Cryptography Warm Up – CTF challenge

Here is a starter problem for everyone. Since you will be using computer to break my secret code, I am giving you the encrypted message in many forms:

  1. Hex: 0x540x680x65 0x730x650x630x720x650x74 0x690x73 0x6f0x750x74
  2. Decimal: 084104101 115101099114101116 105115 111117116
  3. Binary: 010101000110100001100101 011100110110010101100011011100100110010101110100 0110100101110011 011011110111010101110100
  4. Base64: VGhlIHNlY3JldCBpcyBvdXQ=

Have fun solving the secret message!

Steganography Example – CTF – Chicken Curry

OK, in this Steganography challenge today, I have used one of my favorite dishes – chicken curry. This image was taken in 2013 in Bluefield VA at my house. I have hidden another full image inside the chicken curry! See if you could solve and extract the image. You should try this dish for a blind date!

MD5 hash of the hidden image is : 99860294e16ee4444b8edc407e6dae1b

Good Luck.

Top 10 Wireshark Fileters

I found this youtube video very useful to learn some of the most common WireShark filters.

  • tcp,port == 443
  • dns or http
  • ip.addr
  • ip.src
  • ip.dest
  • tcp.analysis.flags
  • !(apr or dns or icmp)
  • tcp contains facebook
  • dns contains facebook
  • http.request
  • http.response
  • http.response.code == 200
  • tcp.flags.syn == 1 [ useful to identify SYN attack]
  • tcp.flags.reset == 1
  • sin && rtp

Hash Type in Linux Password

A reference table when you review /etc/shadow file:
$1$
md5
$2a$
Blowfish
$2y$
Blowfish, with correct handling of 8 bit characters
$5$
sha256
$6$
sha512

 

Just stick to sha512 please!

You can change the hash setting by the file: /etc/login.defs and then changing “ENCRYPT_METHOD SHA512” line.

You can also user the authconfig command to accomplish the same thing:

sudo authconfig –passalgo=sha512 –update

After implementing a strong hash setting we must also make users change/update their password in the next login using the following command:

sudo chage -d 0 username

we can also use:

sudo passwd –expire username

for more info:

https://www.aychedee.com/2012/03/14/etc_shadow-password-hash-formats/

 

We can update default password policy in Linux as well:

vi /etc/security/pwquality.conf

# Configuration for systemwide password quality limits
# Defaults:
#
# Number of characters in the new password that must not be present in the
# old password.
# difok = 1
#
# Minimum acceptable size for the new password (plus one if
# credits are not disabled which is the default). (See pam_cracklib manual.)
# Cannot be set to lower value than 6.
# minlen = 8
#
# The maximum credit for having digits in the new password. If less than 0
# it is the minimum number of digits in the new password.
# dcredit = 0
#
# The maximum credit for having uppercase characters in the new password.
# If less than 0 it is the minimum number of uppercase characters in the new
# password.
# ucredit = 0
#
# The maximum credit for having lowercase characters in the new password.
# If less than 0 it is the minimum number of lowercase characters in the new
# password.
# lcredit = 0
#
# The maximum credit for having other characters in the new password.
# If less than 0 it is the minimum number of other characters in the new
# password.
# ocredit = 0
#
# The minimum number of required classes of characters for the new
# password (digits, uppercase, lowercase, others).
# minclass = 0
#
# The maximum number of allowed consecutive same characters in the new password.
# The check is disabled if the value is 0.
# maxrepeat = 0
#

 

Using and Not using Shadow File in Linux

less /etc/passwd
# the command below will destroy shadow feature
# and you will be able to view the password with
# /etc/passwd file. NOT RECOMMENDED
sudo pwunconv

# we can also do the same thing for the group file
sudo grpunconv

 

# To convert the system to use shadow file again, use
# the following commands

sudo pwconv
sudo grpconv

Linux Run Level Reference

ID Name Description
0 Halt Shuts down the system.
1 Single-user mode Mode for administrative tasks.
2 Multi-user mode Does not configure network interfaces and does not export networks services.
3 Multi-user mode with networking Starts the system normally.
4 Not used/user-definable For special purposes.
5 Start the system normally with appropriate display manager (with GUI) Same as runlevel 3 
6 Reboot Reboots the system.

Visit https://en.wikipedia.org/wiki/Runlevel for more.

Adding users and groups in linux

Adding users:

# create a new user
sudo adduser wonderfulperson
sudo useradd wonderfulperson

# udpate password
sudo password wonderfulperson

# batch add users.
vi addmultipleusers

# add the test content below
# username:passwd:uid:gid:full name:home_dir:shell
user1:user1password:::User1:/home/user1:/bin/bash
user2:user2password:::User2:/home/user2:/bin/bash

 

# back to shell, type the newusers command with attribute
sudo newusers users.txt

#example output
?? $ less /etc/passwd | grep user
user1:x:1006:1006:User1:/home/user1:/bin/bash
user2:x:1007:1007:User2:/home/user2:/bin/bash

 

# look up all of the existing groups in Linux
cut -d: -f1 /etc/group

# To review which group a user belong to use:
groups <username>

 

# Add groups
sudo groupadd guestusers
sudo addgroup guestusers

# To add one user in multiple groups user the following code:
sudo usermod -a -G <group1>,<group2>,<group3> <username>
?? $ sudo usermod -a -G mysql,apache,sssd user2
?? $ groups user2
user2 : user2 sssd apache mysql

Nessus for Home Users

Nessus is one of the most well known network vulnerability tool available on the market. If you are in the field of security, you should be familiar with the tool and know how to use it well. But how to get hands on experience with the tool when you are still in school or working in your first IT job that does not directly involve network security?

I recommend that you first try the Nessus Home, which is free for home use.

  • According to their official webpage, “NessusĀ® Home allows you to scan your personal home network with the same powerful scanner enjoyed by Nessus subscribers.”

https://www.tenable.com/products/nessus/nessus-plugins/obtain-an-activation-code

Windows installation is fairly simple. Once you install, it would let you create an web interface where you can test the tool.