Test Post
test
posted by Vikas Singhal @ 3:22 AM
0 comments
Sunday, September 09, 2012
Monday, September 21, 2009
Get job in Google if you break this code.. - Patrika : enggresources.com
posted by Vikas Singhal @ 9:47 AM
0 comments
Saturday, September 05, 2009
What is Hacking? Learning the art - Part 1 - Patrika : enggresources.com
posted by Vikas Singhal @ 11:56 AM
0 comments
Tuesday, August 29, 2006
Encryption Algorithms
Encryption Algorithms
Different encryption algorithms use proprietory methods of generating these keys and are therefore useful for different applications. Here are some nitty gritty details about some of these encryption algorithms. Strong encyrption is often discerend by the key length used by the algorithm.RSA
In 1977, shortly after the idea of a public key system was proposed, three mathematicians, Ron Rivest, Adi Shamir and Len Adleman gave a concrete example of how such a method could be implemented. To honour them, the method was referred to as the RSA Scheme. The system uses a private and a public key. To start two large prime numbers are selected and then multiplied together; n=p*q. If we let f(n) = (p-1) (q-1), and e>1 such that GCD(e, f(n))=1. Here e will have a fairly large probability of being co-prime to f(n), if n is large enough and e will be part of the encryption key. If we solve the Linear Diophantine equation; ed congruent 1 (mod f(n)), for d. The pair of integers (e, n) are the public key and (d, n) form the private key. Encryption of M can be accomplished by the following expression; Me = qn + C where 0<= C < n. Decryption would be the inverse of the encryption and could be expressed as; Cd congruent R (mod n) where 0<= R < n. RSA is the most popular method for public key encryption and digital signatures today.
DES/3DES
The Data Encryption Standard (DES) was developed and endorsed by the U.S. government in 1977 as an official standard and forms the basis not only for the Automatic Teller Machines (ATM) PIN authentication but a variant is also utilized in UNIX password encryption. DES is a block cipher with 64-bit block size that uses 56-bit keys. Due to recent advances in computer technology, some experts no longer consider DES secure against all attacks; since then Triple-DES (3DES) has emerged as a stronger method. Using standard DES encryption, Triple-DES encrypts data three times and uses a different key for at least one of the three passes giving it a cumulative key size of 112-168 bits.
BLOWFISH
Blowfish is a symmetric block cipher just like DES or IDEA. It takes a variable-length key, from 32 to 448 bits, making it ideal for both domestic and exportable use. Bruce Schneier designed Blowfish in 1993 as a fast, free alternative to the then existing encryption algorithms. Since then Blowfish has been analyzed considerably, and is gaining acceptance as a strong encryption algorithm.
IDEA
International Data Encryption Algorithm (IDEA) is an algorithm that was developed by Dr. X. Lai and Prof. J. Massey in Switzerland in the early 1990s to replace the DES standard. It uses the same key for encryption and decryption, like DES operating on 8 bytes at a time. Unlike DES though it uses a 128 bit key. This key length makes it impossible to break by simply trying every key, and no other means of attack is known. It is a fast algorighm, and has also been implemented in hardware chipsets, making it even faster.
SEAL
Rogaway and Coppersmith designed the Software-optimized Encryption Algorithm (SEAL) in 1993. It is a Stream-Cipher, i.e., data to be encrypted is continuously encrypted. Stream Ciphers are much faster than block ciphers (Blowfish, IDEA, DES) but have a longer initialization phase during which a large set of tables is done using the Secure Hash Algorithm. SEAL uses a 160 bit key for encryption and is considered very safe.
RC4
RC4 is a cipher invented by Ron Rivest, co-inventor of the RSA Scheme. It is used in a number of commercial systems like Lotus Notes and Netscape. It is a cipher with a key size of up to 2048 bits (256 bytes), which on the brief examination given it over the past year or so seems to be a relatively fast and strong cypher. It creates a stream of random bytes and 'XORing' those bytes with the text. It is useful in situations in which a new key can be chosen for each message.
posted by Vikas Singhal @ 3:52 AM
0 comments
Tuesday, May 09, 2006
Some comman HTools (Tool 1)
Now on I'll be posting about some common tools i know...
The tools covered here will allow you to do packet crafting, packet sniffing, port binding, and other neat stuff. With that said, let's get on with it!
Being able to see and verify packets is a critical ability. This also applies when you are at home and trying to understand a tool’s output. It also is of importance when you are trying to troubleshoot a problem on your network. So suffice it to say that you really must have a packet sniffer installed on your computer. I have said in the past that you really should simply install windump vice ethereal for it forces you to become familiar with a packet’s contents. Safe to say I have not changed my opinion since then. Seeing as some of you may be installing these tools on Win XP SP2 I have tried to find the tools that will work with it. I have not been entirely successful, so please realize that I would suggest you have as your test box either Windows 2000 Professional or Windows XP SP1. Sadly with the release of SP2 a lot of raw socket functionality was broken. Some tools have been able to compensate for this and others have not.
With that said let’s go and install our packet sniffer that I know works with XP SP2. Please download the tcpdump tool that we will install. The reason I suggest downloading this tool vice the actual windump.exe is that this version will work with XP SP2. I was unable to get windump.exe to work with XP SP2 and simply gave up as I had found this fully functional alternative, which is pretty much exactly the same. Once downloaded simply uncompress it and install it at the root of C drive ie: C:\ You are now ready to sniff packets!
You will note in the screenshot above some sample syntax to invoke it and what it also looks like. Should you wish to learn more about using a packet sniffer like this one simply read these articles. One last word on the use of packet sniffers! You should always have it up and running prior to playing with some tools or exploit code. That way you can verify at the packet level should you need to verify some condition that occurred during your experimentation.
The tools covered here will allow you to do packet crafting, packet sniffing, port binding, and other neat stuff. With that said, let's get on with it!
Sniffing packets
Being able to see and verify packets is a critical ability. This also applies when you are at home and trying to understand a tool’s output. It also is of importance when you are trying to troubleshoot a problem on your network. So suffice it to say that you really must have a packet sniffer installed on your computer. I have said in the past that you really should simply install windump vice ethereal for it forces you to become familiar with a packet’s contents. Safe to say I have not changed my opinion since then. Seeing as some of you may be installing these tools on Win XP SP2 I have tried to find the tools that will work with it. I have not been entirely successful, so please realize that I would suggest you have as your test box either Windows 2000 Professional or Windows XP SP1. Sadly with the release of SP2 a lot of raw socket functionality was broken. Some tools have been able to compensate for this and others have not.
With that said let’s go and install our packet sniffer that I know works with XP SP2. Please download the tcpdump tool that we will install. The reason I suggest downloading this tool vice the actual windump.exe is that this version will work with XP SP2. I was unable to get windump.exe to work with XP SP2 and simply gave up as I had found this fully functional alternative, which is pretty much exactly the same. Once downloaded simply uncompress it and install it at the root of C drive ie: C:\ You are now ready to sniff packets!
Figure 1
You will note in the screenshot above some sample syntax to invoke it and what it also looks like. Should you wish to learn more about using a packet sniffer like this one simply read these articles. One last word on the use of packet sniffers! You should always have it up and running prior to playing with some tools or exploit code. That way you can verify at the packet level should you need to verify some condition that occurred during your experimentation.
posted by Vikas Singhal @ 1:57 AM
0 comments
Monday, May 08, 2006
My first Hacking tool
When i was in search of hacking tools (of course i m still searching) i found a great tool :
Metasploit Framework
I found this in a seminar at IIT KGP.
I think you should try it once.
Metasploit Framework
I found this in a seminar at IIT KGP.
I think you should try it once.
posted by Vikas Singhal @ 3:25 AM
0 comments
Friday, May 05, 2006
Money Money and more Money...
I dont have to give the same speech of running behing money. On the same run we have found a way to generate money. I and some friend made a group "ApneLog" and we are creating websites and movies (clipping) and even music video. Its fun doing all and also we can get some money. But the whole thing is that "ki bhaiyya" do what u r interested in.
posted by Vikas Singhal @ 3:14 PM
0 comments
Books essential for "HCAK"
Some books i found that one must read :
1. William stallings - all series
2. Security+ in depth
3. No ankit Fadia book
1. William stallings - all series
2. Security+ in depth
3. No ankit Fadia book
posted by Vikas Singhal @ 3:12 PM
0 comments
Sniffing In switched Networks (contd..)
Previous I told about ARP Spoofing. Now i am gonna extend that.
I have been searching arp apoofer for windows at last i found this :
Switch Sniffer
A greate tool to use..
I have been searching arp apoofer for windows at last i found this :
Switch Sniffer
A greate tool to use..
posted by Vikas Singhal @ 3:07 PM
0 comments
