• Use encrypting/decrypting techniques
    • Use Veracrypt – encrypt disk within a file
    • HashCalc - Generate Hashes and checksum files
    • Use Crypto forge or BCTextencoder
    • Create self signed cert
    • Use Cryptool

 

Use Veracrypt to encrypt a Disk within a file.

From Windows box

A.      Open Veracrypt ; select Create an encrypted file container to create a virtual encrypted disk within a file.

B.       select Standard VeraCrypt volume

C.      click Select File…., Choose Location and type file name – next -

D.      In the Encryption Options wizard, select the AES Encryption Algorithm and SHA-512 Hash Algorithm, and click Next.

E.       In the Volume Size wizard, specify the size of the VeraCrypt container as 2 megabyte, and click Next.

F.       Enter password

G.      Move mouse to generate random volume – Click format – VOLUME CREATED

H.      To mount volume open Veracrypt again and choose a DRIVE and select the volume you created previously – Click MOUNT – Enter password –

I.         Store any docs etc in here and when unmounted is invisible and encrypted

J.        To restore you need to remount drive and enter password.


Use HashCalc to monitor your file integrity – MD5, MD4, SHA1,256,384,512,RIPEMD160, PANAMA, TIGER, MD2, ADLER2, CRC32, edonkey/emule

From Windows box to generate hash values

A.      Open HashCalc ; select the type of Data format (here, Text string) from dropdown list.

B.       Enter data into data field

C.    Choose the appropriate Hash algorithms by selecting their respective checkboxes.

EG MD5SHA1RIPEMD160 and CRC32 hash algorithms have been selected. Now, click Calculate.


From Windows box – to check file hash values to spot changes

A.      Open HashCalc ; select the type of Data format (here, Text string) from dropdown list.

B.      Enter data into data field

C.      Click ellipses button near Data field to provide the file path.

D.      Note down hashes

E.       If document is changed hashes will change.

 

Use Cryptoforge

.cfd and .cfe are cryptoforge file extensions. Need passphrase to unlock.

BCTextEncoder – same theory need password to decrypt.

 

Create SELF SIGNED Cert

From windows box

A.       From Internet Information Services (IIS) Manager window ; click the Machine name in the Connections pane, and double-click Server Certificates under IIS category.

B.       Server Certificates wizard, click Create Self-Signed Certificate in the Actions pane (right-side).

C.      type a name in the Specify a friendly name for the certificate field.

Choose Personal in the Select a certificate store for the new certificate field drop-down list, and click OK.

D.      To apply to a website - Expand the Sites node, and select Goodshopping in the Connections pane, and click Bindings in the Actions pane

Use CRYPTOOL

From windows box

A.      Open CrypTool – File – New - Type some content in the opened Unnamed1 Notepad of CrypTool. You will be encrypting this content.

Select Encrypt/Decrypt --> Symmetric (modern) --> RC2… in the Menu bar.

B.       The Key Entry: RC2 dialog-box appears; select Key length (here, 8 bits) from the drop down list.  Enter the key using hexadecimal characters (05) and click Encrypt.

C.      To save the file, click File in the menu bar, and select Save.

    1. Now, you can send this file to the intended person by email or any other means and provide him/her with the hex value, which will be used to decrypt the file.

E.       To Decrypt do the reverse


HASHCAT

hashcat -h | grep -i ntlm

hashcat -m 3100 haches.txt /opt/share/wordlist/rocky.txt

 

to launch a combination attack against MD5 password hashes

hashcat -m 0 -a 1 /root/hashes/hashes.txt /root/rockyou.txt

 

a straight through attack is super fast on simple passwords

hashcat -m 0 -a 0 /root/hashes/hashes.txt /root/rockyou.txt

 

JOHN THE RIPPER

john hashes.txt -format=nt -show (CrackNTLM)

 

use the cewel.txt in john the ripper to

john –wordlist=cvewl.txt –rules –stdout > pass.txt

 

john –wordlist:/usr/share/wordlists/rockyou.txt