Ethical Hacking Course: Cryptography Lab Session

We will use a Cryptool Portal which has many tools for this session. This is a great tool to learn about different kinds of cryptography.

Figure1. Cryptool Portal

Cryptool 1

When we open it, it gives a sample text file that we can then use to encrypt. Go to Encrypt/Decrypt->Symmetric(classic)->Caeser. The Caesar cipher was a substitution cipher and with it we can change the offset. If we change the number value to 5 we can  see at the bottom A becomes F, becomes G and so on. If we press encrypt, the file gets encrypted and cannot be understood. We can decrypt it by doing the same thing.

This tool also has an analysis function. So encrypt the file again, go to Analysis->Symmetric Encryption(classic)->Ciphertext-Only. We find the the derived key and if we decrypt, we get the file back. If we do this for some modern technique, the decryption may become more difficult.

Kali Tools for Cryptography

Hashing – Open Firefox and open www.fileformat.info/tool/hash.htm. We have a text file with the text “Please hash me” which we will use for hashing. Go to the site and browse HashMe.txt and hit Hash.

Figure 2. Hashing Output

Copy the MD5 and copy it in a document. Open HashMe.txt again and put a space at the end and save it. We will now see whether it will make any difference. Hash that file again and we see that the MD5 has changed. This is how we can use hashing to test integrity.

Symmetric Encryption

Open www.wiki.openssl.org/index.php/Command_Line_Utilities. It has got a large number of ciphers. Now open the terminal and we will use a command to derive MD5 hash of our file. The command is –

Openssl dgst md5 HashMe.txt

It will give the MD5. Copy it and paste it to the file where we have copied the ones derived from the tool. We can see that it is exactly the same.

Now we will do encryption. First we will list the cipher commands with the command ‘openssl list-cipher-commands’. We will encrypt ‘encrypted.txt’. The command is –

Openssl emc –aes-256-cbc –in encrypted.txt –out encrypted.dat

If we ‘ls’, we can see ‘encrypted.dat’. If we open it, the text is completely encrypted. If we want to decrypt it, we will use the same command in the reverse and add a –d to the actual command. The command is –

Openssl emc –aes-256-cbc -d –in encrypted.dat –out encrypted2.txt

We can see there is encrypted2.txt and if we open it, it has the correct content.

 

Ethical Hacking Tutorial: Cryptography Lab Session Video:




Enjoy this blog? Please spread the word :)