Monthly Archives: January 2013

by

CRYPTOGRAPHIC HASH OF A FILE

Cryptographic hash functions take an input of arbitrary length and produces a message digest that is of a fixed, short length.The digest is called the “hash” of the input.In cryptographic hash function,instead of encrypting the whole message with the secret key, only the message digest is encrypted.

Algorithms used for determine the cryptographic hash of a message is MD5 and SHA1

MD5 Message-Digest Algorithm is a widely uses cryptographic hash function that produces a 128-bits hash values.It is commonly used in security applications and also used for checking the data integrity.It is not suitable for applications like digital signature and ssl certificate.

SHA1 is stands for Secure Hashing Algorithm.This is the most widely used of the existing SHA hash functions, and is used in several  applications and protocols.

How to find the data integrity using cryptographic hash function

Basic Steps:

Create a file

Create a file with some content in it.

For example out.txt

Finding Cryptographic Hash function using MD5

Execute the following command in the terminal

$  md5sum <file_name.txt>

Output of this file is a hash value.For out.txt i got

2196fb4aea7a750b32eb3c9abcedc89b  out.txt as its hash value.

Checking the integrity using MD5

Make some modification in the file that we are created.And calculate the hash value using MD5.For a small variation in the data,we can seen that the hash value is changed.

For example:When i change the content in out.txt, the corresponding hash value i got was

f00755d751964fddf6196f047fc674ea  out.txt

Finding Cryptographic Hash function using SH1

sha1sum <file_name.txt>

The above command generate the cryptographic hash value.

The cryptographic hash function for out.txt is

7011dd2d9ad3e336c727683ac2031825e1721021  out.txt

Checking the integrity using SH1

After modifying the file and again calculate the hash function using SH1.For out.txt we got the value 50544c5dd3218b1be60ad15479ac6e06cefd2234  out.txt

From this it is clear that even a small change in the data can identified by using the hash function. If the data is not modified the hash value remains the same.So this cryptographic hash function is used to check the data integrity.

by

Which one is faster:Assymertic key encryption or symmertic key encryption

Basic steps:

Install OpenSSL

$ sudo apt-get install openssl

Generate public key-private key

$ openssl req -x509 -nodes -days 30 -newkey rsa:2048 -keyout private.pem
 -out public.pem

Create files of different sizes

$ dd if=/dev/zero of=100mb bs=1MB count=100

Using the above command we can create several files of different size.

Run the assymmertic and symmertic shell code and calculate the time taken for each files.

File size in mb

Assymertic(time in ms)

Symmertic(time in ms)

100

602

330

200

1000

538

500

4038

1783

1000

8153

4030

The above table contains the file sizes and the corresponding time taken for assymertic and symmertic key encryption.

Plot the graph using gnuplot.

Install gnuplot

$ sudo apt-get install gnuplot

Ploting the graph

Use the following commands to plot the graph

 gnuplot> set xlabel “Time in milli seconds”

gnuplot> set ylabel “File size in MB”

gnuplot> plot “assymertic” using 2:1 with lines,”symmertic” using 2:1 with lines

assymertic contains the file sizes and the corresponding time for assymertic key.

symmertic also contains the file sizes and the corresponding time for symmertic key.

Graph

Image

From the graph, we can conclude that assymertic key encryption is more time consuming than symmertic key encryption.Symmertic is faster.

by

NETCAT

Netcat uses TCP/UDP protocol, which reads and writes data across network connections.This is tool to do some bidirectional network communication over these TCP/IP protocol.It can run on both Linux and Windows.Netcat can be used as port scanner, a backdoor, a port redirector, a port listen,file transferring,telnet usage.

Chat using Netcat

Chat between host A and host B

Install netcat in ubundu

$ sudo apt-get install netcat-traditional

In machine a,go to terminal and type

$ nc -l -p <port_no.>

The Netcat binary is called nc and can often be found at /bin/nc on a Linux system.

In machine b,type

$ nc <ip_address of A> <port_no.>

NCAT

Ncat is a modern version of Netcat.Nmap also comes with a netcat implementation called ncat.Ncat adds many capabilities in nmap, including SSL support, proxy connections, IPv6, and connection brokering.

by

Nmap(Network Mapper)

Nmap is a free, open-source port scanner available for both LINIX and Windows.They are designed to detect any ports on a computer and to determine which services may be running on those ports. Nmap uses the IP packets for determining what hosts are available on the network, what services (application name and version) those hosts are offering,they are, what type of firewalls are in use.It can also be used to ‘fingerprint’ the Operating System of the target machine – by analysing the manner in which the machine responds to the scan, NMap can make a guess as to what OS the target may be running.

Nmap installation

In Ubuntu,nmap is installed using the syntax

$ sudo apt-get install nmap

Nmap Port Scanning

Nmap port scanning gives the port and services opened by the target machine.Port can be scanned by using the ip address of the target machine.

$ nmap <ip address of target machine>
 eg: nmap 10.30.52.155

If you run the above command, your terminal will look like this:

Starting Nmap 5.21 ( http://nmap.org ) at 2013-01-29 20:35 IST
Nmap scan report for localhost (10.30.52.155)
Host is up (0.00020s latency).
Not shown: 994 closed ports
PORT STATE SERVICE
22/tcp open ssh
23/tcp open telnet
53/tcp open domain
80/tcp open http
631/tcp open ipp
3306/tcp open mysql
Nmap done: 1 IP address (1 host up) scanned in 0.04 seconds
OS fingerprint detection using Nmap
Nmap fingerprinting tool identifies a base OS or service version number by its TCP/IP response’s unique characteristics in the target machine.
$ sudo nmap -w -O <ip address of target machine>

eg:sudo nmap -w -O 10.30.52.155

[sudo] password for student:

If you run the above command, your terminal will look like this:

Starting Nmap 5.21 ( http://nmap.org ) at 2013-01-29 21:15 IST

Nmap scan report for 10.30.52.155

Host is up (0.00082s latency).

Not shown: 995 closed ports

PORT STATE SERVICE

22/tcp open ssh

23/tcp open telnet

80/tcp open http

139/tcp open netbios-ssn

445/tcp open microsoft-ds

MAC Address: A0:B3:CC:F7:8D:64 (Unknown)

No exact OS matches for host (If you know what OS is running on it, see http://nmap.org/submit/ ).

TCP/IP fingerprint:

OS:SCAN(V=5.21%D=1/29%OT=22%CT=1%CU=35746%PV=Y%DS=1%DC=

D%G=Y%M=A0B3CC%TM=51

OS:07EEBB%P=x86_64-unknown-linux-gnu)SEQ(SP=102%GCD=1%ISR=108%TI=Z%CI=Z%II=

OS:I%TS=8)OPS(O1=M5B4ST11NW7%O2=M5B4ST11NW7%O3=M5B4NNT11

NW7%O4=M5B4ST11NW7%OS:O5=M5B4ST11NW7%O6=M5B4ST11)WIN(W1=

3890%W2=3890%W3=3890%W4=3890%W5=3890%W

OS:6=3890)ECN(R=Y%DF=Y%T=40%W=3908%O=M5B4NNSNW7%CC=Y%Q=)

T1(R=Y%DF=Y%T=40%S=

OS:O%A=S+%F=AS%RD=0%Q=)T2(R=N)T3(R=N)T4(R=Y%DF=Y%T=40%W=

0%S=A%A=Z%F=R%O=%RD

OS:=0%Q=)T5(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)T6(R=Y%DF=Y%T=40%W=0

OS:%S=A%A=Z%F=R%O=%RD=0%Q=)T7(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)U1

OS:(R=Y%DF=N%T=40%IPL=164%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK

=G%RUD=G)IE(R=Y%DFI

OS:=N%T=40%CD=S)

by

Passwordless Login With SSH Keygen

Secure Shell (SSH) is known as Secure Socket Shell.It is a UNIX-based command interface and protocol for securely getting access to a remote computer.It provide a secure channel connection over a insecure channel.It was designed as a replacement for Telnet.SSH uses public-key cryptography to authenticate the remote computer and allow it to authenticate the user.

SSH is often used to login from one system to another without requiring passwords.

Basic Steps:

Install SSH in your local machine:

$sudo apt-get install openssh-client openssh-server

 On the local machine you will want to generate a secure SSH key:

$ssh-keygen

 This is used to generate, manage, and convert authentication keys for ssh authentication.

The user can create a passphrase key for both SSH protocol version 1 and version 2. SSH-keygen creates RSA keys for SSH protocol version 1 and RSA or DSA keys for use by SSH protocol version 2.

$ ssh-copy-id -i <public_keyid of local host user>@<remote_ip address>

 Initially,we required password for establishing the connection.Onces the secure connection is established we can directly access the remote users file without using password.

$ ssh <remote_username>@<remote_ip address>

 Now we can access remote users file and directories.

by

SSH to connect to a remote server and secruely copying file using scp

Secure Shell (SSH) is known as Secure Socket Shell.It is a UNIX-based command interface and protocol for securely getting access to a remote computer.It provide a secure channel connection over a insecure channel.It was designed as a replacement for Telnet.SSH uses public-key cryptography to authenticate the remote computer and allow it to authenticate the user.

 The basic steps:

 Install OpenSSH

 OpenSSH is a free, open-source implementation of the ssh protocol in Ubuntu.

sudo apt-get install openssh-client openssh-server

 It consist of openssh-client and openssh-server.Client create a connection with the server through a secure channel.

 

Logging into a remote computer over a secure connection

After installing,we can login to the remote user using the command

$ssh <remote_user>@<ip_address>

Thus we created a connection with the remote user.

Exit from the remote user.

You can see a message

“logout
Connection to <ip_address> closed.”

Transferring files and directories between computers over a secure connection.

To transfer files from our local machine to the remote server and vice-versa, we will use SSH’s “secure copy” command, or scp.

To copy a single file use the command:

scp <file_name.txt> <remote_user>@<>ip_address>:/directory

Go to the server's directory,we can see the file that we transferred.

 

 

by

How to install mysql, apache, php in Ubuntu

I used LAMP ,free open source software.LAMP refers to the first letters of Linux (operating system), Apache HTTP Server, MySQL and PHP.It includes Apache 2, PHP 5 and MySQL 4.1 or 5.0.

To install the default LAMP stack in Ubuntu

First install tasksel… 

$sudo apt-get install tasksel.

Tasksel is a Ubuntu tool that installs multiple related packages as a co-ordinated “task” onto your system.

Install LAMP

 $sudo tasksel install lamp-server

During the installation you will have to enter the password to root user base.

 Checking apache installation…..

Go to browser and type http://localhost/

Checking php 5 installation…..

In /var/www , create a text file called “index.php” which contains : “<?php phpinfo(); ?>”  .With your web browser, go to the URI “http://localhost/index.php“: If you can see a description of PHP5 configuration, it proves PHP 5 works with Apache.

by

KEY GENERATION AND SIGNING USING GPG

Using gpg you can generate private and public keys that can be used to encrypt and decrypt files

The steps are:

Go to terminal and type these commands

 Step 1: Create a new GPG key-pair

Syntax: #gpg –gen-key

The user need to specify the type of key requried(ie RSA,DSA),the keysize and also specify how long the key should be valid.

After this, we generated our private key.We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy.

Step 2: Edit your public key to add the photo.

Editing: $ gpg –edit-key <public key id>
To add photo:$gpg> addphoto

Step 3: Export your public key

Syntax : $ gpg --armor --export {email_id} > {file name}.gpg

Step 4: To get our public key

Syntax : $ cat {file name}.gpg

Add our public key to the key repository,keyserver.ubuntu.com

FOR SIGNING

Step 1: To get the information about all the keys

Syntax: $ gpg --list-keys

Step 2: Get other people’s keys

Syntax:$ gpg --recv-keys <key id of other people>

Step 3: To sign to other people’s publics key

Syntax: $gpg –sign-key <key id of other people>

Step 4: Send the signatures.

Instead of sending the signed keys back to the keyserver, send each key to its owner via email.

Syntax: gpg --armor --output <filename>.asc --export <key id of other people>
TO RECEIVE OUR PUBLIC KEY SIGNED BY OTHERS

Step 1

Received our signed public key through email and save it in the home folder.Go to terminal and type

  	  Syntax: gpg --<file that send by the signer>.asc

Step 2:Import our public key

Syntax: gpg --import <file name>.asc
CLEAR SIGNING

Sign a file F that contains name, Roll Number, blog URL in clear text using your secret key.

Syntax: $ gpg --clearsign F.txt

We need a private key to unlock the secret key for user

To see the clear signed file F.asc

Syntax: vim F.asc
by

Yippee……!!!!Successfully sent an encrypted mail to my friend ……

As a part of my cyber security course,i sent an encrypted mail to my friend and also i decrypted a mail that i got. It was very interesting to work with it:).I would like to share my experiences with you.

I did this in an linux environment.I used Gpg Key-Pair Encryption and Decryption.Using gpg we can generate private and public keys that can be used to encrypt and decrypt files.

The steps are:

Go to terminal and type these commands

Step 1: Create a new GPG key-pair

              Syntax: #gpg –gen-key

The user need to specify the type of key we want(ie RSA,DSA)the keysize and also specify how long the key should be valid.

Enter your real name and email address.

After this, we generated our private key.

We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy.

Step 2: Export your public key

               Syntax : $ gpg –armor –export {email_id} > {file name}-pub-asc.gpg

Step 3: To get our public key

              Syntax : $ cat {file name}-pub-asc.gpg

Add our public key to the key repository,keyserver.ubuntu.com

Step 4: Import others public key

Use –import option to import others public key.

             Syntax: $ gpg --import FileName
Step 5: Get the recipient public key from the key repository,ie from keyserver.ubuntu.com by using her email_id.


Step 6: Send encrypted message

For example, let us see how Alice can send an encrypted message to Bob.

Alice encrypts the input file using Bob’s public key. The example below creates a binary file.

            Syntax : $ gpg --recipient bob email_id --encrypt filename


Step 7: Read the encrypted message

In this example, let us see how Bob can read the encrypted message from Alice.


Decrypt the message using your private key.

            Syntax: gpg --decrypt file

            Syntax : $ gpg --decrypt test-file.asc

Note: After entering the passphrase(private key), the decrypted file will be printed to the

Use the following command to redirect the decrypted message to a text file.

            Syntax : $ gpg --decrypt test-file.asc > file.txt