Posts

Showing posts from July, 2021

Methodology [ nmap & Hydra ]

Image
Live Hosts getting  target IP Address scanning  all TCP ports more enumeration  on unknown ports & FTP brute force with hydra FTP logging on FTP with acquired  pass downloading FLAG MD5 & SHA sums for FLAG

Methodology [ nmap & Metasploit ]

Image
  Find Machine find Machine & OS discovery script Vulnerability  Scan exploiting using   vulnerability  scan results (ms17-010) Post Exploitation Enable RDP get hashed login passwords

Hashing vs Encryption

Image
What is Hashing? Hashing is the process of changing a plain text or a key to a hashed value by applying a hash function. Usually, the input length is greater in size than the output hash value. Hashing is a one-way encryption process such that a hash value cannot be reverse engineered to get to the original plain text. Hashing is used in encryption to secure the information shared between two parties. The passwords are transformed into hash values so that even if a security breach occurs, PINs stay protected. We have already shared information about Hashing Parameters which you can read. How Does Hashing Work? Two different keys can produce identical hash value which results in a collision. For hashing to work efficiently, you should modify the hashing algorithm so that there are minimum chances of collision. The hashing algorithms then produce different hash values for alternate keys. Some key characteristics of hashing include: One input string should have one specific hash value Has

HMAC Algorithm

Image
  HMAC Algorithm in Computer Network HMAC algorithm   stands for Hashed or Hash based   Message Authentication Code . It is a result of work done on developing a MAC derived from cryptographic hash functions. HMAC is a great resistant towards cryptanalysis attacks as it uses the Hashing concept twice. HMAC consists of twin benefits of Hashing and MAC, and thus is more secure than any other authentication codes. RFC 2104 has issued HMAC, and HMAC has been made compulsory to implement in IP security. The FIPS 198 NIST standard has also issued HMAC. The Hash Function, HMAC is also aimed to be one way, i.e.  easy to generate output from input but complex the other way round. It aims at being less effected by collisions than the hash functions. HMAC reuses the algorithms like MD5 and SHA-1 and checks to replace the embedded hash functions with more secure hash functions, in case found. HMAC tries to handle the Keys in more simple manner. HMAC algorithm – The working of HMAC starts with taki

Hash functions

Image
The meaning of the verb “to hash” – to chop or scramble something – provides a clue as to what hash functions do to data. That’s right, they “ scramble ” data and convert it into a numerical value. And no matter how long the input is,   the output value is always of the same length . Hash functions are also referred to as hashing algorithms or message digest functions. They are used across many areas of computer science, for example: To encrypt communication between web servers and browsers, and generate session IDs for internet applications and data caching To protect sensitive data such as passwords, web analytics, and payment details To add digital signatures to emails To locate identical or similar data sets via lookup functions  Definition A  hash function  converts strings of different length into fixed-length strings known as hash values or digests. You can use hashing to scramble passwords into strings of authorized characters for example. The output values cannot be inverted t

PKI [ Public key infrastructure ]

Image
PKI:  Public key infrastructure is something that establishes and manages public key encryption and digital signature services.  For public key encryption to work, digital keys and certificates need to be created, stored, distributed, managed, revoked, used and so on. PKI allows for encryption to do all of these things with software, hardware, protocols, policies, processes and services. PKI enables what we call public key encryption (aka asymmetric encryption) to be able to use two keys. One key encrypts while the other decrypts. The two keys used are the public key and the private key. The keys are aptly named as one key is available to the public and the other one is private. Who Are the Key Players Involved in PKI? There are three main elements to PKI: The key pair , which we just covered is one of them. Certificate authorities (CAs)  are another. CAs are trusted third-party bodies that develop and manage digital certificates. Trusted is the key word there as CAs hold the prestigio

AES vs DES encryption

Image
  AES vs DES encryption algorithm What Is a Symmetric Block Cipher? An example of some of the components of a symmetric block cipher (symmetric encryption). To know what DES vs AES actually means, you first need to understand what a symmetric block cipher is. Also known as symmetric encryption algorithm, a block cipher is a cryptographic algorithm that turns plaintext data into encrypted text (also known as ciphertext). To give you an example, a block cipher might turn “Apple” into something like “2e$5kv7fg*=v#.” The transformation from plaintext to ciphertext is carried out using what’s known as a symmetric encryption key, which is a mathematical function. Basically, upon applying this key, the plaintext is turned into blocks of a certain size that are then encrypted. Because it’s a symmetric key, it can also decrypt the encrypted text, which reverts it to its original form. Modern block ciphers: Are fast and can process vast amounts of data.  Because they’re able to handle this bette