CEH Lab Manual Cryptography Module 18information AF Tes your knowledge SB Web exercise 1 Workbook review Toots demonstrated in this lab are available in DACEH- Tools\CEHve Module 18 Cryptography Module 18~ Cryptography Cryptography Cryptography is the study and art of hiding meaningful information in an unreadable format. Lab Scenario With the increasing adoption of Internet-World Wide Web use for business and personal communication, securing sensitive information such as credit-card numbers, personal identifiable information, bank account numbers, secret messages, and so on is becoming increasingly more important. Today’s information-based organizations extensively use Internet for e-commerce, market research, customer support, and a variety of other activities. Data security is critical to online business and privacy of communication. The ability to protect and secure information is vital to the growth of electronic commerce and to the growth of the Internet itself. Many people need or want to use communications and maintain data security. The eneryption of data plays a major role in doing so. For example, banks all over the world use encryption methods to process financial transactions involving the transfer of huge amounts of money. ‘They also use encryption methods to protect their customers’ ID numbers at bank automated teller machines. There are many companies and even shopping malls selling anything from flowers to wine over the Internet, and these transactions are made by the use of credit cards and secure Internet browsers that include encryption. Internet customers want to know that their credit-card information and other financial details will remain private and secure. But this can only be accomplished by the use of strong and impenetrable encryption methods. As part ofa security assessment, you have to suggest to your target organization that it use proper encryption techniques to protect data, both in storage and during transmission. The labs in this module demonstrate how you can use encryption to protect information systems Lab Objectives This lab will show you how to use encryption tools to encrypt data. It will teach you how to: = Use encrypting/decrypting techniques = Generate Hashes and checksum files Lab Environment ‘To complete this lab, you will need: = A computer sunning Window Server 2012 = A computer sunning Windows 8.1 in virtual machine = A computer sunning Windows Server 2008 in virtual machine = A computer sunning Kali Linux in virtual machine (CEH Lab Maral Page 1574 “Ehcal Hacking and Countermeanures Copyright © by EGCounell ‘AI Righs Reserved Repeodton Suet PeckbiedA Web browser with Intemet access "Administrative privileges to run the tool Lab Duration ‘Time: 115 Minutes Overview of Cryptography Cryptography is the practice and study of hiding information. Modern eryptogeaphy intersects the disciplines of mathematics, computer science, and electrical engineering, Cryptology before the modem age was almost synonymous with encryption, the conversion of information from a readable state to one apparently without sense. It helps in securing data from interception and compromise during online transmissions. This module provides a comprehensive understanding of different crypto systems and algorithms, one-way hash functions, public-key infrastructure (PKI), and the different ways cryptography can help in ensuring privacy and security of online communication. ‘The module also covers various ‘cryptography tools used to encrypt sensitive data. Lab Tasks Trask 1 Recommended labs to assist you in cryptography are: overview = Calculating MD5 Hashes and Verifying File Integrity Using quick Checksum Verifier "Calculating One-way Hashes Using HashGale "Calculating MDS Hashes Using MDS Calculator = Understanding File and Text Enctyption Using CryptoForge "Basic Data Encryption Using Advanced Encryption Package = Encrypting and Decrypting the Data Using BCTextEncoder = Exploiting OpenSSL Heartbleed Vulnerability on a Hutps website = Creating and Using Set jgned Certificates "Basic Disk Encryption Using VeraCrypt "Basic Data Enctypting Using Rohes Disk Encryption "Basic Data Encryption Using GrypToo! Lab Analysis Analyze and document the results related to this lab exercise. Provide your opinion on your target's security posture and exposure. PLEASE TALK TO YOUR INSTRUCTOR IF YOU HAVE QUESTIONS RELATED TO THIS LAB. (CHEE Lab Manual Page 1575 “Ehcal Hacking and Countermeanures Copyright © by EGCounell ‘AI Righs Reserved Repeodton Suet PeckbiedCalculating MD5 Hashes and Verifying File Integrity Using Quick Checksum Verifier Checksum Verifier generates and checks file interity by secure tine proven algorithms like MDS and SHLA-1. You can easly create checksums (the digital fingerprints) of files and later verify their integrity. ‘be operation is very easy— “just two steps: load th file, and paste the predefined checksum. “itor key Lab Scenario F Vatuable A checksum, or hash sum, is a small datum from a block of digital data for information __ detecting errors, which may have been introduced during its transmission or F Teatyour storage. Checksum Verifier generates and checks file integrity by secure time __tnowiedge ___ proven algorithms like MDS and SHA-1. You can easily create checksums (the digital fingerprints) of files and verify their integrity. As an Expert Ethical Hacker and Penetration Tester, you will need to use hashes and checksum, LD wosrootreview verifiers at every stage of your assessment to ensure the integrity of data collected. © Tools «nti dome, i, Lab Objectives this lab are ‘This lab will show you how to check file integrity: available in DacEH- ToolsiCEHv9 Module 18, Cryptography BL web exercive = Generate Hashes and checksum files (CEH Lab Manual Page 1575 “Ehcal Hacking and Countermeanures Copyright © by EGCounell ‘AI Righs Reserved Repeodton Suet PeckbiedLab Environment ‘To complete this lab, you will need: Quick Checksum Verifier located at D:\CEH-Teols\GEHV9 Module 18. CryptographyiMD5 Hash Calculators\quick Checksum Verifier You can also download the latest version of Quick Checksum Verifier from the link hutp://www-bitdreamers.com/en/products/checksum- verifier If you decide to download the latest version, then screenshots shown in the lab might differ Follow the wizard driven installation instructions Run this tool in Windows Server 2012 Administrative privileges to run tools Lab Duration “Time: 5 Minutes Overview of Lab ‘A checksum is a count of the number of bits in a transmission unit that is included with the unit so that the receiver can check to see whether the same number of bits atrived, If the counts match, it is assumed that the complete transmission was received, Lab Tasks G tasks 1 View Sample.txt File 2. In this lab, we are going verify the MDS checksum values before editing a file and after editing of the file Already, we have created a Sample.txt file and placed it in D:\CEH- ‘Tools\CEHv9 Module 18 Cryptography\MD3 Hash Calculators\Quick Checksum Verifier. Open Sample.txt and check the text. Don’t edit or manipulate the information in the Sample.txt file. My Bank Account Details. Find the details in your email. |» FIGURE 1.1: Sampletnt Fle before Maipuliting (CEH Lab Maral Page 1577 “Ehcal Hacking and Countermeanures Copyright © by EGCounell ‘AI Righs Reserved Repeodton Suet PeckbiedModule 18~ Cryptography 4, Now install and launch Quick Checksum Verifier. If you are launching it for the first time, it will ask you to choose a language; do so and click Next. |code: Language country [ee envK engin unites xingdom WS Ge0€ Geman ‘Gemany FIGURE 12: Quick Checkers Verer Language 5. The Quick Checksum Verifier “thank you”” window appears; click Next to continue, ‘We would like to thank you for your confidence and hope you'll enjoy our software. Discover more products from us: bitdreamers.com/products Weare looking for native speaking translators. Please contact us: bitdreamers.com/contact 2% automaticaly check for updates FIGURE 1. Quick Cheer Thank you window (CEE Lab Manual Page 1578 “Ehcal Hacking and Countermeanures Copyright © by EGCounell ‘AI Righs Reserved Repeodton Suet PeckbiedModule 18~ Cryptography 6. ‘The Quick Checksum Verifier main window appears; under Caleula Checksum, choose MDS (Message-Digest Algorithm) from the drop Tl vasK 2 down lst. ‘Observe MDS Checksum Value q Quick Checksum Verifier Qercamers Coaate Chectsum Agothns | OS (Hesse Digest Algor) - the be e checu FIGURE 14 Quick Cheam Main Window 7. Now, click on Browse for folder icon next to the Path field to open the file you need to verify the Checksum value. FIGURE 15 Spite Tas De (CEH Lab Manual ag 17 "Eleal Haclng an Counemeanucs Cop © hy EE-Coumall ‘AI Righs Reserved Repeodton Suet Peckbied8. Navigate to D'GEH-Tools\GEHv9 Module 18 Cryptography\MDS Hash Calculatorsiduick Checksum Verifier; sclect Sample.txt, and click open. 1p [l= MOS. + GuckChetsunve. Ongnise © Newflder Sewn =f) Mame . te medi i Deitop 1 cneisam vere 6st PM Aapteston Recs maa Bh dette B ecumens 1h Downes Base Baws B oes tea bokic9 tek) loeb) Sz = fine iat x] futon —»] een FIGURE 1.6 Sanda Windows Brows for Folie 9. Once you have provided the path, Quick Checksum Verifier will automatically calculate the Checksum of the required file. 10. Make a note of the Checksum value, once it is generated. XQ Quick Checksum Verifier Qercaners Calculate Checkeum Agorthm: MOS (Hessage-Digest Algorithm) Path: {le 18 Grvotoaraahy/HOS Hash Caleulstors/Ouick Checksum Verfier/Samole bt) Checksum eeAtee ech DOIMATAC DREAD recalculated Checksum FIGURE: 17: Samples Pile checksum vale before ting or manipalating (CEE Lab Manual Page 1580 “Ehcal Hacking and Countermeanures Copyright © by EGCounell ‘AI Righs Reserved Repeodton Suet PeckbiedModule 18~ Cryptography 1, Navigate to D'GEH-Tools\GEHv9 Module 18 Cryptography\MDS Hash CalculatorsiQuick Checksum Verifier; open Sample.txt, alter the file's text, and save the file in the same location, GB otasKs Observe MDS 7 Checksum Value | — File Edit Format View Help Bank Account Details. Find the details in your email. [Testing for Quick Checksum Verifier A 14 Sample nt Fle Manipulate Sample te 12, Follow steps 6-8, then compare the Checksum values of the file before and after manipulating its text. x Quick Checksum Verifier Qpreamers Calculate Checksum Algorthm: MOS (Hessage-Digest Algorithm) = Path: {le 18 Crvotoaraohy/HOS Hash Calulators/uick Checksum Verfier/Samole bt) © Checksum Tobe ISI0I9524dS2CSTA TODD recalculated Checksum TIGURE 1.9 Sample fle eheisum vale after eng oF manipulating 13. In real time, when a person sends sensitive information to another person, the sender will calculate its hashes and send the information (along with the hash value) through a medium (¢.g., email). When the person on the other side receives the mail, he/she will note the hash value, copy the message, and calculate its value. If the calculated value and the hash value noted earlier tally, it means that the received data hasn’t been modified by a third party during transit and is thus legitimate. 114, Hash calculation is mainly performed to check data integrity (CEH Lab Manual Page 1581 “Ehcal Hacking and Countermeanures Copyright © by EGCounell ‘AI Righs Reserved Repeodton Suet PeckbiedModule 18~ Cryptography Lab Analysis Document all Hash, MDS, and CRC values for further references, PLEASE TALK TO YOUR INSTRUCTOR IF YOU HAVE QUESTIONS RELATED TO THIS LAB. MNo Platform Supported @ Classroom MiLabs (CEH La anal age SD ‘tical Hackog and Gounsemneaares Copyigh © by EE-Comell ‘AU Righs Reserved Reproduchon i Swit ProbieCalculating One-Way Hashes Using HashCalc HashCale enables you to compute multiple bashes, checksums and HIMACs for files, tect and hex: strings. It supports MD2, MD4, MDS, SHA, SHA2 (SHA256, SHA384, SHAS512), RIPEMD160, PANAMA, TIGER, CRC32, ADLER32, and the hash used in eDonkey and eMule tools Mieon «key Lab Scenario Fo Valuable Message digests or one-way hash functions distill the information contained —tiemution ____ithin a file (small or large) into a single fixed-length number, typically between A ese your 128 and 256 bits in length. If any given bit of the function’s input is changed, —Lnowiedge_____ every output bit has a 50% chance of changing. Given an input file and its corresponding message digest, it should be nearly impossible to find another file with the same message digest value, as it is computationally unfeasible 10 have two files with the same message digest value. B_ wer exercise 1) Workbook seview Hash algorithms are widely used in a wide variety of eryptographic applications, and is useful for digital signature applications, file integrity checking, and storing passwords. Lab Objectives This lab will show you how to encrypt data and how to use it. It will reach you how to: = Use encrypting/decrypting command Toots typting/ decrypting demonstrated in = Generate Hashes and checksum files this lab are . available in Lab Environment aeeteenva To complete this lab, you will need: Module 18 = HashCale located at DACEH-Teols\CEHv9 Module 18 (Cryptography Cryptography\MD5 Hash Calculators\HashCale ‘CERT Lab Mansal Page 18 ‘Bibleal Hacking and Coumernanucen Cop © by H-Bounell ‘AI Righs Reserved Repeodton Suet PeckbiedModule 1 = You can also download the hup://www.slavasoft.com/hasheale/ = If you decide to download the latest version, then sereenshots shown in the lab might differ = Follow the wizard driven installation instructions Run this tool in Windows Server 2012 "Administrative privileges to run tools Lab Duration ‘Time: 5 Minutes Overview of Hash HashCale is a fast and easy-to-use calculator that allows computing message digests, checksums, and HMACS for files, as well as for text and hex strings. It offers a choice of 13 of the most popular hash and checksum algorithms for calculations Lab Tasks Torasn 1 1. Launch HashGale application from Apps screen. Calculate the Hash 2 tresucae spe pecs with ts to plans input and Lapin Haske appeaion (CEH Lab Maral Page 1584 “Ehcal Hacking and Countermeanures Copyright © by EGCounell “Al igh Revcved. Reproduction Set PeobtedModule 18~ Cryptography 2. ‘The main window of HashGale appears; select the type of Data format here, Text string) from dropdown list. Data Fema Data Fad. BMG Tent sting = mos Pwo sHaL 2 sas aortas nee ‘spoon serps F snages Foes etext sig, sd headend sing 1 shai RIPEMD160 7 PANAMA Pier Tr mp2 1 apLerse opcae 0 a vote” SlavaSoft FIGURE 22: Fase mia window 3. As you are specifying the data format as ‘Text string, the application accepts text strings and converts them to their respective hashes. (CEE Lab Manual Page 1585 “Ehcal Hacking and Countermeanures Copyright © by EGCounell ‘AI Righs Reserved Repeodton Suet Peckbied6 1D You can ako owaload HashCe fom Inpro Enter data which you would like t0 ealeulate. Choose the appropriate Hash algorithms by sclecting their respective checkboxes, In this lab, MDS, SHA1, RIPEMD160 and GRG3Z hash algorithms have been selected. Now, click Galeulate, Data Format: Tent sting >| ag PF snags Pr shag 1 suagiz | FIPEMD160 7 Panna TP Ger mp2 TP ADLER32 = > FIGURE 23 Calling he hashes (CEH Lab Maral Page 1586 “Ehcal Hacking and Countermeanures Copyright © by EGCounell ‘AI Righs Reserved Repeodton Suet PeckbiedModule 18~ Cryptography 8, The application calculates the hashes and displays them, as shown in the screenshot: DaaFomt_ 04 ret ng =] fetoietpe FP aac F mos wos sua P snags FP suages P shagia DD tasncatc is used wo sence crpang ex Pacer PF moe [Ebene aToRbeE RecA Toe —— sacarina au abebatsaze Tear ebol —— -——————_. © hreuoin aaa —] a —— -——_———_ Paper [— Face eDarkey! Fle —— [epee] _ ome |__|) FIGURE 2¢ ash gener for cone ath ing 9. Hash calculation is mainly performed to check data integrity. Lab Analysis Document all Hash, MD5, and CRC values for further references, PLEASE TALK TO YOUR INSTRUCTOR IF YOU HAVE QUESTIONS RELATED TO THIS LAB. Pence cae OYes HINo Platform Supported 1 Classroom Bilabs (CEH Lab Maral Page 1587 “Ehcal Hacking and Countermeanures Copyright © by EGCounell ‘AI Righs Reserved Repeodton Suet PeckbiedON KEY 7 Vataable information & esr your knowledge B_ wer exercise 1) Workbook seview this tab are available in DACEH. Tools\CEHve Module 18 Cryptography Calculating MD5 Hashes Using MD5 Calculator MD5 Calculator isa simple application that calculates the MDS hash of a given file. It can be used with big files (og, multiple gigabytes). It features a pragress ‘counter and a text field from which the final MIDS hash can be easily copied fo the clipboard. Lab Scenario ‘There has been a need to protect information from “prying eyes.” In the electronic age, information that could otherwise benefit or educate a group or individual can also be used against such groups ot individuals, Industrial espionage among highly competitive businesses often requires that extensive security measures be put into place. And those who wish to exercise their personal freedom, outside oppressive governments, may also wish to encrypt certain information to avoid suffering the penalties of going against the wishes of those who attempt to control it. Still, the methods of data encryption and decryption are relatively straightforward; algorithms are used to encrypt the data and stote system information files safely, away from prying eyes, To be an Expert Ethical Hacker and Penetration Tester, you must understand data encryption using enctypting algorithms. Lab Objectives This lab will give you experience on encrypting data and show you how to do it Te will teach you how to: = Use encrypting/decrypting command = Calculate the MDS value of the selected file (CEE Lab Manual Page 1588 “Ehcal Hacking and Countermeanures Copyright © by EGCounell ‘AI Righs Reserved Repeodton Suet PeckbiedLab Environment To complete this lab, you will need: MDS Calculator located at DACEH-Tools\CEHv9 Module 13 CryptographyIMD5 Hash CalculatorsiMDS Calculator You can also download the latest version of MD§ Calculator from the link http://www. bullzip.com/products/md5 /info.php. If you decide to download the latest version, then screenshots shown in the lab might differ Run this tool in Windows Server 2012 Administrative privileges to run tools Lab Duration Time: 5 Minutes Overview of MD5 Calculator MDS Calculator is a bare-bones program for calculating; and comparing MDS files. While its layout leaves something to be desited, its results are fast and simple, Lab Tasks task 4 Calculate MDS. 1, Navigate to DACEH-ToolsiCEHv9 Module 18 Cryptography\MDS. Hash Calculators\MD5 Calculator, double-click mdSeale(1.0.0.0).msi and follow the installation steps to install Checksum MDS Calculator. 2. To find MDS Hash of any file, right-click on the specific file (here, mdSeale(1.0.0.0).msi), and Sclect "MDS Caleulator" from the context menu. (Bs ain ates + DER = 1D os erecksumn is im mere sed a generate MDS ha cy 1D cece (hoon Prey Bowe eee Baio FIGURE 31 MDS Cause option in content nes (CEH Lab Maral Page 1589 “Ehcal Hacking and Countermeanures Copyright © by EGCounell ‘AI Righs Reserved Repeodton Suet PeckbiedModule 18~ Cryptography 3. MDS Caleulator shows the MDS digest of the selected file. ‘Note: Alternatively, you can browse any file to calculate the MDS hash and click on the Galeulate button to calculate the MDS hash of the file, file Tool Help Fe Nano [eT Chtogahy HDS Hh Coals WOS Castor a.m [=] ‘Galdate 1 wos tah ein) imeiesess AP NDS Doe ey Sompes dl feet compact Ege [beseceroacdecm0stoo7T Tecsaba OO Urnarease FIGURE. 32: MDS i genente for the hose fle 4, MD5 calculator is used to check the integrity of a file, Ifa person wants to send a file to another person via a medium, he/she will calculate its hashes and sends the file (along with the hash value) to the intended person. When the person on the other side receives the mail, he/she will download the file and calculates its value using MD5 Calculator. 6. ‘Then, the person compares the generated hash value with the hash value that was sent through mail. If both the hash values tally, it is evident that the person obtained the file without any modifications by a third person. Lab Analysis Analyze and document the results related to this lab exercise, PLEASE TALK TO YOUR INSTRUCTOR IF YOU HAVE QUESTIONS RELATED TO THIS LAB. eters eee! OYes AN Platform Supported 1 Classroom Bilabs (CEE Lab Manual Page 1590 “Ehcal Hacking and Countermeanures Copyright © by EGCounell ‘AI Righs Reserved Repeodton Suet PeckbiedoN KEY 2) Valuable information F Tea your nowledee SB Webexercise DD Workbook review Understanding File and Text Encryption Using CryptoForge CoptoForge is a file enaryption software for personal and professional data security. It allows you to protect the privacy of sensitive files, folders, or email messages, by encrypling them with strong eneryption algorithms, Lab Scenario CryptoForge allows you to protect the privacy of sensitive files, folders, or email messages, by encrypting them with up to four strong encryption algorithms, Once the information has been encrypted, it can be stored on insecure media or transmitted on an insecure network—like the Intemet—and remain sectet. Later, the information can be decrypted into its original form. Lab Objectives ‘This lab will show you how to encrypt files and text, 2 Toots ir demon i Lab Environment this tab are ‘To complete this lab, you will need: available in DacEH- * CryptoForge located at D:\CEH-Tools\GEHv9 Module 18 Tools\CEHv9 Cryptography\Cryptography Tools\CryptoForge Module 18 = You can also download the latest version of CryptoForge from the link Cryptography ‘om/dows = If you decide to download the latest version, then sereenshots shown in the lab might differ = Follow the wizaed driven installation instructions | Windows Server 2012 samingas how mine | Windows 811 naingsavin machine = Administrative privileges to run tools (CEH Lab Mana age 1591 ‘Bibleal Hacking and Coumernanucen Cop © by H-Bounell ‘AI Righs Reserved Repeodton Suet PeckbiedModule 18~ Cryptography Lab Duration ‘Time: 15 Minutes, Overview of the Lab "The lab demonstrates basic encryption methodology used to encrypt files and text ‘messages and share them with the intended petson/ people. Lab Tasks ovat 1, Navigate to DAGEH-TooIs\GEHv9 Module 18 Encrypt a File Cryptography\Cryptography Tools\CryptoForge, double-click Enerypt GryptoForge.exe and follow the steps to install the application. 2. Once done with the installation, log in to Windows 8.1 virtual machine, navigate to ZACEHV9 Module 18 Cryptography\Cryptography Tools\CryptoForge, double-click EryptoForge.exe and follow the steps to install the application, ‘Note: If a User Account Control pop-up appears, click Yes. If a Windows Security dialog-box appears, enter the credentials of Windows Server 2012 machine, and click OK. 3. Now, switch to Windows Server 2012 machine, navigate to D\GEH- ToolsiCEHV9 Module 18 Cryptography\Cryptography Tools\CryptoForge, right-click Confidential.txt, and select Enerypt from the context menu, 1 BK DB ee | ues few | ie ee | es) rope ese le on Beet etn © + 4 Dx Copeponhy Te » Coptafoge 2 Footer esp aa Torben Bh Downtnds Comstore] Open 9 Ret paces foe _ kan wna — _ on Bane ee Brie Oph Bivens ‘Sheet We tocaeacea BD Asst ce FIGURE 4.1: Eneyping Fe (CEE Lab Manual Page 1592 “Ehcal Hacking and Countermeanures Copyright © by EGCounell ‘AI Righs Reserved Repeodton Suet PeckbiedModule 18~ Cryptography 4. The Enter Passphrase - CryptoForge Files dislog-box appears; type a password in the Passphrase ficld, retype it in the Confirm field, and click OK. ‘The password used in this lab is qwerty@123. wit a Help: FIGURE 42: Eater Passprase -CyptoFonge Files Disp Hox 5. Now, the file will be enerypted in the same location, and the old file will be deleted automatically, as shown in the sereenshot: xa co) Beso St vont Foote Bh Dowade Recent pes tse Ie detep Daca i Downs Base Pee B ves We tecanacey Bia Lae cein 8 e SteSha FIGURE 43 File Encrpied EB otaska 6. No one can access this file unless he/she provides the password for the encrypted file. You will have to share the password with him/her Decrypt the ‘ or . Mea rile through message, mail, or another means. 7. Let us assume that you shared this file through shared network drive. (CEH Lab Maal Page 1555 ‘ileal Hacking and Countermeanures Copyright© by EO-Comell ‘AI Righs Reserved Repeodton Suet Peckbied8. Now, switch to Windows 8.1 virtual machine, navigate to 2\GEHV9 Module 18 Gryptography\Cryptography Tools\CryptoForge. You will observe the encrypted file in this location, © © = t Wh Coptegrpy Took > CrpaFere 2 Fortes hated Bi dettcp Capiogetnc Be Downs = 1H Recent paces eB Homesoup ms There A Newore 2s hem sects IS FA IRE 44 Viewing the Encrypted Pe 9. Now, double-click the encrypted file to decrypt it and view its contents. © © ~ 4 [Wx Cyptopply Took + Copafone ve eres Nene Date modi Wdettep EET 1 Dewnnds 1H eee paces eB Homesoup ms There Newer 2s deem stad 18 FIGURE 45: Decrypted the Encrypt Tle (CEE Lab Manual Page 1594 “Ehcal Hacking and Countermeanures Copyright © by EGCounell ‘AI Righs Reserved Repeodton Suet PeckbiedModule 18~ Cryptography 10. 'The Enter Passphrase - GryptoForge Files dialog-box appears; enter the password that you have provided to encrypt the file, and click OK. FIGURE 46 Kner Passphrse -Ciyptoorge Ble Dishog Hox 11. On entering the password, the file will be successfully decrypted. You may now double-click the file to view its contents, © + 4 We Copmmby Teo » Comte Sean 2 vereed Hence ec FIGURE 47, Pe Decryped Suceesfaly 12, So far, we have seen how to encrypt a file and share it with the intended user, Now, let us see how to share an encrypted message with a user. Doras > 13, Switch to Windows Server 2012 machine, go to the Apps screen, and —_—— click GryptoForge Text to launch the application, Encrypt a Message (CEH Lab Maal Page 1595 ‘ileal Hacking and Countermeanures Copyright© by EO-Comell ‘AI Righs Reserved Repeodton Suet PeckbiedModule 18~ Cryptography 14, GryptoForge Text window appears, type a message, and click Encrypt from the toolbar. fie fit ew tesge et Fast tp re) eet _ inet fe Deus seBAoo, scale -|eiwals FIGURE 40 Enenpting Tex Message 15, The Enter Passphrase - GryptoForge Text dialog-box appears; type a password in the Passphrase ficld, retype it in the Confirm field, and click 0K. ‘The password used in this lab is test@123. ects [me es ree wy Confirm: FIGURE 49; Enter Pasapate-CyptoFonge Text Dis Box (CEE Lab Manual Page 1595 “Ehcal Hacking and Countermeanures Copyright © by EGCounell ‘AI Righs Reserved Repeodton Suet PeckbiedModule 18~ Cryptography 16, "The message you type will be encrypted, as shown in the screenshot: ri 8 of) Pusghse_Ercypt_Oecypt Fe Deda) BA) OC) wz B | flavin Sestace nacrsowanoop stants onc roron sume sametaeastre rnane ergec oon ep aero ERE FIGURE 410 Message Ener 17. Now, you need to save the file, Click File in the menu bar, and click jaca) oc, sneer op lesa 5, oy So ee ee Pee ca am moc —> FIGURE 411 Soving the File (CEH Lab Manual Page 1597 “Ehcal Hacking and Countermeanures Copyright © by EGCounell ‘AI Righs Reserved Repeodton Suet PeckbiedModule 18~ Cryptography 18, "The Save As window appears; navigate to DiACEH-Tools\CEHv9 Modul 18 Cryptography\Cryptography Tools\GryptoForge, specify the file name as Credentials.efd and click Save. [is = Ciptogrph.. + CryptoForge Crgnice * — Newtolter sm mise Th detop i veces Ui omtnne B mise Bi Petes Vicor iia toc c) teeta) a Loa Dek) FIGURE 4.12: Saving the Fe 19. Close the CryptoForge Text window. 20. Now, let us assume that you shared the file and through mapped network drive, and shared the password to decrypt the file in an email message or some other means. 21, Switch to Windows 8.1 virtual machine, and navigate to navigate to TE tasK« ZACEHV9 Module 18 Cryptography\Cryptography Tools\CryptoForge. Decrypt the Observe the encrypted file in this location; double-click. Encrypted Message © @ - + [= copopayiy toon + coperene =e] [eeneapei ‘ : Oxemodiet Type Hi Destop “ 1h oowions FIGURE 4.1 View the Boyd Fle ‘CENT Lab Manwal Page 1508 ‘tical Hackog and Gounsemneaares Copyigh © by EE-Comell ‘AI Righs Reserved Repeodton Suet PeckbiedModule 18~ Cryptography 22. "The CryptoForge Text window appears, displaying the message in encrypted format. Click Deerypt to decrypt it. Fle Eat View Mesage_Inset_Forat_ Help falta mind Lael ata DG) m8) 9 eB | Coen = z=, ‘apdengeb 90857 Gels ¢ongEevrmailae200gLAg)26Zpedgh/ 282024As08243 TODAS ‘SebtnceenaaecDvateclpBaFbe clone (Ou Totaled yi eaccRIMTESe imculoyglovrvv actan nt genetetan ee ORS ENaC FIGURE 4.14 Deep the Erp Fle 23. "The Enter Passphrase - CryptoForge Text dislog-box appears; enter the password you used to encrypt the message in the Passphrase field, and click OK, FIGURE 415: Eater Patptise- Crypto onge Tat Diop Box (CEE Lab Manual Page 1599 “Ehcal Hacking and Countermeanures Copyright © by EGCounell ‘AI Righs Reserved Repeodton Suet Peckbied24. "The CryptoForge Text window appears, displaying the message in plain-text format, as shown in the screenshot: FIGURE 416 Menage Deena Successfully 25. Thus, you have used CryptoForge tool to encrypt and share files and messages with the intended person, 26. In real time, you may share sensitive information through email by encrypting data using CryptoForge. Lab Analysis Analyze and document the results related to this lab exercise. Provide your opinion ‘of your target's security posture and exposure through public and free information. PLEASE TALK TO YOUR INSTRUCTOR IF YOU HAVE QUESTIONS RELATED TO THIS LAB. Pteetennetscer tine) O Yes ZNo Platform Supported © Classroom MiLabs (CEH Lab Manual Page 1600, ‘Bibleal Hacking and Coumernanucen Cop © by H-Bounell ‘AI Righs Reserved Repeodton Suet PeckbiedBasic Data Encryption Using Advanced Encryption Package Advanced Encryption Package is most noteworthy for its leciblitys not only can ‘yon encrypt files for your owm protection, but you can easily create "self decrypting" sersions of your files that others can run without needing this or any other software, Lab Scenario 7 Vabable Data encryption and decryption operations require major security applications information to secure data. Most systems uses block ciphers, such as public ABS standad A Testyour However, implementations of block ciphers such as AES, as well as other —_inowledge ___ cryptographic algorithms, are subject to side-channel attacks. ‘These attacks GD wevecerise alow adversaries to extract secret keys from devices by passively monitoring the power consumption of other side channels, Countermeasures ate requited for applications to which side-channel attacks are a threat. These include several military and aetospace applications in which program information, classified data, algorithms, and secret keys reside on assets that may not always be physically protected. To be an Expert Ethical Hacker and Penetration Tester, you must understand file data encryption. Lab Objectives ‘This lab will give you experience regarding data encryption and show you the techniques to do it. It will teach you how to: DD Workbook ceview: "Use encrypting/decrypting command "Calculate the encrypted value of the selected file ToolsiCEHv9 Module 18 Cryptography (CEH Lab Manual Page 1601 “Ehcal Hacking and Countermeanures Copyright © by EGCounell ‘AI Righs Reserved Repeodton Suet PeckbiedModule 1 Lab Environment ‘To complete this lab, you will need: Advanced Encryption Package located at D:\CEH-Tools\GEHV9 Module 18 Cryptography\Cryptography Tools\Advanced Encryption Package You can also download the latest version of Advanced Encryption Package from the link hup:/ /www,secureaction.com/encryption_pro/, If you decide to download the latest version, then screenshots shown in the lab might differ Administrative privileges to run tools Run this tool in Windows Server 2012 Lab Duration ‘Time: 10 Minutes Overview of Advanced Encryption Package Advanced Eneryption Package includes a file shredder that wipes out the contents of your original files. Ir also integrates nicely with Windows Explorer, allowing you to use Explorer's context menus and avoid having another window clutter your Lab Tasks 1 task 4 Encrypting a File ret lock pes, AES. Navigate to DACEH-ToolsICEHv9 Module 18 Gryptography\Cryptography Tools\Advanced Encryption Pac! double-click aepamsi and follow the steps to install the application. (On completing the installation, launch Advanced Encryption Package application from the Apps scrcen. FIGURE 51; Launching Advanced Encryption Package appliction fom the Apps eeen (CEH Lab Maral Page 1602 “Ehcal Hacking and Countermeanures Copyright © by EGCounell “Al igh Revcved. Reproduction Set Peobted3, The Advanced Encryption Package 2014 - License Manager window appears displaying the License Manager section. Select Start free 30- jay trial radio button, and click Next. License Manager 0D You can aso dowaload Advance on Sa ae Buy acovaton cade > have aleenae code, butt doesnot seem te wa FIGURE 52: License Manage window 4, The Activating step appears; click Next. Activating THIGURE 53 Acthaton Window (CEH Lab Manual Page 1608 ‘ileal Hacking and Countermeanures Copyright© by EO-Comell ‘AI Righs Reserved Repeodton Suet Peckbied5. Leave all the options set to default in License Information step, and click Finish, License Information ‘Advanced Encryption Package 2014 Tine inited Wil Tot ited Monday, Septenbe: 08, 2014 FIGURE 54: License Information vthon (CEE Lab Manual Page 1604 “Ehcal Hacking and Countermeanures Copyright © by EGCounell ‘AI Righs Reserved Repeodton Suet Peckbied6. ‘The main window of Advanced Eneryption Package appears (seve 7. A sample file named Sample.deex is provided at DACEH-Tools\CEHV9 sare Haein Module 18 Cryptographyicryptography Tools\Advanced Encryption pe rackage. Sclect the sample file, and click Enerypt in the toolbar. le EMal Opto Took Heb 2 ih cite (Cana Prereastes Cons hee C2 Fovgrning and Rectracece (cera mede 0s cong eters (9 Meade 0 Sten rang (errs ede 07 fing (Bra Mee 0 Sac green (iva veade o2 Deal of cence Canovesse Sesaontesare (na Meade I1Hoseg eseever (Caro eu 2 Hoc We spats ~ Cans bnide 351 myer © Tools (Cohn Mockie 16 Hoke eles Networks demonstrated in cena mee Is Hoc Mole ations Card veaue 6 Evading nS, Free nner this tab are (Gra meade 17 Gnd Corre available in Censmecue 8 cytgahy DACEH- ToolsiCEHv9 Module 18 Cryptography 1 55: Main window of Advance Enero Package (CEE Lab Manual Page 1605 “Ehcal Hacking and Countermeanures Copyright © by EGCounell ‘AI Righs Reserved Repeodton Suet Peckbied8. You need to provide a password for encryption, Enter the password in Password field, retype it in the Again field, and click Enerypt Now! 9. In this lab, the password is test@123. CD recreates encepied sett eatacang les 0 send {cma atachments, psx teem] a (Pate tenet sauceries [7 dete afer eryotan Sear dete FIGURE 5.6: Enenpring the weed le (CEE Lab Mansa Page 1605| “Ehcal Hacking and Countermeanures Copyright © by EGCounell ‘AI Righs Reserved Repeodton Suet Peckbied10. The encrypted Sample File appears in the same location as the original file (.e., DACEH-Tools\CEHv9 Module 18 Cryptography\Cryptography Tools\Advanced Encryption Package). 11, To deerypt the file, first select the encrypted file, and click on Deerypt. Note: Navigate to Modul 18 Cryptography\Cryptography Tools\Advanced Encryption Package and delete the unencrypted source file, as conflicts might occur while decrypting the encrypted file in the same location. le EMal Opto Took Heb 2 ih irene (Ei Ber Orerfon (Carla Prereastes (Cah ele 02 Fovgring and Receracrce (B9 Medd 03 Sarna Nears (9 Meade 0 Sten rag (errs ede 07 fing (Bra Mee 0 Sac green (iva veade o2 Deal of cence Canovesse Sesaontesare (na Meade I1Hoseg eseever (Caro eu 2 Hoc We spats Cans bnide 351 myer (Cond eae erg ee eter cena mee Is Hoc Mole ations Card veaue 6 Evading nS, Free nner (Gra meade 17 Gnd Corre Censmecue 8 cytgahy ‘rotates Toe yptopaghy Teo nares reyoten Pane = 0) Dicencesteos\ce Tocca Made 18 Cyptoachy tomas Teo. ‘Sane doe [1210] => Sage oe [1218] 12 Dre, Proceed 1 fs. Sccedet Feld: 0 Processes i208, Average speed: 1218s FIGURE 57 Deering the sete fe (CEE Lab Manual Page 1607 “Ehcal Hacking and Countermeanures Copyright © by EGCounell ‘AI Righs Reserved Repeodton Suet Peckbied12, Ie-will prompt you to enter the password, 13, Because the unencrypted source file is already present in the same location, click Leave it alone, under Source file(s), and click Deerypt Now! Fle EMal Opto Took feb Wceitce couatmrecasees Cons esse energie Cora ase: sarees Gia vease essen oes Baan ting Baa ease 8 Seca Erperg GGaavease ten tsar ona ease saan tose Gro moase hose eee Cosa bense Hey Asean Coromeae BSG Me Cons erse itor ie Neb Coro vease soda bi rate Gon neaie Weveaetos ends ncheer GGrovease onascomure Censmecue 8 cytgahy ‘rotates Toe yptopaghy Teo nares reyoten Pane FIGURE: 5 Deering the secre fle (CHET Lab Manual Page 1608 “Ehcal Hacking and Countermeanures Copyright © by EGCounell ‘AI Righs Reserved Repeodton Suet PeckbiedModule 18~ Cryptography 14. The decrypted file appears in the same location shown in the screenshot: 0 Sica na mie someon oment Te | Scent] snd fa Bre me er Sse Poms 28 ene e121 FIGURE 59: Deanptt le 15, In real time, network administrators of ethical hackers use this tool to encrypt files and send it to the intended persons to safeguard the integrity of the files Lab Analysis Analyze and document the results related to this lab exercise, PLEASE TALK TO YOUR INSTRUCTOR IF YOU HAVE QUESTIONS RELATED TO THIS LAB. Pent Yes CINo Platform Supported 1 Classroom Oitabs (CEH Lab Maal Page 1609 ‘ileal Hacking and Countermeanures Copyright© by EO-Comell ‘AI Righs Reserved Repeodton Suet PeckbiedEncrypting and Decrypting the Data Using BCTextEncoder BClextEnceder simplifies encoding and decoding text data. Plain text data are compressed, encrypted and converted to text format, which can then be easily copied 40 the clipboard or saved as a tesct file, “‘1eon «ey Lab Scenario © Valuable ‘To be an expert ethical hacker and penetration tester, you must have knowledge of —nbmutlen cryptography functions. Tes your knowledge Lab Objectives @ Wer csertse ‘This lab will give you experience on encrypting data and show you how to do it. [2 Wortbookseview Iewill each you how to: "Use Encode/decode text data encrypted with a password Lab Environment ‘To complete this lab, you will need: = BCTextEincoder located at DACEH-Tools\CEHV9 Module 18 Cryptography\Cryptography ToolsiBCTextEncod ‘You can also download the latest version of BCTextEincoder from the link htips:/ /www.jetico.com/products/ free-security- available in Tools/betextencoder DACEH- Ifyou decide to download the latest version, then screenshots shown in the Tools\CEHv9 lab might differ Module 18 Cryptography = Run this tool on Windows Server 2012 host machine = Administrative Privileges to run the tool Lab Duration ‘Time: 10 Minutes, ‘CEH Lab Manual Page 160 ‘Bibleal Hacking and Coumernanucen Cop © by H-Bounell ‘AI Righs Reserved Repeodton Suet PeckbiedModule 18~ Cryptography Overview of BCTextEncoder BCTextlincoder uses public key eneryption methods, as well as password-based encryption. ‘This utlty software uses strong and approved symmetric and public key algorithms for data encryption. Lab Tasks 1, Navigate to DACEH-ToolsiCEHve Module 18 Cryptography Cryptography Tools\BCTextEncoder and double-click Encrypt the Data BCTextEncoder.exe. 2. The main window of BCTextEEneoder appears as show in the following screenshot Task 4 DD acrentincader lines the faowing ‘ception algo + 2118 compression Algernon “+ ALS (pase) ‘encryption alpine pecweed bed Ereion 1 RSA agmmenic ‘encryption agin for publeley encryption FIGURE 61: Main window of BCT (CEH Lab Manual Page 1611 “Ehcal Hacking and Countermeanures Copyright © by EGCounell ‘AI Righs Reserved Repeodton Suet PeckbiedModule 18~ Cryptography 3. To encrypt the text, type the text in the elipboard, Or, select the secret data, and paste it to the clipboard by pressing Gtrl#V and clicking Encode. File Eat Key Options Help @aasbwrtd Bae? cides tnt: 808 cate: [paver =) Coa BCTextEncoder Is Intended for fast ‘encoding and decoding text data FIGURE 62: Secret information in pbs 4. The Enter sword dialog-box appears; set the password (qwerty@123), and confirm it in the respective field, 3. Click ox, 1 the main advaneage of BCTenncoder is suppert of pubeey Gppton FIGURE 63. Sethe pastwon! for encryption (CEE Lab Manual Page 1612 “Ehcal Hacking and Countermeanures Copyright © by EGCounell ‘AI Righs Reserved Repeodton Suet Peckbied6. BCTextEineoder encodes the text and displays it in the Encoded Text section, as shown in the screenshot: Fle fit Key Options Help @aaaowrat ae? Decoded lan tev: 5508 creadey: [pasword FIGURE 64 Encoded teat Daas. 2 7. To decrypt the data, first you need to clean the Decoded pl ——— the clipboard. Decrypt the Data 8. Click Decode. FIGURE 65:Dewoding the ds (CEH Lab Maal Page 1613 ‘ileal Hacking and Countermeanures Copyright© by EO-Comell ‘AI Righs Reserved Repeodton Suet PeckbiedModule 18~ Cryptography 9. Enter password for encoding text dialog-box appears; enter the password (qwerty@123) in password field, and click OK. 1) wcarenive includes {te BC Key Manager sly tounge four owe ble /sce iy pa at ‘wel as poblic keys you Inve secvd fom other pepe FIGURE 6 Ese the password for decoding, 10. Decoded plain text appears, as shown in the screenshots BcTextEncoder not only encrypts, but also compresses the data FIGURE 67: Ouput decoded et IL. This way, you need to encode the text while sending it to the intended user along with the password used for encryption. The user for whom the text is intended should have the BCTextlincoder application installed on his/her machine. 12. He/she will have to paste the encoded text in the Encoded text section and use the password you shared, to decode it to plain text. Lab Analysis Analyze and document the results related to this lab exercise, PLEASE TALK TO YOUR INSTRUCTOR IF YOU HAVE QUESTIONS RELATED TO THIS LAB See eR occ COe ert OYes MNo Platform Supported @ Classroom MiLabs “CEH Lab Manual Tage 114 ‘ital Hackog and Goumienncaares Copyagh © by B-Comell ‘AI Righs Reserved Repeodton Suet PeckbiedON KEY Valuable information A Test your knowledge BL Wor exercise 1D Workbook ceview & Toots demonstrated in this tab are available D:CEH- ToolsiCEHv9 Module 18 CryptographyHea ribleed Exploiting OpenSSL Heartbleed Vulnerability on a HTTPS Website ‘The Heartbeed Bug is vulnerability in the popular OpenSSL. eryptographic software brary. This weakness allows stealing the information protected, rnder normal conditions, by the SSL{TLS encryption used to secure the Internet Lab Scenario HTTPS websites provide encryption to the data flow. Though hackers attempt to intercept the data, it is encrypted and cannot be easily decrypted /decoded. However, due to vulnerabilities found in the recent versions of OpenSSL, attackers can easily intercept the data flow and obtain it in plain-text. 1.0.2-beta and lower versions of OpenSSI. are vulnerable to Heartbleed exploit and return sensitive information in clear text. ‘As an expert Security Professional and Penetration ‘Tester you should be familiar with these exploits and take certain security measures to avoid websites in your organization from being exploited. Lab Objectives ‘The objective of this lab is to help students learn how to penetrate into a Heartbleed vulnerable website. In this lak you will learn to: = Test Heartbleed vulnerability in a heeps website = Exploit Hearbleed vulnerability and obtain passwords and certificate information in plain-text Lab Environment ‘To complete this lab, you will need: = ownCloud, Microsoft Visual C++ 2010 and WAMP Server located at DACEH-Tools|CEHv9 Module 18 CryptographylHeartblood ‘CEH Lab Maral Page 1515 “Eical Hacking and Coumermenvares Copy © by EE Counell ‘AI Righs Reserved Repeodton Suet PeckbiedModule 1 Cryptography You can download the latest version of WAMP Server from hup://www.Wampserver.com/en/ and Microsoft Visual C++ 2010 from hitp:/ /www.microsoft.com/en- in/download /derails.aspx?id=5555 "Ifyou decide to download the latest version, screenshots and steps might differ in your lab environment. = Run this lab in Window Server 2008 and Kali Linux virtual machines "Administrative privileges to run the tool = A.web browser with Internet access in both the machines Lab Duration “Yime: 15 Minutes Overview of Heartbleed SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM), and some virtual private networks (VPN3). ‘The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSI. software, This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users, and the actual content, This allows attackers to eavesdrop on communications, steal data directly from the services and users, and impersonate services and users. Lab Tasks Note: Before running this lab, log into Windows Server 2008, and ensure that you stop IIS admin service and World Wide Web Publishing Service (f you have the service installed on the machine). To stop the service, go to Start > Administrative Tools > Services, right-click MS Admin Service and click Stop, right-click Werld Wide Web Publishing Service and click Stop. Also ensure that you stop Internet Information Services (IIS) Manager and Internet Information Services (11S) 6.0 Manager. To stop Internet Information Services (IS) Manager, go to Start > Administrative Tools > Intemet Information Services (IIS) Manager, right-click on the server name in the left pane and click Stop to stop the manager. "To. stop Intemet Information Services (IIS) 6.0 Manager, go to Start > Administrative Tools > Internet Information Services (IIS) 6.0 Manager, right: dlick on the server name in the left pane, and click Disconnect to disconnect the ‘manager. In this lab, we are featuring OpenSSL 1.0.1c (vulnerable to Heartbleed) for demonstration purpose. Note: Make sure that you delete all the cookies in the browser in which you will be hosting ownCloud, and make sure that WAMPServer is kept online throughout this lb. ‘CEH Lab Maral Page 1516 “Eical Hacking and Coumermenvares Copy © by EE Counell “Al igh Revcved. Reproduction Set PeobtedModule 18~ Cryptography 1 Before beginning the lab, click Start at the lowerleft comer of the screen, and then click start WampServer to launch WampServer. JURE 7.1: Sarinyg WAMPServer 2. Log into the Ks terminal. Linux virtual machine, and open a command-line 3. To check whether the website is vulnerable to Heartbleed, launch a command prompt, issue the command am: 443 -script ssl- heartbleod 10.0.0.3 and press Enter. Note: In this lab, 10.0.0.3 is the IP address of Windows Server 2008 which is hosting the ownCloud server. This IP address may differ in your lab environment. rouge jle Eat Wew Search Terminal Help FIGURE 12: snap command wo detect Heaeed Valneriy (CEH Lab Mana Page 160 “Ehcal Hacking and Countermeanures Copyright © by EGCounell ‘A Rights Reserved Reproduction Sty ProfitModule 18~ Cryptography This initiates nmap and the tool begins to scan the server for Heartbleed vulnerability. 5, Nmap returns result stating that the server is Heartbleed vulnerable, as shown in the sereenshot rere FIGURE 1. Webi foued to be vlna o Heated 6. The result infers that the version of OpenSSL. used in the machine is vulnerable, which means you can perform penetration testing on this vulnerability, which allows you to view sensitive information in plain text ‘Type the command msfeensole in the command-line terminal, and press Enter to launch msfconsole. FIGURE 74 Lauocieg msfcosole (CEH Lab Manual Page 1618 hie Hacking and Countermeasures Copyright © by EO-Counell TAT Rights Resrved. Reproduction Stiety ProbedModule 18~ Cryptography yiscannerisstiopenssi_heartbleed and press Enter. ¢ openssl! heartbleed auxiliary module, as shown in FIGURE 7.5 Using heatbieed exploit in msfeonole Trask 2 9. Issue the following commands Expiott the a. set RHOSTS 10.0.0.3, vulnerability b. set RPORT 443 ©. set VERBOSE true Note: 10. the IP address of Windows Server 2008 virtual ‘CEH Lab Maal Page 1619 ihical Hacking and Countenmeanaren Copyighe © by EE-Counell TAT Rights Resrved. Reproduction Stiety ProbedModule 18~ Cryptography 10. Now, assume that you are a user who wants to login to the ownCloud application through the Windows Server 2008 machine, Browse the ownCloud login page. Enter the username shane and password florida@123 and click Log in. rN rot ala tIWe! FIGURE 7.7 Logging ino ownCoud saver ul Now, immediately switch back to Kali-Linux, type exploit and press Enter. 12. Observe that the user credentials have been displayed in plain text, where %40 in the password field corresponds to “@.” So, it is evident that the username is shane and the password is florida@123. TIGURE 7 Explosion performed success (CEH Lab Maral Page 1620 “Ehcal Hacking and Countermeanures Copyright © by EGCounell ‘A Rights Reserved Reproduction Sty ProfitModule 18~ Cryptography 13, Along with this, extra information such as data incorporated in the certificate request is displayed, which is shown in the screenshot rs FIGURE 7. Sesile infrmadon lak out 14, In real time, an attacker issues the “exploit” command continuously, 10 obtain more and more information. Note: This exploit works only for Open$SI. versions 4.0.1 to 4.0.2-heta. Lab Analysis Analyze and document the results related to this lab exercise. Provide your opinion of your target's security posture and exposure through public and free information. PLEASE TALK TO YOUR INSTRUCTOR IF YOU HAVE QUESTIONS RELATED TO THIS LAB. icra! OYes No Platform Supported © Classroom Dilabs (CEH Lab Mata Page 1621 hie Hacking and Countermeasures Copyright © by EO-Counell TAT Rights Resrved. Reproduction Stiety ProbedValable information F Tos your novledge web exercise 1D Workbook review: Toots Creating and Using Self-Signed Certificate SSL. is an essential part of securing your IS 7.0 site, Creating a sel signed cerificate in IIS 7 is much easier to do than in previous versions. SSL. cerlificaes enable the encryption of all trafic sent to and from your IS web site, preventing athers from viewing sensitive information. It uses public-key eryptegraphy to establich a secure connection. This means that anything enorypled mith a publi ‘ey (the SSL. certificate) can only be deerypted with a private Rey and vice-versa Lab Scenario A self-signed certificate is an identity certificate signed by the same entity whose identity it certifies. In general, self-signed certificates are widely used for testing servers. Lab Objectives ‘This lab will give you experience on how to create self-signed certificates. Lab Environment ‘To complete this lab, you will need: = Windows Server 2012 "Administrative privileges required to perform this lab demonstrated LAD Duration this lab are ‘Time: 10 Minutes, available in DACEH- Overview of Lab Tools\CEHv9 Module 18 Jn cryptography and computer security, a self-signed certificate is an identity Cryptography certificate signed by the same entity whose identity it certifies. However, the term has nothing to do with the identity of the person or organization that actually performed the signing procedure. ‘CEH Lab Manual Page 1022 ‘ibical Hacking ad Coumcrnanares Cop © by E-Bounll ‘AI Righs Reserved Repeodton Suet PeckbiedModule 18~ Cryptography Lab Tasks 1. Before we start the lab, frst we will check with our local sites whether yeti Sele they include a self-signed certificate 2. Launch a web browser, type hitps://www.goodshopping.com in the address bar, and press Enter. In this lab, we are using Google Chrome. task 4 ci Ta goodshoppingcom ] FIGURE &- wun goshoppng-eom before lig Cerdiewe 3. As we are using an https channel to browse, it displays a page stating that the connection is not private. Click Advaneed to proceed. Je > © Benen goodshoppeng cm Your connection is not private sa sg eriene deanna cr Shine pth sae ey ‘theese eerie “Tis tem ta ong =| =a devine emi he Foon ororgaeten Se Tre potrmcd Sgnng procedure 4. Click Proceed te the www.goodshopping.com (unsafe) link, oa oa yo in wom goodshoping.com FIGURE: 82: Conneson not Pate DD tarechics terms » gene Set signed cee ne tSgned wih ts wa pease i J > © ee goceshopring om Your connection is not private Sere coul not ro ts «Wa. gBBdshopping ems secur camheate WIN-CIMAQUZ6IQHE. Ths my be cause bya moeniration rn face (CEH Tab Manual Page 1623 “Eical Hacking and Coumermenvares Copy © by EE Counell ‘AI Righs Reserved Repeodton Suet PeckbiedModule 18~ Cryptography 5. As the site does not have a self-signed certificate, it displays a Not Found page, as shown in the screenshot. Not Found FIGURE 84: HTP Bir 404 Page EB otasK 2 6. Launch Start menu by hovering the mouse cursor over the lower-left Launch us corner of the desktop. Manager 7. Click on the down arrow to view the Apps screen, and click Internet Information Services 8. If the Do you want to get started with Microsoft Web Platform w= pop-up appears, click Cancel. Do you want to get started with Microsoft Web Platform to stay connected with latest Web Platform Components? 1 Bo not show this message. FIGURE 86: Ge Sate wth Moot We Patt po ‘CEH Lab Manual Page 124 ‘ibical Hacking ad Coumcrnanares Cop © by E-Bounll ‘A Rights Reserved Reproduction Sty ProfitGB otasKs Configure Server ED tape pti ey Intact epee ge Soot fem setene hn (Css peep Enea ace, ‘Sm Ue ot Satorscon hes ba Seer tte pa cStosgr ne ‘etm chose patel nes Cn GB tas a Create Selt- Signed Certificate CD) Since CA centifcates are often signed by othe “highereanhing” CAs there mst acest be 8 Tight CA whith poorer futons in hat patie Pr sche, Module 18~ Cryptography 9. "The Internet Information Services (IIS) Manager window appears; click the Machine name in the Connections pane, and double-click Server Certificates. @y win-camau2s1aHt Home eos S eo ese Mc ntfs st &f SB. 2% 34 3 a & ae eae FIGURE 87 8 Manage Server Ceniaes 10, In the Server Certificates wizard, click Create Self-Signod Certificate in the Aetions pane. ood Gy server certiates a FIGURE 88 Sever Cetfetes 1, The Create Self Signed Certificate wizard appears; type a name in the Specify a friendly name for the certificate field. ‘CEH Lab Maral Page 1025 “Eical Hacking and Coumermenvares Copy © by EE Counell ‘AI Righs Reserved Repeodton Suet PeckbiedModule 18~ Cryptography 12. Choose Personal in the Select a certificate store for the new certificate field drop-down list, and click OK. a Spey sm ama enue. Tt nema cn na ante ny Spectre eit —— 1D oWwviousty, the Inger anlang CA's cuter ant be atested IBysome other higher CA SS, FIGURE 8 Speci Pendly Name re 13. ‘The New Self-Signed Certificate will display in the Server Certificates cera tab eed pane, as shown in sereenshot. sot eres 3 server certs PS temgeemal Serger FIGURE: 810: Serve Certifetes 14, Expand the Sites node, and sclect Geedshopping in the Connections tases pane, and click Bindings in the Aetions panc Edit Bindings @ @ (BH Tineazethorpingcon Your connection is not private hers might be tying st you nest rm wa. geodehopping com FIGURE 8.19: Conseston noe Pe 25, Click Proceed to www.goodshopping.com (unsafe) Je > © [ie om gooeshoppingcom Your connection is not private BD craigs sent ccrifine nis s much sre ean of HS fos peecnmaunate a eafbacsond Wena Tame penne mpl sco ecg {Sse eben Ove Snot im he screed othe FIGURE 820 Poca o Woe Pine “Eical Hacking and Coumermenvares Copy © by EE Counell ‘CEH Lab Manual Page 1680 ‘AI Righs Reserved Repeodton Suet PeckbiedModule 18~ Cryptography 26. Now you can display the Goodshopping webpage, as shown in the screenshot. ¢ Dies sins pubic ‘key exyptograpliy to GOOD coept tbe da cam SHOPPING Itevelng over te Interns, ‘why is eine ecesia}? The ec were thet quero i ‘hats earficts is nor realy nncessry the dati ‘cute and cane ual be ecrpeed bp thd pay FIGURE 821: Sef Sige Cerfcse Page Lab Analysis Analyze and document the results related to this lab exercise, PLEASE TALK TO YOUR INSTRUCTOR IF YOU HAVE QUESTIONS RELATED TO THIS LAB. tions OYes ZNo Platform Supported Classroom Ditabs ‘CEH Kab Maal Pape ‘ital Hackog and Goumienncaares Copyagh © by B-Comell ‘AI Righs Reserved Repeodton Suet PeckbiedON KEY information DD Workbook review Basic Disk Encryption Using VeraCrypt VeraCrypt adds enhanced security tothe algorithms used for system and partitions encryption, making it immune to new developments in brute-force attacks. Lab Scenario Fa Valuable Disk encryption encrypts all data on a system, including files, folders, and the operating system. This is most appropriate when the physical security of the system is not assured. Examples include traveling laptops or desktops that are not in a physically secured area. When properly implemented, encryption OD wenexercise provides an enhanced level of assurance that the data, while encrypted, cannot —...______ be viewed or otherwise discovered by unauthorized parties in the event of theft, loss, of interception. Lab Objectives ‘This lab will give you experience in encrypting data and show you how to do so, Te will teach you how to: Create a virtual encrypted disk with a file 2 Toots Lab Environment demonstrated in this lab are ‘To complete this lab, you will need: salon = VeraCrypt located at DACEH-Tools\CEHV9 Module 18 _ GryptographyiDisk Encryption Tools\VeraGrypt ae eHve ryptography! rypti rye Module 18 = You can also download the latest version of VeraCrypt from the link Cryptography https:/ /veracrypt.codeplex.com/ If you decide to download the latest version, then screenshots shown in the lab might differ Run this tool in Windows Server 2012 Follow the wizard driven installation instructions “CEH Lab Manual Page 182 “Eical Hacking and Coumermenvares Copy © by EE Counell ‘AI Righs Reserved Repeodton Suet PeckbiedModule 18~ Cryptography "Administrative privileges to tun tools Lab Duration ‘Time: 10 Minutes Overview of VeraCrypt VeraCrypt is a software application used for on-the-fly eneryption (OTFE). It is distributed without cost, and the source code is available, Tt can create a virtual encrypted disk within file, or encrypt a partition or entire storage device EB tasxy Lab Tasks Crea 1 Volume Open the Start menu by hovering the mouse cursor to the lower-left comer of the desktop. FIGURE 93: Windows Sever 22 —Desip view 2. Click on the down arrow to view installed apps. FIGURE 92: Windows Sever 2012 Mare Apps ‘CEH Lab Maral Page 13 “Eical Hacking and Coumermenvares Copy © by EE Counell ‘A Rights Reserved Reproduction Sty ProfitModule 18~ Cryptography 3. Click VeraGrypt to launch the application. 11) vencapeisn snr tpn wed ieear hey respon (Ora cao Shout co tence Sicha FIGURE 9: Windows Sener 2012— Apps 4, The VeraCrypt main window appears; click Create Volume. Volumes System Favortes Tools Settings Help Homepage ‘Ste Encryption aborttm Type * 1D veraceypetave the ably eo crete and Jsdenenenped operng FIGURE 9.4: VeraCaype Man window ‘CEH Lab Maral Page 1034 “Eical Hacking and Coumermenvares Copy © by EE Counell “Al igh Revcved. Reproduction Set Peobted[D) iworraxt Now that Vey ll ot eneept ay exiting es (when ening VerzCpe {le contsne) you see ancating fin th ep, ital be oveneiten and seplaced ye nes (Genel vclume ote ‘veretiten fle wil be oat, otencryped). You wll be alto enerype existing es (aes omy moving tems tothe Very vlzme that eae crening ow 1D Note: Artes ou copy cing unencrypted flee toa Veracype volume, you Should sect nse ps ‘he orignal unencrypted Fics. Ther are sine tool that ean be sed for {he purpre of scare ramae (ray of ther ae ire) 5. The VeraGrypt Volume Creation Wizard window appears. 6. Sclect Greate an encrypted file container to create a file containing a virtual, encrypted disk. ‘VeraCrypt Volume Creation Wizard © Create an encrypted fle container Cotes eta ype dak iia fe Rane ir ‘renpeienced ers sore formato > tnerypt non-system partition érve ops aren ystem paren on any rleralo exter Ghee tatvcneh: Optonay, costs alice “Encrypt the system partiton or entire system drive Enaypts he parttontve where Windows ssa, Anyone Ine wart ta gan access dure te est, read nd wt ies, need ene the cored asoyard ete betere Windows boots. Optonaly, eaes shen ste. VERA CRYPT FIGURE 95 VerCiype Volume Creston Wied In the Volume Type wizard, sclect Standard VeraCrypt volume. ‘This creates a normal VeraCrypt volume. 8. Click Next to proceed. Volume Type © standard Veraceypt volume vlae. = Hidden VeraCrypt volume may happen that ou are fred by somebody treves he poantrd tan onrpted von hare we many suber Shere you crm fee revel be pared (er example, ‘Bo Catron. Lang a cle se are ows you She sch auoboe tot eveang te psn Yar ore formato about in woimes E o é EI aD Cae] Cee] FIGURE 96 VenCnpt Volume Cresion Wised-Vohime Type ‘CEH Lab Maral Page 105 “Eical Hacking and Coumermenvares Copy © by EE Counell ‘AI Righs Reserved Repeodton Suet Peckbied(D Veaciyps apport E concept eal plusble & erably, z o > TIGURE 97; VeaCrypt Volume Creaion Wizard-Volume Laon 10. The Specify Path and File Name window appears; navigate to the desired location (here, Desktop), provide the File name as MyVolume, and click Save. DD Tremaic of perio sed by ersCape fr enepicd parr’, des a ————— Cancel > (Hide Folders FIGURE 4 Windows Standard Specify Pat and Fle Name Window (CEH Tab Manual Page 1635 “Eical Hacking and Coumermenvares Copy © by EE Counell ‘AI Righs Reserved Repeodton Suet PeckbiedIL. After saving the file, the location of file containing the VeraCrypt volume is set; click Next. 1 Ventape tunes ‘Volume Location denote boon Se Year ae hi content : ‘Clusesidmnevote Deseo Hebe ~] [ SeectFi indigo ‘don data, 7 ies nosy | eratypt vote can reais na ie eed Verse container), acca reed on ard don a USB Fah ive ‘erate contarer ute by noma fe canbe exam moved deste as ny rox). Cok Select to [Reese Nonare te covtana and avec! Be sston ere teu wah be cantare be aeaied wannanc: 1 ou select on ent he, VraCrypt nl NOT ert DD Veraceype eusrentiy «tthe fie al be deletes anc replaced with the nendy created soppons the ttowing has esac cantare ov ile abet enc enstng fe ater Alpes iby pomna tenia rar carta at east + RIPEMD-160 ae Ce) = Whitpoat FIGURE 99: Vere Volume Creston Wianl-Volue Lacan 12, In the Eneryption Options wizard, select the AES Encryption Algorithm and SHA-812 Hash Algorithm, and click Next. 5 3 > FIGURE 3.10: VerCsypt Volune Creation Wient-Eneryption Options (CEH Tab Manual Page 1637 “Eical Hacking and Coumermenvares Copy © by EE Counell ‘AI Righs Reserved Repeodton Suet PeckbiedModule 18~ Cryptography 13, In the Volume Size wizard, specify the size of the VeraCrypt container Os Os Free space on drive C:\ is 17.88 GB © Note: Tre bation Preame wpeuly tree of Ue wnat you want lo wee. "Next wl be daet ‘atl pasords i bok {you ceate a dynamc (pase tie contaner, ths parameter vl {eal ranma oeesbe se Input its eth sae, Note tat the mew pousle sz of 2 FAT volun 29218. ‘he rtnum possbie eof = NTFS voume s S72. FIGURE 9.11: Veewnpt Volue Creation Wiad ilume Se 14, The Volume Password wizard appears; provide a geod password in the Password field, retype it in the Gentirm field, and click Next. 15. In this lab, the password used is qwertya123. Volume Password Comrie 1D eager yoenere 5 Clot ert the mouse, the bees. This t ‘te very mportant that you ace a good pasonerd. You shou Seu cee he ioe lotete me enitoesisy eevee mate “Spec ngt of Slane seers antennas tseonpten is eee irs (ess. Agro pesnvordarancom contnaton of usp ar ‘ie eters, runber, ad pean curcters aunas 8 "= $+ ‘ee reconmend Canes pessord coaxing of ore than 20 Sead (ioe, tebe) Te mmm pn got ee Cae Cee FIGURE 912; Vert Volume Creation Wizard Vole Password Note: A Veratrypt Volume Creation Wizard warning pop-up appears; click Yes. 16. The Volume Format option appears. Select FAT Filesystem, and set the cluster to Default, (CEH Tab Manual Page 1638 “Eical Hacking and Coumermenvares Copy © by EE Counell ‘AI Righs Reserved Repeodton Suet PeckbiedModule 18~ Cryptography 17. Move your mouse as randomly as possible within the Volume Creation Wizard window for at least 30 seconds. 18. Click Format, Random Pol: SCTOSGASEFASEREEFFOSESCOESBL GSE [| ead ey: segs, Unt dere, L aster ey they appear to conta telly of adem dacs ene soeed ut PORTANT: Move yur uae a3 anny a posse te ts ‘tow. The longer You nove the beter The scanty ‘eaear he cyptngache veg ef fe enaypeon tae. Than aitamat eceate be vane. eo ae a 19. After clicking Format, VeraCrypt will create 2 file called MyVolume in the provided folder. This file depends on the VeraCtypt container (it will contain the encrypted VeraCrypt volume). VERA CRYPT 20. Depending on the size of the volum volume creation. it may take some time for 21. Once the volume is created, a VeraCrypt Volume Creation Wizard dialog-box appears; click OK. (CD ree pace on each vetoes @ We vercoptvcume ns tee sce ce ohne creed Ce] FIGURE 9.14 VerCrype Volune Creation Wizard Dislog Box 22. Click OK to close the dialog box. 23. You have successfully created a VeraCrypt volume ({ile container). (CEH Tab Manual Page 1689 “Eical Hacking and Coumermenvares Copy © by EE Counell ‘AI Righs Reserved Repeodton Suet PeckbiedVolume Created 1D vencapesenble to secure data on 2 The VeraCypt volume hasbeen created and ready fr se Ifyou ‘computer ian ack ich fo Cente arate VeraGypt voure, deck ieat Othewce, ck ee phys accessed and VreaCiyptis wed on the camnprred compu by ‘fever 3 & 6 S FIGURE 9.15 Vept Volume Cron Wa-Voe Cee Btask2 25. The VeraGrypt main window appears; select a drive (here, I), and click Select File. Mount a Volume 2 soa pion tir Sepemmnen ote Sitch Theat Opes dog Eiepeed cating Sra Open rents pe eauy dog bw FIGURE 9.16 VenCnpe Main Window wi Sele Fie Button (CEH Tab Manual Page 1610 “Eical Hacking and Coumermenvares Copy © by EE Counell ‘AI Righs Reserved Repeodton Suet Peckbied1) deta monne options can be conigred Inthe main progr preferences Sei > Preterences) 1D isopisn cate sein de pend Eigse da olepp Solr pase olaranepe ena Bscusdeltnde Peon Module 18~ Cryptography 26.'The Select a VeraCrypt Volume window appears; navigate to ‘CAUsers\AdministratoriDesktop, click MyVolume, and click Open. a near s5%09 Th Deop fee Feces 1 cowneas, W mas fee oat Capen Teepe Dae Pictures, Bees ie Loca sk (C) Stecinaes oa ‘tename \jiotme FIGURE 9.17 Windows Senda fle Selector Window 27. The window eleses and you are returned to the VeraGrypt window. Click Mount. Help Ste | Encryption sortie Volumes System Favortes Tools Settings Dive Votre Ctservawerenbexeebrare =) [SRA ar ae] CS See IRE 9.18: Vetinpe Main Window wth Mount Baton Denount A ‘CEH Lab Manual Page 1601 “Eical Hacking and Coumermenvares Copy © by EE Counell ‘AI Righs Reserved Repeodton Suet PeckbiedModule 18~ Cryptography 28.'The Enter Password dialog-box appears; type the password you specified earlier for this volume (in this lab, qwerty@123) in the Password input field, and click OK. D wrens corree ane ——EE—_—_ Ronetepenede -PKCS-SPRF: | autodetection (TrueCrypt Mode ‘mp tops fra ca agate o ene ba os [ache ser andteyfesnnenery Fatldown te Conse! py oan (Cut boy we cei o J Nin, wee Mout Cuse eyes eyfes. wi Opies ene Younes mane FIGURE 919: VenCrype Password Window 29. After the password is verifi shown in the scteenshot: VeraCrypt will mount the volume, as Volumes System Favortes Tools Settings Dive Voline 10) No dats stored on an counted volume cane read (ecrpte without thing the comer paseo ‘rcarzeteseyplis ky, FIGURE 920. VeaCrype Main Window 30, MyVolume has successfully mounted the container as a virtual disk (I). 31. The virtual disk is entirely encrypted (including file names, allocation tables, free space, etc.) and behaves like a real disk. 32. You can copy or move files to this virtual disk to encrypt them. (CEH Tab Manual Page 1612 “Eical Hacking and Coumermenvares Copy © by EE Counell ‘AI Righs Reserved Repeodton Suet PeckbiedModule 18~ Cryptography 33. Create a text document on the Desktop and name it Test. 34. Open the text document, and enter some text in it, 35. Click File in the menu bar, and click Save. 1D vencnpr came somata ct Sonal once ‘Shines once Sanco ca TIGURE 92: Versa Main Window wth Distt Buon 36. Copy the file from the Desktop, and paste it in I, Close the window. © + + Gre caoae 1 Favors sone Hi Dostep Te Downande Recent paces od Ih deep TB Docaments Downtoods D muse B Pres BB Vieor ih tears (cy ea boal 0) ea toa dst) Gu Network 1 harem sete 40 ye FIGURE 922 Tessa len Enerped Conciner (CEH Tab Manual Page 1613 “Eical Hacking and Coumermenvares Copy © by EE Counell ‘AI Righs Reserved Repeodton Suet PeckbiedModule 18~ Cryptography 37. Switch to Verarypt window, click Dismount and then click Exit. FIGURE 92% Vert Main Window with Dismount Bron 38. The IA located in This Pe disappears. This lab is used to demonstrate that, in cases of system hacks, if an attacker manages to gain remote access of complete access to the machine, he/she cannot find the encrypted volume—including its files—unless he/she is able to obtain the password. Thus, all sensitive information located on the encrypted volume is safeguarded. Lab Analysis Analyze and document the results related to this lab exercise, PLEASE TALK TO YOUR INSTRUCTOR IF YOU HAVE QUESTIONS RELATED TO THIS LAB. OYes ZNo Platform Supported 1 Classroom Ditabs ‘CEH Lab Mansal Page 164 ‘ibical Hacking ad Coumcrnanares Cop © by E-Bounll ‘AI Righs Reserved Repeodton Suet PeckbiedoN KEY Valuable information F Tea your tnovledee SB Web exercise DD Workbook review Basic Data Encrypting Using Rohos Disk Encryption Rohos Disk is a program used to create hidden and protected partitions on a computer or USB flash drive, that password protects locks access to your Internet applications, Lab Scenario Disk encryption works in a manner similar to text-message encryption. By using an encryption program for the user’s disk, the user can safeguard all information burned onto the disk and save it from falling into the wrong hands. Disk-eneryption software scrambles the information on the disk into an illegible code. The information must be decrypted to be read and used. To be an expert ethical hacker and penetration tester, you must have knowledge of these cryptography functions. Lab Objectives This lab will give you experience on encrypting data and show you how to do it. Te will teach you how to: = Create an encrypted drive for Windows "Create a virtual encrypted drive for an external USB Lab Environment ‘To complete this lab, you will need: © Toots = Rohos Disk Encryption located at DACEH-ToolsiCEHV9 Module 18 demonstrated in CryptographyiDisk Encryption Tools\Rohos Disk Encryption this lab are avaiable ln = You can also download the latest version of Rohos Disk Encryption DACEH- from the link http:/ /www.rohos.com/produets/rohos-disk-encryption/ feagcenwe "Ifyou decide to download the latest version, then sercenshots showa in Q the lab might differ "Follow the wizard driven installation instructions ‘CEH Lab Manual Page 1648 ‘ibical Hacking ad Coumcrnanares Cop © by E-Bounll ‘AI Righs Reserved Repeodton Suet Peckbied= Windows Server 2012 running in host machine = Administrative Privileges to run the tool Lab Duration Time: 15 Minutes, Overview of Rohos Disk Encryption Rohos Disk Encryption creates hidden and password-protected partitions on a computer or USB fiash drive. Rohos Disk uses an NIST-approved AES eneryption algorithm with 256-bit encryption key length. Encryption is automatic and on-the- fly. Lab Tasks Note: Plug in a USB device to your machine before performing this lab Doras? 1. To install Rohos Disk Encryption, navigate to DACEH-Tools\CEHV9 A Module 18 Cryptography\Disk Encryption Tools\Rohos Disk Install Rohos Disk Encryption. Encryption pe 2. Double-click rehes.exe; the Select Setup Language dialog box appears 3. Sclect the language as English, and click OK. 1D Yoseaa ato dealt Rabon ms ‘itp fee toca FIGURE 101: Sct be Lage ‘CEH Lab Manval Tage 106 ‘ital Hackog and Goumienncaares Copyagh © by B-Comell ‘AI Righs Reserved Repeodton Suet Peckbied4, The Setup window appears; read the instruction, and click Next. Welcome to the Rohos Disk Encryption Setup Wizard Ths wi instal Roos Disk 2.0 on your computer. Itisreconmended that you dose al other apoeatons before continuing. Releace Date: 29.11.2013 15:02:10 1D Ponsble Rohos Disk Browser lls to we ‘nerpted pation en any PC wot Ali ts, without all FIGURE 102 Robos esp ward 5. The License Agreement window appears; read the agreement carefully, select I accept the agreement, and click Next. ‘Ucense Agreement heaeere3d he flowing mpertantnforaten before centrang. Peace read the flowing Ucense Agreement. You mst accent the terms of this agreement before contrang with the metalation, Teaine Service SRL. bp " (D exerypionie serach LUcense for use and distibuiton [RES 256 bi hey eng Se aa ane sg NIST compliant ceverypton sand’ ‘The Rohos Logon and Rohos isk Encryption (Rhos") are dstrbuted as by before-yourtuy. Ths means: 1. Al copyrights to Rohos are excusvly onned by the authors (Or donot accent the agreement FIGURE 103, License agreement window (CET Lab Manual Page 1617 “Ehcal Hacking and Countermeanures Copyright © by EGCounell ‘AI Righs Reserved Repeodton Suet Peckbied6. Select the location in which you want the program to place the shortcut. Select Start Menu Folder Where should Setup place the program's shorts? ]__seuo cet heparan sorta he flog Sart Me oer — To continue, dick Next. If you woud Ike to select a different folder, cick Browse. Fi Virtualization: prevents secret data leak outside ‘encrypted disk ‘on TEMP folders, Registry, Recent dort create» Start Menu folder documents I ete, FIGURE 104: Sle he destination flder te a desktop, and click Next. Which addtional tacks should be performed? Select the additonal tasks you would ike Setup to perform while installing Rohos Disk Encryption, then dick Next. Additonal cone: 1D dew fee elder ea ‘eas move ino ney Ras Die ith shroing ferns FIGURE 105; eeting Roos desktp eon (CEH Tab Manual Page 1618 “Eical Hacking and Coumermenvares Copy © by EE Counell ‘AI Righs Reserved Repeodton Suet PeckbiedModule 18~ Cryptography 8. Click install co begin installation. Ready to Install Setup is now ready to begin instaling Rohos Disk Encryption on your computer. Cck tnstal to continue wth the instalation, or ick Backif you want to review or 10D scared vl ojos pee eenpi! dak poor fronts kooge IGURE 106 Robs ik eneyption nal 9. On completion of installation, click Finish. Completing the Rohos Disk Encryption Setup Wizard Setuphas finshed nstaling Rohos Dek Ena ypton an your computer. The appaton may be launched by seedy he retold core CckFinich text Setup, FIGURE 107: of Raho dk neyo completed ‘CEH Lab Maal Pog) ‘ital Hackog and Goumienncaares Copyagh © by B-Comell ‘AI Righs Reserved Repeodton Suet PeckbiedGrask 2 Create an ‘encrypted disk for Local Machine 2D Roos disk uses NIST approsed AES cnerpton agin 256 ‘Beene hy leg 1D Roos cares about swablty Your is Encaypre Dave canbe turn on with sage deh or aornealy on yen sap Module 18~ Cryptography 10. "The Rohes Get Ready Wizard window appears, displaying the Disk Encryption step. Specify the password (qwerty@123) in the respective fields, and click Next. 1, Alternatively, you can launch it from the Start menu apps of Windows Server 2012. Disk Encryption ‘This ard hs you create your pesoaleneryted dk. You can use ito sore serve fs na flea, The dak be protects o pesawerd. The wawdhan setomnea beat, Darameters for the da but you may Cunge tung Bets Ie FIGURE 104; Select pasword for accsting dk 12, "The Setup a key step appears; click Next. Setup a Key fyouhave a USH key, you can useit to aces your Rchos dt, so youdonthave to tly ene te pester every ee Plug tina chose check boxes to seh USB Key. Ifyou dorithave a USS fash eve hk Newt UB devee @\ hasbeen found [Surge [i To occess you Rohs aa] FIGURE 109; Sect USB ey device ‘CEH Lab Manual Page 1650 “Eical Hacking and Coumermenvares Copy © by EE Counell ‘AI Righs Reserved Repeodton Suet PeckbiedModule 18~ Cryptography 13. The Rohos update section appears; click Finish. Rohos Updates en Rahs Cantar yucn cc er pate one an tere anectn Yau have ‘hoe bone satenen nkabor and pans Se, nas svrond on ra pie = nett a , RR eee Pero pa Di recirar red en rg Se aoe a ee ‘s backup file to access your ndehersappicatens. ence ‘nse rca estes seer set ete it oc pwent or OS SSioass res rat cete Rhos ek ac open Ras Cente. FIGURE 1010 Rotos disk enrypton updates window 1D ras epsion bigs 14, Wait until the encrypted volume is created. Hie st AES 256 ‘och nein son toamprone sxc ies ese eauased [ee oer nar socks Google Come, Pen {GURE 10.1: Disk ereaton in progress 15, On creating the encrypted volume, a new 9000 MB (8.78 GB) drive (Ral) appears in This PC, as shown in the screenshot: ome Tor |) Gp romonn ol ‘ we mere << documents Tames i ooiate BD rae Briton 4 Neworclocations 2) FIGURE 10.12: Boeryptd dk suecesflly ected ‘CEH Tab Manual Page 1651 “Eical Hacking and Coumermenvares Copy © by EE Counell ‘AI Righs Reserved Repeodton Suet PeckbiedModule 18~ Cryptography 16. This drive appears only when you are connected to Rohos Disk Encryption, and disappears when you exit it. 17. So, when you want to hide any important files/directories from anyone accessing your system, you can place them in this drive and access them whenever required (by launching Rohos and entering the password) GrasK 3 18. To create an encrypted USB drive, click Enerypt USB drive in the ‘ohos Disk Encryption GU on Rohos Disk Encryption GUL encrypted disk USB Disk nk comet pt) Se 8.868 Pew cA. Seiwa Con eae Hide folzer options SE} change password setup a Key Eeotcreamed aces tohs QF, sta eases wehesneetey cours == a a pan ar eA POTS FIGURE 10.5 Eacypinga USB device 19. The Enerypt USB drive dialog box appears; click Change... in the Encrypted partition properties section, Sarina eae USB device G:\ has been found (Change...) Partition etter (ds): He ‘# Partiton container fle: G:\_rohos\rdiskerdi. [Fsiae ] Speofy a new password to access the dik: (Conf password Make a shorteut tothe dsk on your desktop FIGURE 10.4: Beerpt USB dive dialog-box (CEH Tab Manual Page 1652 “Eical Hacking and Coumermenvares Copy © by EE Counell ‘AI Righs Reserved Repeodton Suet PeckbiedModule 18~ Cryptography 20. "The Disk details window appears; choose the Disk letter Mz, set the disk size to 60, and click OK. Disk eter: Disk Size (Megabytes: Fle system Eneryption algorithm Enciypted data willbe stored inthis container le (e Arohos disk Free space onthe disk cive(s} 37268 FIGURE 1015 Disk det window 21. This creates an Encrypted USB drive (Ms\) of 60 MB. 22, You need to apply a password for the disk, so that whenever someone wants to access the drive, they need to specify the password. 23. Specify the password (hete, test@123) in both fields, and click Create disk. ET USB device hasbeen found [Chance] Encypted partion properties wil be: Megabytes © Make a shortcut tothe disk on your desktop FIGURE 1016 Eacrype USB deve window (CEH Tab Manual Page 1653 “Eical Hacking and Coumermenvares Copy © by EE Counell ‘AI Righs Reserved Repeodton Suet PeckbiedModule 18~ Cryptography 24. Wait until the disk is created, ame Creating encrypted volume. FIGURE 10.7: Disk eeton in progest 25. On successful creation of the disk, a Rehos Disk Encryption dialog box appears; click OK. e Encrypted partiton has been successfully created. To open it on a guest computer use Rohos Mini.exe icon from a root folder on that USB drive. Now you may add files to it FIGURE. 10. Rohos Disk Hnenpsion dilog-box 26. The Enerypted disk (here, Mal) of 60 MB is created successfully, as shown in the screenshot: 1 ear ar rE] a = Name DD Vou cancpenoeSuve Sam: soarprteel docunens ‘yon MS Word ne ty ciekng en he peal cabo teary FIGURE: 101% Newly erated Fete tk window (CEH Tab Manual Page 1654 “Eical Hacking and Coumermenvares Copy © by EE Counell ‘AI Righs Reserved Repeodton Suet Peckbied27. The files you place in this drive will automatically be placed in the external USB. 28. In this lab, we are copying the folder Rohos Disk Encryption from DACEH-Tools\CEHv9 Module 18 CryptographyiDisk Encryption Tools to Ma. 1p [Ga Taare » ereypes Doe) » ies 3 tee secon coe we tiene Ih oattep 1 ocunens i Downonts Brcwee B Vieos We toes oat(ca FIGURE 1020-Copying foller tthe enexspie die Gras 4 29. Now, if you want to access this file, open the external USB drive which Recess Files in has been connected to yout computer, and double-click Rehes Mini the Encryptod © > tase Taare » Transco) ech TA ew Nome “i Downloads Recetas veicep ca Reber Dik Ub Ros Disk Econ wm Tce Ii Desep E documents i Downloade Btese B reuse: Bi Vteor a tocadak Ire FIGURE 1021: Launching Roos Misi Deve (CEH Tab Manual Page 1655 “Eical Hacking and Coumermenvares Copy © by EE Counell ‘AI Righs Reserved Repeodton Suet Peckbied30. A Rohos dialog box appears asking you to enter the password. You need to enter the password which you specified at the time of creating the encrypted USB disk (Ms) FIGURE 1022 Retos dog bo 31. A Rohos Disk Browser window appears, displaying the folder that was placed in MA, as shown in the screenshot: FIGURE 1025; Rotos Disk Browse window containing the le plac in M\ 32, When you want to share sensible information with someone via USB, you can use this application to store the files in an encrypted disk, and share the password with that person, 33. "The person with whom you want to share the files can access them only after entering the correct password. 34, This way, you can protect the files from being viewed by a third person and thereby safeguard them. (CEH Lab Manual Page 1655 “Ehcal Hacking and Countermeanures Copyright © by EGCounell ‘AI Righs Reserved Repeodton Suet PeckbiedModule 18~ Cryptography Lab Analysis Analyze and document the results related to this lab exercise, PLEASE TALK TO YOUR INSTRUCTOR IF YOU HAVE QUESTIONS RELATED TO THIS LAB. eee No Platform Supported © Classroom ilabs ‘CEH Lab Manual Page 1657 “Eical Hacking and Coumermenvares Copy © by EE Counell ‘AU Righs Reserved Reproduchon i Swit ProbieON KEY 7 Vataable information & esr your knowledge B_ wer exercise 1) Workbook seview Basic Data Encryption Using CrypTool Copllool is a freeware program that enables you to apply and anabze erypleraphie mechanisms, It has the tical look and feel of a modern Windows application, CiypTool includes every state-of theart oryplograpbie function and allows you to learn and use erypiegraphy within the same environment. Lab Scenario Most secutity initiatives are defensive strategies aimed at protecting the perimeter of the network. But these efforts may ignore a ctucial vulnerability sensitive data stored on networked servers ate at risk ftom attackers who only need to find one way inside the network to access this confidential information, Additionally, perimeter defenses like firewalls cannot protect stored sensitive data from the internal threat employees with the means to access and exploit this data. Encryption can provide strong security for sensitive data stored on local or network servers. To be an expert ethical hacker and penetration tester, you must have knowledge of cryptogtaphy functions. Lab Objectives “This lab will give you experience on encrypting data and show you how to do so, It will teach you how to: © Tools : .crypting decrypting commai °° in Use enerypting/decrypting command this ta = Visualize several algorithms available in eee, Calculate hash values and analysis Tools\CEHv9 - Module 18 Lab Environment Cryptography ‘To complete this lab, you will need: = CrypTool located at DACEH-ToolsiCEHv9 Module 18 Gryptography\Cryptanalysis Tools\CrypToo! ‘CEH Lab Manual Page 1658 "lea Hacking and Coumtemecanaren Copigh © by H-Gomell ‘AI Righs Reserved Repeodton Suet PeckbiedModule 18~ Cryptography = You can also download the latest version of CrypTool from the link hup://www.cryptooLorg/en/download-ctl-en = If you decide to download the latest version, then sereenshots shown in the lab might differ "Windows Server 2012 running on host machine £2 coptot is a fee lenin spteon fo Windows 8.1 running on virtual machine = Administrative Privileges to run the tool Lab Duration ‘Time: 15 Minutes, Overview of CrypTool CrypTool is a free, open-source e-learning application used in the implementation and analysis of cryptographic algorithms. It was originally designed for internal business application for information security training. Lab Tasks tasks 1. Navigate to DACEH-Tools\CEHV9 Module 18 GryptographyiCryptanalysis Tools\CrypTool, double-click Encrypting the enn SetupCrypTool_1_4 31_BetaGb r3670_VS2008_en.exe, and follow the ‘wizard driven installation steps to install the application. 2. On completing the installation, launch GrypTool application from the ‘Apps screen. ED Yos an ate era Captor FIGURE 11. Lasahig Cpa fom App semen ‘CEH Lab Maal Pag 105) ‘ital Hackog and Goumienncaares Copyagh © by B-Comell “Al igh Revcved. Reproduction Set Peobted3. The Hew te Start dialog box appears; check Don't show this message again, and click Close, £1) copnt Onin provides an exe she eyprology with «very ‘tapers and encryp ‘methods Dont chow this dalog again] FIGURE: 11.2: How to Sar Dig box ‘The main window of GrypTeel appears; close the startingexample- enstxt window. Fle Ede View EnerptDecypt OigtalSgnatre/PKI inn. Procedures Anais Options Window Help Diciatleals) ¥/mje) =) ele) tating example forthe Crypoal version family 1x (CTT) [CrypToo! 1 (CT is a comprehensive fee educational program about crystoraphy and cryptanalysis feng exterave deine help and many usuakzations This isa tex fle, created in order to help you to make your fst steps with CT! FIGURE 113; saingesample-en tt window in Cy (CEH Lab Maral Page 1660 “Ehcal Hacking and Countermeanures Copyright © by EGCounell “Al igh Revcved. Reproduction Set PeobtedModule 18~ Cryptography 5. To enerypt data, click the File option from the menu bar, and select FIGURE 114: Choosing anew lev egpe DD ceopront was 6. Type some content in the opened Unnamed4 Notepad of CrypTool, ny ened or You will be encrypting this content. Seelgon for lofomaon 7. Sclect EneryptiDecrypt > Symmetric (modern) > RG2... in the Menu FIGURE 11.5: Eneryping the fle (CEH Tab Manual Page 1561 “Eical Hacking and Coumermenvares Copy © by EE Counell ‘AU Righs Reserved Reproduchon i Swit ProbieModule 18~ Cryptography ; select Key length (here, 8 bits) 8. The Key Entry: R62 dialog box appea from the drop-down list. 9. Enter the key using hexadecimal characters (05), and click Enerypt. Enter the key using hexadecimal characters (0.8, AF. Keyl: [Bb] FIGURE 11.4 Encryping the le 10. ‘The RC2 encryption of Unnamedt notepad displays, as shown in the screenshot: 12 cope copes ‘capper nd ows you le zd se ‘expe win ta ne FIGURE 117: Output of RC2-eneyped data 11. ‘To save the file, click File in the menu bar, and sclect Save. Pt Setup. 1 Case. \Cy-AC2-tokeher 2fakett 3 C\User\.\Templen?.org TIGURE 11.8 Saving the encryped fie (CEH Lab Manual Page 1662 “Ehcal Hacking and Countermeanures Copyright © by EGCounell ‘AI Righs Reserved Repeodton Suet Peckbied1D cop tool Ontine provide en exching inst ‘eyprology with x vacety ‘ot phers tnd encryption ‘methods Task 2 Decrypting the Data Module 18~ Cryptography 12. The Save As dialog-box appears; choose a location where you want to save the file (Desktop), specify a file name (Cry-RC2-Unnamed4.hex), and click Save. Note: The file name may differ in your lab environment. ‘Coquanoeaae 4 Favorites + ‘ue fl oan) Yl marc Tk estoy 3 Bi Documents rename [ERE romaine Serene [Bins le hed Hide Folders FIGURE 119: Susing the encrypted ie 13. Now, you can send this file to the intended petson by email or any other means and provide him/her with the hex value, which will be used to decrypt the file 14, To share the file, you may copy the encrypted file from the Desktop to D:CEH-Tools\CEHv9 Module 18 —_Cryptography\Cryptanalysis Tools\CrypTool. 15. Assume that you are the intended recipient (working on Windows 8.1) of the Crypted file through the shared network drive. 16. Log into Windows 8.1 virtual machine, navigate to ZACEHV8 Modul 18 Cryptography\Cryptanalysis Tools\CrypToo!, double-click SetupCrypTool_1_4_31_Beta6b_r3670_VS2008_en.exe, and follow the steps to install the application, 17. In the meanwhile, copy the Czypted hex file (Gry-RC2-Unnameda.hex) from Z:\CEHV9 Module 18 Cryptography\Cryptanalysi Tools\CrypTool, and save it to the Desktop. 18. Launch the GrypTee! application. 19. The How to Start dialog box appears; check Don't show this message again, and click Close, ‘CEH Lab Maral Page 1663 “Eical Hacking and Coumermenvares Copy © by EE Counell ‘A Rights Reserved Reproduction Sty ProfitModule 18~ Cryptography 20. The main window of GrypTool appears; close the startingexample- enatxt window. FIGURE 11.10; santingerampie-n.at window in CrypTo0! 21. To decrypt data, click File in the menu bar, and select Open. FIGURE 11.11: Opening « Cpe de (CEE Lab Mansa Page 1664 “Ehcal Hacking and Countermeanures Copyright © by EGCounell ‘AU Righs Reserved Reproduchon i Swit Probie22. "The Open dialog-box appears; select All files from the drop-down list, navigate to the location of the file (Desktop), sclect it, and click Open. Search Desiton Shortcut 174K ‘Co RCE Unnemedtner HEA Fle zu Fenare [69-8 Uae IGURE 11.22 Openings Cpe Re 23. Select Enerypt/Decrypt > Symmetric (modern) > RC2... from the ‘menu bar. SP deme ee 5 3 93 3 38 FIGURE 11.15; Slot the RC2 Encepion algo ‘CEH Lab Maral Page 1565 “Eical Hacking and Coumermenvares Copy © by EE Counell ‘AU Righs Reserved Reproduchon i Swit Probie24, The Key Entry: RG2 dialog-box appears; sclect Key length (here, 8 bits) from the drop-down list. 25. Enter the hexadecimal key (08) that was used to encrypt the file, and click Decrypt. Enter the key using hewadecimal characters (0.9, A.F). Key ent [Bete] FIGURE 11.44 Deespting the fe 26. ‘The decrypted text appears, as shown in the screenshot: FIGURE 11.15: Decrypt he ile uecesfally 27. This way, files can be encrypted using CrypTool and shared with an individual in a secute manner, so that no one can intercept its data. (CEH Lab Manual Page 1665 “Ehcal Hacking and Countermeanures Copyright © by EGCounell ‘AU Righs Reserved Reproduchon i Swit ProbieModule 18~ Cryptography Lab Analysis Analyze and document the results related to this lab exercise. PLEASE TALK TO YOUR INSTRUCTOR IF YOU HAVE QUESTIONS RELATED TO THIS LAB. Platform Supported Classroom (CEH Tab Manual Page 1657 “Eical Hacking and Coumermenvares Copy © by EE Counell ‘AU Righs Reserved Reproduchon i Swit Probie