a pb i k y y u e l s ulc e s o h v rci e f o o h r a e eevd r m t e pol epe password E te p ssw rd for encoding text n r a o Encoded text -Session key packet Password : Cancel Encoded text: 664 B [ Decode - BEGIN ENCODED MESSAGEVersion: BCTextEncoder Utility v. 1.00.6 wy4ECQMCDgigsNHLCPBgULNwLKVwVmExFmiL/zkMcw-9wj0hkL7w/dsw2sfC5JpJ3 OnABN+yXn 12R9NYpU6NlvNRNFwV+S9hLNrkA6A3eBumfSyNE70qdguFmjYs8yhVo b5b5-fbJmROaUBQjcYNM5XqpnTi4pfbsspMtTMzQgXATaiEEcS8 MhEgyPqpdL)rR5 pmeRQVEVQY0 8 GUbT+HiOyS+ 0 - END ENCODED MESSAGE- FIGURE 66 E t rtep s w r frd c d n .: n e h a s o d o e o i g 9D . ecoded plaintext appears as show in the follow figure. n ing 5 B T xtE co e U C e n d r tility v 1 0 . .0 .6 " File Edit Key Options Decoded plan text: 128 B B TextEncoder C not onlyencrypts, but also compresses the data L“ T n x Help Encode by: |password v| |~ Encode Login Infomation: Username:samchoang®yahoo.com Password:asdfgh / V Encoded text: 664 B Decoded by password — -BEGIN ENCODED MESSAGEVersion: BCTextEncoder Utility v. 1.00.6 | Decode [7 ] wy4 ECQMCDg1 gsNHLCPBgULNwLKVwVmExFm1 L/zkMcw9 wj0 hkL7w/dsw2sfC5Jp J3 OnABN+yXn12R9NYpU6NlvNRNFwV +S9hLNrkA6A3eBumfSyNE70qdguFmjYs8yhVo b5b5+bJmR0aUBQjcYNM5XqpnTi4pfbsspMtTMzQgXATaiEEcS8 MhEgyPqpdUrR5 pmeRQVEVQY08 GUbT-H yS+ -liO 0 - END ENCODED MESSAGE- FIGURE 67 O t u d c d dtx .: u p t e o e et L a b A n a ly s is A nalyzeanddocum dieresults relatedtodielabexercise. ent C E H Lab Manual Page 955 Ethical Hacking and Countemieasures Copyright © by EC-Council All Rights Reserved. Reproduction is Stricdy Prohibited.
  • 43. M odule 19 - C ryptography PL EA S E TALK TO YOUR INSTRUCTOR IF YOU HAVE QUESTIONS R EL A TE D TO THI S LAB. Tool/Utility BCTText Encoder Information Collected/Objectives Achieved Result: Encoding and D ecoding text for selected data Q u e s t io n s 1 H canyou differentiate betw encryptingor decrypting the data in . ow een BCTextEncoder and other encrypting tools? Internet Connection Required □Y es Platform Supported 0 Classroom C E H Lab Manual Page 956 0 No Ethical Hacking and Countenneasures Copyright © by EC-Council A ll Rights Reserved. Reproduction is Stricdy Prohibited.
  • 44. M odule 19 - C ryptography Lab B a s ic R o h o s D a ta D is k E n c r y p t in g U s in g E n c r y p t io n The Rohos D isk Encryption-program creates hidden andprotectedpartitions on the computer or U SB flash drive andpasswordprotects/locks access toyour Internet applications. I CON KEY [£ 7Valuable Z information Test your know ledge — Web ex ercise m Workbook review L a b S c e n a r io Today's w brow autom eb sers atically encrypt text w m hen aking a connection to a secure server. This prevents intruders from listening in on private com unications. Even if they are able to capture the m m essage, encryption allow them to only view scram text or w m call unreadable s bled hat any gibberish. Upon arrival, the data is decrypted, allow the intended recipient to ing view the m essage 111 its original form 111 order to be an expert ethical hacker . and penetration tester, you m have know of cryptography functions. ust ledge L a b O b je c t iv e s Tins labw give you experience on encryptingdata and showyou howto do it. ill It w teachyou howto: ill ■ U encrypting/decrypting com ands se m ■ C aviruial encrypted diskw a file reate ith L a b E n v ir o n m e n t To carry out the lab, you need: & Tools ■ Rohos D Encryption located at D EH isk :C -ToolsC v8M EH odule19 dem onstrated in CryptographyD Encryption ToolsRohos D Encryption isk isk this labare ■ Y can also dow ou nload the latest version of Rohos D Encryption isk available in fromthe linkhttp:/ /www.rohos.com /products/rohos-disk-encryption/ D E:C H T E v8 oolsC H ■ If you decide to dow nload the latest version, then screenshots show n M 19 odule 111 the lab m differ ight C ryptography ■ Followthe w izard-driven installation instructions C E H Lab Manual Page 957 Ethical Hacking and Countemieasures Copyright © by EC-Council All Rights Reserved. Reproduction is Stricdy Prohibited.
  • 45. M odule 19 - C ryptography ■ R diis tool 0 W s Server 2012 host m un 11 indow achine ■ A inistrative privileges to run the tool dm L a b D u r a t io n T e: 10M im inutes O v e r v ie w o f R o h o s D is k E n c r y p t io n R D Encryption creates hidden and passw protected partitions 0 the olios isk ord 11 com or U Bflash drive w m puter S ith egabytes of sensitive tiles and private data 0 11 your com or U B drive. R D uses N -approved A S encryption puter S ohos isk IST E algoridim and 256 bit encryption keylength. Encryption is autom and on-the, atic fly . TAS K 1 Installation of R D ohos isk E ncryption Lab T asks 1 To install R D Encryption, navigate to D E -T lsC H 8 . ohos isk :C H 00 E v M 19 C odule ryptographyD Encryption ToolsRohos D isk isk Encryption. 2 D . ouble-click the rohos.exe tile/ Select the language English and click O. K Select Setup Language S le the languag to u durin the e ct e se g installation: Eg h n lis O K y=H Youc nas a lo d w l a R h sf o onod o o rm ht:/w.oo.o tp/wwrhscm C E H Lab Manual Page 958 Cn l a ce FIGURE71 Slc deL n u g .: eet i a g a e 3 The Setup w . indowappears. R the instruction and click N ead ext. Ethical Hacking and Countenneasures Copyright © by EC-Council All Rights Reserved. Reproduction is Stricdy Prohibited.
  • 46. M odule 19 - C ryptography Setup - Rohos Disk Encryption W elcome to the Rohos Disk Encryption Setup W izard s This will install Rohos Disk 1.9 on your computer. It is recommended that you dose all other applications before continuing. Pral R h sD s otbe o o i k B o s ralw t u e r w e los o s e c y t dpriino a y n r p e atto n n PC w t o tAdminrgt, ihu ihs w t o tisal i h u ntl. m © Release Date: 06.07.2012 15:31:09 Cancel FIGURE 72 R h sstpw z r .: o o eu i a d 4. The Licence Agreem w ent indoww appear. R the agreem ill ead ent carefullyand select the I accept the agreement radio button 5 C N . lick ext. Setup - Rohos Disk Encryption License A greem ent Please read the following important information before continuing. Please read the following License Agreement. You must accept the terms of this agreement before continuing with the installation. ca Encryptioni s Tesline-Service S.R.L. http://www.rohos.com/ a t m t ca do-h-l. u o a i n ntefy AES 2 6btk ylnt. 5 i e egh U i gNISTc m l a t sn opin e c y t o s a drs n r p i n t n ad □ License for use and distribution The Rohos Logon and Rohos Disk Encryption ('Rohos') are distributed as try-before-you-buy. This means: 1. All copyrights to Rohos are exclusively owned by the authors - ® I accept the agreement O I do not accept the agreement < Back Cancel FIGURE 73 L c n ea r e e twi o .: i e s g e m n nd w 6 C N . lick ext. C E H Lab Manual Page 959 Ethical Hacking and Countemieasures Copyright © by EC-Council All Rights Reserved. Reproduction is Stricdy Prohibited.
  • 47. M odule 19 - C ryptography File V irtualization: prevents secret data leak outside encrypted disk on T M folders, EP Registry, Recent documents list, etc. m Anyfe rfle c n i o odr a l b eslm v dit e aiy o e no E c y t dR h sD s wt n r p e o o i k ih srdigatrad. hedn fewrs FIGURE 75 cetn R h sd s t pi o .: raig o o e k o c n C Install. R D Encryption is readyto install. lick ohos isk C E H Lab Manual Page 960 Ethical Hacking and Countermeasures Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.
  • 48. M odule 19 - C ryptography Setup ‫ ־‬Rohos Disk Encryption Ready to Install Setup is now ready to begin installing Rohos Disk Encryption on your computer. Click Install to continue with the installation, or dick Back if you want to review or change any settings. A Start Menu folder: Rohos Additional tasks: Additional icons: Create a desktop icon m S c r dvra e u e iml k y o r -poet e b a d rtc e c y t dds p s w r n r p e ik a s o d f o aky o g r r m elge V l> < < Back Install Cancel FIGURE 76 R h sds e c y t o isalto .: o o ik n r p i n ntlain 9 C Finish. . lick _ Setup - Rohos Disk Encryption ‫ם‬ Com pleting the Rohos Disk Encryption Setup W izard S © o Setup has finished installing Rohos Disk Encryption on your computer. The application may be launched by selecting the installed icons. Click Finish to exit Setup. 0 Launch Rohos Disk Finish FIGURE 77 C m l t isalto o R h sds e c y t o .: o p e e ntlain f o o ik n r p i n TAS K 2 D Encryption isk C E H Lab Manual Page 961 1 . The Rohos G Ready W w 0 et izard indoww appear. Specifythe ill passw to access the disk111 the respective field. ord 11. C N lick ext. 12 A . lternatively, you can alsolaunch the programtromthe Start m enu apps ofW s Server 2012. indow Ethical Hacking and Countenneasures Copyright © by EC-Council All Rights Reserved. Reproduction is Stricdy Prohibited.
  • 49. M odule 19 - C ryptography R ohos G R et eady W izard Step 1 of 3 Disk Encryption This wizard helps you create your personal encrypted disk. You can use it to store sensitive files and folders. The disk will be protected by a password. The wizard has determined best parameters for the disk but you may change it using 'details' link. Encrypted Rohos disk size 5000 Megabytes, disk letter R :. Disk container path: D ocum entsrdisk0.rdi. [Change...] tilR h sds ue es o o ik ss NISTa p o e AES prvd e c y t o agrtm 2 6 n r p i n loih, 5 bte c y t o k ylnt. i n r p i n e egh Specify password to access disk: Confirm password: You can change disk parameters later on in Rohos Center window Press ,Next'. E it x Skip this Wizard... Nx > et FIGURE 78 Slc p s w r fracs ds .: eet a s o d o ces ik 1 . The Setup U BK w 3 S ey indowappears. R the inform ead ation, and click N ext. R ohos G R et eady W izard step 2 of 3 Setup U B K S ey If you have a USB key, you can use it to access your Rohos disk, so you don't have to manually enter the password every time. ca R h scrsa o t o o ae b u uaiiy Y u frt sblt: o r is E c y t dD i ec nb nrpe rv a e t r e o w t asnl u n d n i h ige ciko atmtclyo lc r uoaial n s s e satp y t m tru. Plug it in and choose check boxes to setup USB Key. If you don't have a USB flash drive, dick ,Next'. Please insert you r USB device. [Change...] Setup this USB device : To access your Rohos disk Learn more.. Press 'Next'. E it x Skip this Wizard... Nx > et FIGURE 79 Slc USB k ydvc .: eet e ei e 1 . The Rohos Updates w 4 indowappears. C Finish. lick C E H Lab Manual Page 962 Ethical Hacking and Countermeasures Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.
  • 50. M odule 19 - C ryptography R ohos G R et eady W izard Finish Rohos Updates With Rohos Center you can check for updates over an Internet connection.You will have a chance to see what's new in Rohos and update size, and to download and install update instantly. Inform ation: R ra■ 16.2g . J z? lall Priinp s w r atto a s o d rsto t o alw cetn ee p i n los raig ab c u fl t acs y u a k p ie o ces o r s c r dds i y ufro e u e ik f o o g t y u p s w r o ls USB o r a s o d r ot ky e. You may dose Rohos Center window and Rohos will continue to run in taskbar (near the dock). Find and use Rohos disk icon through Save As/Open dialog within MS Office and others applications. It is strongly recommended to create a Password R eset File for Rohos disk to prevent forgotten password. Press 'Finish' to create Rohos disk and open Rohos Center. Exit Skip this Wizard. Finish FIGURE 71:R h sds e c y t o u d t w n w .0 o o ik n r p i n p a e i do 15 The encrypted diskis created successfully, as show 111 follow . n ing figure. Rohos D Encryption isk Roh I Support m Ti o to big hs pin rns afral a dAES2 6 fodbe n 5 srnt ecyto slto tegh nrpin ouin t i p o escrt ise b o m r v euiy sus y peetn uadoie rvnig nuirzd acs t y u Itre ap, ces o o r nent ps sc a G o l C r m , uh s o g e h o e Frfx ieo Q Help.. Disk i connected. Encrypted Disk (R:) s I Size: 4.88 GB. Free space: 4.82 GB. Disconnect Browse Tools... Hide folder l_ (£ ) Options Hide and encrypt a particular folder from PC into Rohos Disk. Setup disk auto start, disconnect hotkeys and other options. Change password Setup USB Key Specify new password to access Rohos disk. Setup USB stick as a hardware key to access Rohos disk. •? Encrypt USB drive I _* Create protected partition on your USB flash drive. ■ ■ ‫י‬ ■ Connect more... Create another one... Create Rohos Disk within media file Restore Rohos disk. 30-day trial period. 30 days left. Purchase License. FIGURE 71:Scesu ceto o e c y t dds .1 ucsfl rain f n r p e ik 16 To decrypt the disk, click D . isconnect. C E H Lab Manual Page 963 Ethical Hacking and Countermeasures Copyright © by EC-Council All Rights Reserved. Reproduction is Stricdy Prohibited.
  • 51. M odule 19 - C ryptography - 1° p m i R h s D E cryp n o o isk n tio Roh s ‫ ן‬Support Disk is connected. Encrypted Disk (R:) Size; 4.88 GB. Free space: 4.82 GB. Disconnect | Browse Tools... I w a n t t o ... p*2!! Hide folder i— e> Hide and encrypt a particular folder from PC into Rohos Disk. Change password Specify new password to access Rohos disk. 0 •‫ז‬ 'a Encrypt USB drive £ Options Setup disk auto start, disconnect hotkeys and other options. Create protected partition on your USB flash drive. Setup USB Key Setup USB stick as a hardware key to access Rohos disk. ■ ■ ■ ■ Connect more... Create another one... Create Rohos Disk within media file Restore Rohos disk. 30-day trial period. 30 days left. Purchase License. HU Youc no e 01 Sv a p n ae y u poetdd c m n s o r rtce o u e t rgtf o MSWord(xe) ih r m Ecl b cikn o deproa y lcig n i esnl ds io. ik cn FIGURE 71:D c y tteds .2 e r p h ik 17 Atter decrypting the disk, it w be displayed, as show 111 the . ill n follow figure. ing R h s D E cryp n o o isk n tio Roh^s <3 Updates £ Support Q Help.. Primary Rohos disk is not connected. f t Connect disk I w a n t t o ... p a, Hide folder Options L .(2) Hide and encrypt a particular folder from PC into Rohos Disk. Setup disk auto start, disconnect hotkeys and other options. Change password Setup USB Key Specify new password to access Rohos disk. Setup USB stick as a hardware key to access Rohos disk. Encrypt USB drive ■ ■ ■ ■ Create protected partition on your USB flash drive. Connect more... Create another one... Create Rohos Disk within media file Restore Rohos disk. 30-day trial period. 30 days left. Purchase License. FIGURE 71:D c y tteds .3 e r p h ik L a b A n a ly s is A nalyzeanddocum theresults relatedtothelabexercise. ent C E H Lab Manual Page 964 Ethical Hacking and Countermeasures Copyright © by EC-Council All Rights Reserved. Reproduction is Stricdy Prohibited.
  • 52. M odule 19 - C ryptography PL EA S E TALK TO YOUR INSTRUCTOR IF YOU HAVE QUESTIONS R EL A TE D TO THI S LAB. Tool/Utility Rohos D isk Encryption Information Collected/Objectives Achieved Result: Successful connection of encrypted disk Q u e s t io n s 1 D ine whether there is anyw to recover the files fromRohos . eterm ay D Encryption if you forget the volum passw isk e ord. Internet Connection Required □ Yes 0 No Platform Supported 0 Classroom C E H Lab Manual Page 965 0 !Labs Ethical Hacking and Countermeasures Copyright © by EC-Council A ll Rights Reserved. Reproduction is Stricdy Prohibited.