Friday, November 11, 2016
Monday, November 7, 2016
Hyderabad's First Ever Drag Race
# Drag Racing Event
"Do It With Passion Or Not at All"
More Details Call Us: 040-66778891 / 92
Visit: www.flywheels.co.in
"Do It With Passion Or Not at All"
More Details Call Us: 040-66778891 / 92
Visit: www.flywheels.co.in
Tuesday, November 1, 2016
Ethical Hacking Workshop in Hyderabad
Hi All We are Planning Conduct Next Ethical Hacking Workshop.
More Details will be updated Soon..
More Details will be updated Soon..
Thursday, October 6, 2016
Wednesday, July 20, 2016
How to make your data safe using Cryptography
In this article, we will introduce you to the world of cryptology and how you can secure information from falling into the wrong hands.
Let’s illustrate this with the aid of an example. Suppose you want to send the message “I LOVE APPLES”, you can replace every letter in the phrase with the third successive letter in the alphabet. The encrypted message will be “K NQYG CRRNGV”. To decrypt our message, we will have to go back three letters in the alphabet using the letter that we want to decrypt. The image below shows how the transformation is done.
What is Cryptography?
Cryptography is the study and application of techniques that hide the real meaning of information by transforming it into non human readable formats and vice versa.Let’s illustrate this with the aid of an example. Suppose you want to send the message “I LOVE APPLES”, you can replace every letter in the phrase with the third successive letter in the alphabet. The encrypted message will be “K NQYG CRRNGV”. To decrypt our message, we will have to go back three letters in the alphabet using the letter that we want to decrypt. The image below shows how the transformation is done.
The process of transforming information into non human readable form is called encryption.
The process of reversing encryption is called decryption.
Decryption is done using a secret key which is only known to the legitimate recipients of the information. The key is used to decrypt the hidden messages. This makes the communication secure because even if the attacker manages to get the information, it would not make sense to them.
The encrypted information is known as a cipher.
What is Cryptanalysis?
Cryptology encrypts messages using a secret key. Cryptanalysis is the art of trying to decrypt the encrypted messages without the use of the key that was used to encrypt the messages. Cryptanalysis uses mathematical analysis & algorithms to decipher the ciphers. The success of cryptanalysis attacks depends on;
Amount of time available
Computing power available
Storage capacity available
The following is a list of the commonly used Cryptanalysis attacks;
Brute force attack– this type of attack uses algorithms that try to guess all the possible logical combinations of the plaintext which are then ciphered and compared against the original cipher.
Dictionary attack– this type of attack uses a wordlist in order to find a match of either the plaintext or key. It is mostly used when trying to crack encrypted passwords.
Rainbow table attack– this type of attack compares the cipher text against pre-computed hashes to find matches.
Encryption Algorithms
MD5– this is the acronym for Message-Digest 5. It is used to create 128 bit hash values. Theoretically, hashes cannot be reversed into the original plain text. MD5 is used to encrypt passwords as well as check data integrity. MD5 is not collision resistant. Collision resistance is the difficulties in finding two values that produce the same hash values.
SHA– this is the acronym for Secure Hash Algorithm. SHA algorithms are used to generate condensed representations of a message (message digest). It has various versions such as;
- SHA-0: produces 120 bit hash values. It was withdrawn from use due to significant flaws and replaced by SHA-1.
- SHA-1: produces 160 bit hash values. It is similar to earlier versions of MD5. It has cryptographic weakness and is not recommended for use since the year 2010.
- SHA-2: it has two hash functions namely SHA-256 and SHA-512. SHA-256 uses 32 bit words while SHA-512 uses 64 bit words.
- SHA-3: this algorithm was formally known as Keccak.
RC4– this algorithm is used to create stream ciphers. It is mostly used in protocols such as Secure Socket Layer (SSL) to encrypt internet communication and Wired Equivalent Privacy (WEP) to secure wireless networks.
BLOWFISH– this algorithm is used to create keyed, symmetric blocked ciphers. It can be used to encrypt passwords and other data.
Hacking Activity: Hack Now!
In this practical scenario, we will create a simple cipher using the RC4 algorithm. We will then attempt to decrypt it using brute-force attack. For this exercise, let us assume that we know the encryption secret key is 24 bits. We will use this information to break the cipher.
We will use CrypTool 1 as our cryptology tool. CrypTool 1 is an open source educational tool for crypto logical studies. You can download it from http://www.cryptool.org/en/ct1-download-en
Creating the RC4 stream cipher
We will encrypt the following phrase
Never underestimate the determination of a kid who is time-rich and cash-poor
We will use 00 00 00 as the encryption key.
- Open CrypTool 1
Replace the text with Never underestimate the determination of a kid who is time-rich and cash-poor
Click on Encrypt/Decrypt menu
Point to Symmetric (modern) then select RC4 as shown above
The following window will appear
Select 24 bits as the encryption key
Set the value to 00 00 00
Click on Encrypt button
You will get the following stream cipher
Attacking the stream cipher
Click on Analysis menu
Point to Symmetric Encryption (modern) then select RC4 as shown above
You will get the following window
Remember the assumption made is the secret key is 24 bits. So make sure you select 24 bits as the key length.
Click on Start button, you will get the following window
Note: the time taken to complete the Brute-Force Analysis attack depends on the processing capacity of the machine been used and the key length. The longer the key length the longer it takes to complete the attack.
When the analysis is complete, you will get the following results.
Note: a lower Entropy number means it is the most likely correct result. It is possible a higher than the lowest found Entropy value could be the correct result.
Select the line that makes the most sense then click on Accept selection button when done
Summary
- Cryptography is the science of ciphering and deciphering messages.
- A cipher is a message that has been transformed into a non human readable format.
- Deciphering is reversing a cipher into the original text.
- Cryptanalysis is the art of deciphering ciphers without the knowledge of the key used to cipher them.
- Cryptology combines the techniques of both cryptography and cryptanalyst.
Tuesday, April 5, 2016
Latest Android Hacking Apps 2016
Latest Android Hacking Apps 2016
#1 Hackode
Hackode : The hacker’s Toolbox is an application for penetration tester, Ethical hackers, IT administrator and Cyber security professional to perform different tasks like reconnaissance, scanning performing exploits etc.
#2 Androrat
Remote Administration Tool for Android. Androrat is a client/server application developed in Java Android for the client side and in Java/Swing for the Server.
#3 APKInspector
APKinspector is a powerful GUI tool for analysts to analyse the Android applications. The goal of this project is to aide analysts and reverse engineers to visualize compiled Android packages and their corresponding DEX code.
#4 DroidBox
DroidBox is developed to offer dynamic analysis of Android applications.
#5 Burp Suite
Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application’s attack surface, through to finding and exploiting security vulnerabilities.
#6 ZanTi
zANTI is a comprehensive network diagnostics toolkit that enables complex audits and penetration tests at the push of a button. It provides cloud-based reporting that walks you through simple guidelines to ensure network safety.
#7 Droid Sheep
DroidSheep can be easily used by anybody who has an Android device and only the provider of the web service can protect the users. So Anybody can test the security of his account by himself and can decide whether to keep on using the web service.
#8 dSploit
dSploit is an Android network analysis and penetration suite which aims to offer to IT security experts/geeks the most complete and advanced professional toolkit to perform network security assessments on a mobile device.
#9 Arpspoof
Arpspoof is a tool for network auditing originally written by Dug Song as a part of his dsniff package. This app redirects traffic on the local network by forging ARP replies and sending them to either a specific target or all the hosts on the local network paths.
#10 Shark for Root
Traffic sniffer, works on 3G and WiFi (works on FroYo tethered mode too). To open dump use WireShark or similar software, for preview dump on phone use Shark Reader. Based on tcpdump.
#11 Nmap for Android
Nmap (network mapper) is one the best among different network scanner (port finder) tool, Nmap mainly developed for Unix OS but now it is available on Windows and Android as well. Nmap for android is a Nmap apps for your phone! Once your scan finishes you can e-mail the results. This application is not a official apps but it looks good.
So above is all about Latest Android Hacking Apps 2016
Subscribe to:
Posts (Atom)