🍩
HackBook.io
  • Pentesting Pocket Book for hackers and developers.
  • Reconnaissance
    • Internal Recon Basics
    • OSINT
      • Infrastructure
      • Recon-ng
      • Users
      • Google Dorks
    • Active Scanning
      • NMAP
        • NSE
          • reconnoitre
        • NMap Evasion
      • NC Scan
      • Finger Printing
    • Web Server OSINT
      • WhatWeb
      • Subdomains
      • Directory & File Enumeration
        • Enumeration
          • GoCutty
          • gobuster
          • Dirb
          • nikto
        • Fuzzing
        • Crawling
  • Web Application Hacking
    • Web 101
      • Clients
      • Servers
      • Encodings
    • Web Hacking Techniques
      • SOP
      • Open Redirect
      • File & Resource Attacks
        • Directory Traversal
          • Dir Traversal Fuzzer
        • LFI
        • RFI
        • Unrestricted File Uploads
      • XSS
        • DOM
        • Stored
        • Reflected
        • Blind
        • Self XSS
      • XXE
        • XXE Payloads
      • XPath
      • SSRF
      • CSRF
      • SQLi
        • SQL Basics
        • Securing SQL
        • Hacking SQL
          • sqlmap
          • In-Band
          • Error Based
          • Blind
      • Authorization
      • Session Hijacking
      • Command Injection
      • Insecure Deserialization
      • File Uploads
        • File Upload Mitigations
      • HPP
      • Click Jacking
        • Adobe SWF Investigator
      • HTTP Response Splitting
      • Flash 101
        • Flash Hacking
      • HTML5
        • WebSockets
        • CORS
          • iframe
          • Headers
    • Web Hacking Procedures
      • Captcha
      • Username Generation
      • Username Enumeration
      • Inhouse WebApps
      • SSL Cert Generation
      • CMS
        • WordPress
        • Joomla
      • Popular Exploits
        • Bludit CMS
        • ShellShock
        • WebDav
  • Weaponization
    • Buffer Overflows (BOF)
      • DSBOFG
        • Scripts
  • Initial Access
    • 😈Services
      • Finger
      • SNMP
      • LDAP
      • SMTP
      • NFS
      • RPC
        • RPCBind
      • RDP
      • SQL
        • NoSQL
      • POP3
      • Samba
      • SMB
      • SSH
      • Telnet
      • NetBios
      • VOIP/SIP
      • DNS
        • DNS Lookups
        • Zone Transfer
        • SubDomain Enums
        • dnsdumpster
    • 😈Shells
      • Powercat
      • Odd Shells
      • Troubleshoot
      • TTY/PTTY
  • Persistence
    • File Transfers
      • Py->Exe->Txt
      • Cross compile example
    • Backdoors
  • Privilege Escalation
    • Universal Escalation
    • Windows Escalation
      • Automated
      • Popular Exploits
        • ActiveXObject to Wscript RCE
        • Macros
        • Object Linking
    • Linux Escalation
      • Automated
    • Passwords
      • John
      • Medusa
      • Cewl
      • ncrack
      • Crunch
      • Hydra
      • MITM
      • Responder
        • SAM
          • pwdump and fgdump
          • Pass-the-hash
      • Crack the hash
      • NTLM
  • Network Discovery
    • Network Traffic
      • tcpdump
    • Internal Discovery
  • Collection and Staging
    • Collection
      • File types
  • Hacking Objectives
    • Non Kinetic War (Quick Guide)
  • Procedures
    • Bash Guide
    • Active Directory
    • Crypto 101
    • Forensics
  • Glossary
  • Hacking Frameworks
    • Metasploit
      • msfvenom
    • Dsnif
  • ThreatModeling
    • Threat Modeling Overview
  • Certifications
    • VMDR
      • Qualys Asset Management
      • Qualys Vulnerability Management
      • Qualys Threat Prioritization
      • Qualys Response (Patch Deployment)
    • OSCP Cheat Sheet
  • RF - Radio Frequency
    • Ham Technician
Powered by GitBook
On this page

Was this helpful?

  1. Procedures

Crypto 101

PreviousActive DirectoryNextForensics

Last updated 3 years ago

Was this helpful?

symetric: both sender and rec have the same key. Then you encrypt and decrypt with one key. - des - aes - rc4 - blowfish asymetric/public key: public key can encrypt but cannot decrypt then the private key can decrypt. Each user has their own private and send the corresponding public keys to the other users. Data handling refers to how much data we encrypt and send at a time. Block: we do it in chunks (8bytes, 16,32, etc) - des - aes stream: we do it byte by byte - rc4 - a5/1 ECB block: Electronic code block cipher easer to reverse since identical text blocks will end up being the same cipher blocks and can be guessed. CBC block: cipher-block chaining harder to guess at since it also uses the last block to help encrypt the current block and the first block is an initializer block.

Crypto attack categories:

common attacks:

Brute force: You know a plain text and cypher text combo and you then guess the key until you get the expected output from the input. This method is limited only by the power of computers. The current CUDA core computing has made DES (56 bit keys) insecure as a modern gpu can easily bruteforce this encryption. Dictionary attack: This works for symmetric key encryption where the user selects keys. This save time with guessing more nonmonic names rather than aaa aab aac style brute forcing. This attack tends to work because of the human factor. a 4 letter key is more likly to be a word than random letters. Rainbow tables: Because disk space has gotten affordable and cpu speed is still not super great, this method has become popular to utilize the disk more. //need to look up how these work side channel and surrounding attacks: Things to look for that may render the encryption implementation broken: -not destroying plaintext after use -not handling the decryption and resulting plaintext securely -temporary or backup files that store any of the process as a data loss system -key leaks -allowing recovery of old keys -weak passwords -trust relationships