Ceh v8 labs module 19 cryptography

C E H L a b M a n u a l

C r y p t o g r a p h y

M o d u l e 1 9

Module 19 - Cryptography

C r y p t o g r a p h y

Cryptography is the study and art of hiding information in human unreadable format.Lab ScenarioT h e a b i l i t y t o p r o t e c t a n d s e c u r e i n f o r m a t i o n i s v i t a l t o t h e g r o w t h o t e l e c t r o n i c

c o m m e r c e a n d t o t h e g r o w t h o f t h e I n t e r n e t i t s e l f . M a n y p e o p l e n e e d o r w a n t

t o u s e c o m m u n i c a t i o n s a n d d a t a s e c u r i t y 1 1 1 d i f f e r e n t a r e a s . E n c r y p t i n g t h e d a t a

p l a y s a m a j o r r o l e 1 1 1 s e c u r i t y . F o r e x a m p l e , b a n k s u s e e n c r y p t i o n m e t h o d s

a r o u n d t h e w o r l d t o p r o c e s s f i n a n c i a l t r a n s a c t i o n s . T h i s i n v o l v e s t h e t r a n s f e r o f

l a r g e a m o u n t s o f m o n e y f r o m o n e b a n k t o a n o t h e r . B a n k s a l s o u s e e n c r y p t i o n

m e t h o d s t o p r o t e c t t h e i r c u s t o m e r s I D n u m b e r s a t b a n k a u t o m a t e d t e l l e r

m a c h i n e s . T h e r e a r e m a n y c o m p a n i e s a n d e v e n s h o p p i n g m a l l s s e l l i n g a n y d u n g

f r o m f l o w e r s t o b o t t l e s o f w i n e s o v e r t h e I n t e r n e t a n d t h e s e t r a n s a c t i o n s a r e

m a d e b y t h e u s e o f c r e d i t c a r d s a n d s e c u r e I n t e r n e t b r o w s e r s , i n c l u d i n g

e n c r y p t i o n t e c h n i q u e s . C u s t o m e r s u s i n g t h e I n t e r n e t w o u l d l i k e t o k n o w t h e

c o n n e c t i o n i s s e c u r e w h e n s e n d i n g t h e i r c r e d i t c a r d i n f o r m a t i o n a n d o t h e r

f i n a n c i a l d e t a i l s r e l a t e d t o t h e m o v e r a m u l t i - n a t i o n a l e n v i r o n m e n t T i n s w i l l

o n l y w o r k w i t h t h e u s e o f s t r o n g a n d u n f o r g e a b l e e n c r y p t i o n m e t h o d s . S i n c e

y o u a r e a n e x p e r t e t h i c a l h a c k e r a n d p e n e t r a t i o n t e s t e r , y o u r I T d i r e c t o r w i l l

i n s t r u c t y o u t o e n c r y p t d a t a u s i n g v a r i o u s e n c r y p t i n g a l g o r i t h m s 1 1 1 o r d e r t o

s e c u r e t h e o r g a n i z a t i o n ’ s i n f o r m a t i o n .

Lab ObjectivesT i n s l a b w i l l s h o w y o u h o w t o e n c r y p t d a t a a n d h o w t o u s e i t . I t w i l l t e a c h y o u

h o w t o :

■ U s e e n c r y p t i n g / d e c r y p t i n g c o m m a n d s

■ G e n e r a t e h a s h e s a n d c h e c k s u m f i l e s

Lab EnvironmentT o e a r n o ־ u t d i e la b , y o u n e e d :

■ A c o m p u t e r r u n n i n g Window Server 2012

■ A w e b b r o w s e r w i t h I n t e r n e t a c c e s s

Lab DurationT i m e : 5 0 M i n u t e s

Overview of CryptographyC r y p t o g r a p h y is t h e p r a c t i c e a n d s t u d y o f hiding i n f o r m a t i o n . M o d e r n c r y p t o g r a p h y

in t e r s e c t s t h e d i s c ip l i n e s o f m a t h e m a t i c s , c o m p u t e r s c ie n c e , a n d e l e c t r i c a l

e n g in e e r i n g .

ICON KEY

V a lu a b lem fo rm a tio n

T e s t yo u r

* * W e b exercise

m W o rk b o o k re\

& Tools dem onstrated in th is lab are available in D:\CEH- Tools\CEHv8 Module 19 Cryptography

C EH Lab Manual Page 915 Ethical Hacking and Countenneasures Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Stricdy Prohibited.


C r y p t o l o g y p r i o r t o t h e m o d e r n a g e w a s a l m o s t s y n o n y m o u s w i t h encryption, d i e

conversion o f i n f o r m a t i o n f r o m a r e a d a b le s t a te t o o n e a p p a r e n t l y w i t h o u t s e n s e .

Lab TasksR e c o m m e n d e d la b s t o a s s is t y o u i n C r y p t o g r a p h y :

■ B a s ic D a t a E n c r y p t i n g U s i n g H ashC alc

■ B a s ic D a t a E n c r y p t i n g U s i n g MD5 C alcu lator

■ B a s ic D a t a E n c r y p t i n g U s i n g A dvance Encryption P ack ag e

■ B a s ic D a t a E n c r y p t i n g U s i n g TrueCrypt

■ B a s ic D a t a E n c r y p t i n g U s i n g CrypTool

■ E n c r y p t i n g a n d D e c r y p t i n g t h e D a t a U s i n g BCTextEncoder

■ B a s ic D a t a E n c r y p t i n g U s i n g Rohos Disk Encryption

Lab AnalysisA n a l y z e a n d d o c u m e n t t h e r e s u l t s r e la t e d t o t h e l a b e x e r c is e . G i v e y o u r o p i n i o n o n

y o u r t a r g e t ’ s s e c u r i t y p o s t u r e a n d e x p o s u r e .

m. TASK 1

Overview

P L E A S E T A L K T O Y O U R I N S T R U C T O R I F Y O U H A V E Q U E S T I O N S R E L A T E D T O T H I S L A B .

Ethical Hacking and Countenneasures Copyright © by EC-CouncilA ll Rights Reserved. Reproduction is Stricdy Prohibited.

C EH Lab Manual Page 916


Lab

B a s i c D a t a E n c r y p t i n g U s i n g

H a s h C a l c

HashCalc enables you to compute multiple hashes, checksums, and HAL4Cs for files, text, and hex strings. It supports MD2, MD4, AIDS, SHA1, SHA2 (SHA256, SH.4J84, SHA512), RIPEMD160, PANAMA, TIGER, CRCJ2, ADUERJ2, and the hash used in eDonkey and eMnle tools.Lab ScenarioL a p t o p s a r e h i g h l y s u s c e p t i b l e t o t h e f t a n d f r e q u e n t l y c o n t a i n v a l u a b l e d a t a .

B o o t d i s k e n c r y p t i o n r e q u i r e s a k e y i n o r d e r t o s t a r t t h e o p e r a t i n g s y s t e m a n d

a c c e s s t h e s t o r a g e m e d ia . D i s k e n c r y p t i o n e n c r y p t s a l l d a t a 0 1 1 a s y s t e m ,

i n c l u d i n g t i l e s , f o l d e r s , a n d t h e o p e r a t i n g s y s t e m . T i n s i s m o s t a p p r o p r i a t e w h e n

t h e p h y s i c a l s e c u r i t y o f t h e s y s t e m is n o t a s s u r e d . E x a m p l e s i n c l u d e t r a v e l i n g

l a p t o p s 0 1 d ־ e s k t o p s t h a t a r e n o t 1 1 1 a p h y s i c a l l y s e c u r e d a r e a . W h e n p r o p e r l y

i m p l e m e n t e d , e n c r y p t i o n p r o v i d e s a n e n h a n c e d l e v e l o f a s s u r a n c e t o t h e d a t a ,

w h i l e e n c r y p t e d , c a n n o t b e v i e w e d 0 1 o ־ t h e r w i s e d i s c o v e r e d b y u n a u t h o r i z e d

p a r t i e s 1 1 1 t h e e v e n t o f t h e f t , l o s s , 0 1 i ־ n t e r c e p t i o n . 1 1 1 o r d e r t o b e a n e x p e r t

e t h i c a l h a c k e r a n d p e n e t r a t i o n t e s t e r , y o u m u s t u n d e r s t a n d d a t a e n c r y p t i o n

u s i n g e n c r y p t i n g a l g o r i t h m s .

Lab ObjectivesT h i s l a b w i l l s h o w y o u h o w t o e n c r y p t d a t a a n d h o w t o u s e i t . I t w i l l t e a c h y o u

h o w t o :

■ U s e e n c r y p t i n g / d e c r y p t i n g c o m m a n d

■ G e n e r a t e h a s h e s a n d c h e c k s u m f i l e s

Lab EnvironmentT o c a r r y o u t t h e l a b , y o u n e e d :

י H ashC alc l o c a t e d a t D:\CEH-T00ls\CEHv8 Module 19 Cryptography\MD5 H ash C alcu lators\H ashC alc

ICON KEY

/ V a lu a b le

information

. v * T e s t y o u r _______k n o w le d g e_________

^ W e b exercise

£ Q W o r k b o o k r e v ie w

H Tools dem onstrated in th is lab are available in D:\CEH- Tools\CEHv8 Module 19 Cryptography




■ Y o u c a n a l s o d o w n l o a d t h e l a t e s t v e r s i o n o f H ashC alc f r o m t h e l i n k

h t t p : / / w w w . s l a v a s o t t . c o m / h a s h c a l c /

■ I f y o u d e c i d e t o d o w n l o a d t h e la te s t version , t h e n s c r e e n s h o t s s h o w n

1 1 1 t h e l a b m i g h t d i f f e r

■ F o l l o w t h e w i z a r d d r i v e n i n s t a l l a t i o n i n s t r u c t i o n s

■ R u n t i n s t o o l 1 1 1 W indows S erver 2012

■ A d m i n i s t r a t i v e p r i v i l e g e s t o r u n t o o l s


Overview of HashH a s h C a l c is a f a s t a n d e a s y - t o - u s e c a l c u la t o r t h a t a l l o w s c o m p u t i n g m e s s a g e

d igests, checksum s, a n d HMACs for files, a s w e l l a s f o r tex t and hex strings. I t

o f f e r s a c h o i c e o f 1 3 o f t h e m o s t p o p u l a r h a s h a n d c h e c k s u m a l g o n t l u n s f o r

c a l c u la t io n s .

Lab Tasks1 . L a u n c h t h e S ta rt m e n u b y h o v e r i n g t h e m o u s e c u r s o r o n t h e l o w e r - l e f t

c o r n e r o f t h e d e s k t o p .

■3 Windows Server 2012

**IWindows Server 2012 Revise Qnflidau C0t»c<mr

Evaluator cop;. 9u! d MOC

i v n i ^

F IG U R E 1.1: W indows Server 2012—Desktop view

2 . C l i c k t h e H ashC alc a p p t o o p e n t h e H ashC alc w i n d o w .

3 TASK 1

C alculate the Hash

c a Y o u can also dow nload HashCalc fro m h t tp : / /w w w . slavasoft.com

Ethical Hacking and Countermeasures Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Stricdy Prohibited.


http://www.slavasott.com/hashcalc/

http://www


S ta r t

ServerManager

Windows PowerS hell

GoogleChrome

Hyper-VManager

Fa m <9 י וComputer Contfol

PanelHyper-VVirtualMachine...

SQL Server InstallationCenter...

V ¥

eInlrmr* i*plnm

CommandPrompt

F־

WorlcspaceStudio

5

MozillaFirefox

<©NmapZenmapGUI

HashCalc

O ₪

& HashCalc simple dialog-si2e interface dispenses w ith glitz to p la in ly lis t in pu t and results.

F IG U R E 1.2: W indows Server 2012 — Apps

3 . T h e m a i n w i n d o w o t H ashC alc a p p e a r s a s s h o w n 1 1 1 d i e f o l l o w i n g

f i g u r e .

4 . F r o m d i e Data Form at d r o p - d o w n l i s t , s e l e c t File.

H HashCalc 1 - 1 ° T x

Data Format: Data:

1 - 1

Key Format: Key:

r HMAC | Text string

W MD5

r MD4

lv SHA1

r SHA256

r SHA384

r SHA512

I * RIPEMD160

r PANAMA

r TIGER

r MD2

r ADLER32

17 CRC32

/eDonkey —ןeMule 1־

S la v a S o ft | Calculate | Close 1 Help 1

m Hash algorithms support three in p u t data form ats: file, text string, and hexadecimal string.

F IG U R E 1.3: HashCalc m ain w in d o w

5 . E n t e r / B r o w s e t h e d a t a t o c a l c u la t e .

6. C h o o s e t h e a p p r o p r i a t e H ash a lgorithm s a n d c h e c k t h e c h e c k b o x e s .

7 . N o w , c l i c k C alculate.

Ethical Hacking and Countemieasures Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.



HashCalc

| C :\Pf0gtam Files (x86l\HashCalc\HashCalc.exe

Key Foirnat: Key________________________________

IT ext shing ״• |

Data Format: Data:

IS HI

e922301da3512247ab71407096ab7810

67559307995703808ed2f6n723e00556dbb0e01

a751 ce46a02b73b792564Gcb0ccf810bc00dd6b4

r HMAC

R MD5

r MD4

W SHA1

r SHA256

r SHA384

r SHA512

I? RIPEMD160

T PANAMA

r TIGER

r MD2

r ADLER32

W CRC32

/eDonkey —ןeMule

HelpCalculate ~|S la va S oft.

ט HashCalc is used to generate c iyp ting text.

F IG U R E 1.4: Hash is generated fo r chosen hash string

Lab AnalysisD o c u m e n t a l l H a s h , A J D 5 , a n d C R C v a lu e s f o r f u r t h e r r e f e r e n c e .


T o o l / U t i l i t y I n f o r m a t i o n C o l l e c t e d / O b j e c t i v e s A c h i e v e d

H a s h C a l c

O u t p u t : G e n e r a t e d H a s h e s f o r

י M D 5

י S H A 1

י R I P E A I D 1 6 0

י C E C 3 2

Questions1 . D e t e r m i n e h o w t o c a l c u la t e m u l t i p l e c h e c k s u m s s im u l t a n e o u s l y .

Ethical Hacking and Countermeasures Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.



I n t e r n e t C o n n e c t i o n R e q u i r e d

□ Y e s

P l a t f o r m S u p p o r t e d

0 C l a s s r o o m

0 N o

0 ! L a b s




B a s i c D a t a E n c r y p t i n g U s i n g M D 5

C a l c u l a t o r

MD5 Calculator is a simple application that calculates the AIDS hash of a given file. It can be used nith big files (sou/e GB). It features a progress counter and a text field from which the final A ID כ hash can be easily copied to the clipboard.

■ con key ־־ Lab ScenarioT h e r e h a s b e e n a n e e d t o p r o t e c t i n f o r m a t i o n f r o m “ p r y i n g e y e s . ” 111 t h e

e l e c t r o n i c a g e , i n f o r m a t i o n t h a t c o u l d o t h e r w i s e b e n e f i t o r e d u c a t e a g r o u p o r

i n d i v i d u a l c a n a l s o b e u s e d a g a in s t s u c h g r o u p s o r i n d i v i d u a l s . I n d u s t r i a l

e s p i o n a g e a m o n g h i g h l y c o m p e t i t i v e b u s in e s s e s o f t e n r e q u i r e s t h a t e x t e n s i v e

s e c u r i t y m e a s u r e s b e p u t i n t o p l a c e . A n d , t h o s e w h o w i s h t o e x e r c i s e t h e i r

p e r s o n a l f r e e d o m , o u t s i d e o f t h e o p p r e s s i v e n a t u r e o f g o v e r n m e n t s , m a y a l s o

w i s h t o e n c r y p t c e r t a i n i n f o r m a t i o n t o a v o i d s u f f e r i n g t h e p e n a l t i e s o f g o i n g

a g a in s t t h e w i s h e s o f t h o s e w h o a t t e m p t t o c o n t r o l . S t i l l , t h e m e t h o d o t d a t a

e n c r y p t i o n a n d d e c r y p t i o n a r e r e l a t i v e l y s t r a i g h t f o r w a r d ; e n c r y p t i o n a l g o r i t h m s

a r e u s e d t o e n c r y p t t h e d a t a a n d i t s t o r e s s y s t e m i n f o r m a t i o n t i l e s o n t h e

s y s t e m , s a f e I r o m p r y i n g e y e s . 1 1 1 o r d e r t o b e a n e x p e r t e t h i c a l h a c k e r a n d

p e n e t r a t i o n t e s t e r , y o u m u s t u n d e r s t a n d d a t a e n c r y p t i o n u s i n g e n c r y p t i n g

a l g o r i t h m s .

Lab ObjectivesT i n s l a b w i l l g i v e y o u e x p e r i e n c e o n e n c r y p t i n g d a t a a n d s h o w y o u h o w t o d o i t .

I t w i l l t e a c h y o u h o w t o :


■ C a l c u l a t e t h e M D 5 v a l u e o f t h e s e l e c t e d t i l e

Lab EnvironmentT o e a r n * o u t t h e l a b , y o u n e e d :


£__ V a lu a b le

in fo rm a t io n

> > T e s t y o u rkn o w le d g e

— W e b exercise

m W o r k b o o k r e v ie w




■ MD5 C alcu la to r l o c a t e d a t D:\CEH-Tools\CEHv8M odule19 Cryptography\MD5 H ash Calculators\M D5 C alcu la to r

■ Y o u c a n a l s o d o w n l o a d t h e l a t e s t v e r s i o n o f MD5 C alcu la to r f r o m t h e

l i n k h t t p : / / w w w . b u l l z 1 p . c o m / p r o d u c t s / m d 5 / i n f o . p h p

■ I f y o u d e c i d e t o d o w n l o a d t h e la te s t version, t h e n s c r e e n s h o t s s h o w n


■ F o l l o w t h e w i z a r d d r i v e n i n s t a l l a t i o n i n s t m c t i o n s

■ R u n t h i s t o o l 1 1 1 W indows S erver 2012



Overview of MD5 CalculatorM D 5 C a l c u l a t o r is a b a r e - b o n e s p r o g r a m f o r calculating and com paring M D 5

f i le s . W h i l e i t s l a y o u t le a v e s s o m e d u n g t o b e d e s i r e d , i t s r e s u l t s a r e f a s t a n d s im p le .

Lab Tasks1 . T o f i n d M D 5 H a s h o f a n y t i l e , r i g h t - c l i c k t h e f i l e a n d s e l e c t MD5

C alcu la to r f r o m t h e c o n t e x t m e n u .

TASK 1

C alculate MD5 Checksum

mw | |I L&nd5calc(

0.0).ms

Install

Repair

Uninstall

CmdHere

MD5 Calculator

Troubleshoot compatibility

Open with ►

Share with ►

Add to archive...

Add to "md5calc(1.0.0.0).rar"

Compress and email...

§ Compress to "md5calc(1.0.0.0).rar" and email

Restore previous versions

Send to *

Cut

Copy

Create shortcut

Delete

Rename

Properties

m M D 5 checksum is used to generate M D 5 hash.

F IG U R E 2.1: M D 5 op tio n in contest menu

2 . MD5 C alcu la to r s h o w s t h e M D 5 d i g e s t o f t h e s e l e c t e d t i l e .



http://www.bullz1p.com


Note: A l t e r n a t i v e l y , y o u c a n b r o w s e a n y f i l e t o c a l c u la t e t h e M D 5 h a s h a n d c l i c k

t h e C alcu la te b u t t o n t o c a l c u l a t e t h e M D 5 h a s h o f t h e f i l e .

MD5 Calculator “ r x

B|C:\Llsefs'.Administrator\DesktopVnd5calcl'1.0.0.0).i B -■־■׳.־ ■ ~ • ־' ■ % ’

Calculate J

MD5 Digest Compare To19434b8108cdecab051867717cc58dbdf 1 ו 1I I Uppercase

1

Exit

F IG U R E 2.2: M D 5 is generate fo r the chosen file

Lab AnalysisA n a l y z e a n d d o c u m e n t d i e r e s u l t s r e la t e d t o d i e l a b e x e r c is e .



M D 5 C a l c u l a t o r O u t p u t : M D 5 H a s h e s f o r s e l e c t e d s o f t w a r e

Questions1 . W h a t a r e t h e a l t e r n a t i v e s t o t h e A I D S s u m c a l c u l a t o r ?

2 . I s t h e A I D S ( M e s s a g e - D i g e s t a l g o r i t h m 5 ) c a l c u l a t o r a w i d e l y u s e d

c r y p t o g r a p h i c h a s h f u n c t i o n w i t h a 1 2 8 - b i t h a s h v a l u e ?

M D 5 hash (or checksum) functions as a com pact d igita l f ingerprin t o f a file.

Ethical Hacking and Countenneasures Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Stricdy Prohibited.




□ Y e s


0 N o

0 ! L a b s

Ethical Hacking and Countermeasures Copyright © by EC-CouncilA ll Rights Reserved. Reproduction is Stricdy Prohibited.



3B a s i c D a t a E n c r y p t i n g U s i n g

A d v a n c e d E n c r y p t i o n P a c k a g e

Advanced Encryption Package is most noteworthy for its flexibility; not only can yon encrypt filesfor your own protection, but yon can easily create "selfdecrypting' versions of your files that others can run without needing this or any other soft!!are.Lab ScenarioD a t a e n c r y p t i o n a n d d e c r y p t i o n o p e r a t i o n s a r e m a j o r s e c u r i t y a p p l i c a t i o n s t o

s e c u r e d a t a . M o s t s y s t e m s u s e b l o c k c i p h e r s , s u c h a s p u b l i c A E S s t a n d a r d .

H o w e v e r , i m p l e m e n t a t i o n s o f b l o c k c i p h e r s s u c h a s A E S , a s w e l l a s o t h e r

c r y p t o g r a p h i c a l g o r i t h m s , a r e s u b j e c t t o s i d e - c h a n n e l a t t a c k s . T h e s e a t t a c k s

a l l o w a d v e r s a r i e s t o e x t r a c t s e c r e t k e y s f r o m d e v i c e s b y p a s s i v e l y m o n i t o r i n g

p o w e r c o n s u m p t i o n , o t h e r s id e c h a n n e ls . C o u n t e r m e a s u r e s a r e r e q u i r e d f o r

a p p l i c a t i o n s w h e r e s i d e - c h a n n e l a t t a c k s a r e a t h r e a t . T h e s e i n c l u d e s e v e r a l

m i l i t a r y a n d a e r o s p a c e a p p l i c a t i o n s w h e r e p r o g r a m i n f o r m a t i o n , c l a s s i f i e d d a t a ,

a l g o r i t h m s , a n d s e c r e t k e y s r e s id e o n a s s e t s t h a t m a y n o t a l w a y s b e p h y s i c a l l y

p r o t e c t e d . 1 1 1 o r d e r t o b e a n e x p e r t e t h i c a l h a c k e r a n d p e n e t r a t i o n t e s t e r , y o u

m u s t u n d e r s t a n d d a t a e n c r y p t e d o v e r f i l e s .

Lab ObjectivesT i n s l a b w i l l g i v e y o u e x p e r i e n c e o n e n c r y p t i n g d a t a a n d s h o w y o u h o w t o d o i t .



■ C a l c u l a t e t h e e n c r y p t e d v a l u e o f t h e s e l e c t e d f i l e


” A dvanced Encryption P ack ag e l o c a t e d a t D:\CEH-Tools\CEHv8Module 19 C ryptography\C ryptography Tools\A dvanced Encryption P ack ag e

ICON KEY

/ V a lu ab lein fo rm a t io n

> > T e s t y o u rk n o w le d g e

— W e b exercise



Ethical Hacking and Countermeasures Copyright © by EC-CouncilA ll Rights Reserved. Reproduction is Strictly Prohibited.



■ Y o u c a n a l s o d o w n l o a d d i e l a t e s t v e r s i o n o f A dvanced Encryption P ack ag e f r o m t h e l i n k h t t p : / / w w w . s e c u r e a c t i o n . c o m / e n c r y p t i o n p r o /

■ I f y o u d e c i d e t o d o w n l o a d t h e la te s t version , t h e n s c r e e n s h o t s s h o w n


■ F o l l o w t h e w i z a r d - d r i v e n i n s t a l l a t i o n i n s t r u c t i o n s




Overview of Advanced Encryption PackageA d v a n c e d E n c r y p t i o n P a c k a g e i n c lu d e s a file shredder d i a t w i p e s o u t d i e c o n t e n t s

o f y o u r o n g u i a l t i le s . I t a l s o i n t e g r a t e s m c e lv w i d i Windows Explorer, a l l o w i n g y o u

t o u s e E x p l o r e r ' s c o n t e x t m e n u s a n d a v o i d h a v i n g a n o t h e r window c l u t t e r y o u r

s c r e e n .

Lab Tasks1 . L a u n c h t h e S ta rt m e n u b y h o v e r i n g t h e m o u s e c u r s o r o n t h e l o w e r - l e f t


■3 Windows Server 2012

Windows vmi r 2 0 3 < ו2 >>א1י * CarxMaK o*srm.׳־ Lv»l*4t10r cosy. Build 80:׳

m m

F IG U R E 3.1: W indows Server 2012—Desktop view7

2 . C l i c k t h e A dvanced Encryption P ack ag e a p p t o o p e n t h e A dvanced Encryption P ack ag e w i n d o w .

S t a r t Administrator £

<*rvorrowSwH S L

H/per-V Advanced Manager CrxryplKXi

f L r o 8h ®י

Control Hyp«-VVirtual

SQL Server installation

V «? V

S3CommandPrompt

E5“

WorkspaceStudio

■

Mozilla

«

Nmap - HashCak

יס—*יי o■ a

F IG U R E 3.2: W indows Server 2012 - Apps

= TASK 1

Encrypting a File

m Y o u can also dow nload Advance E n cryp tio n Package from h ttp ://w w w .secureaction .c om



http://www.secureaction.com/encryption

http://www.secureaction.c


3 . T h e R eg ister A dvanced Encryption P ack ag e 2013 t r i a l p e r i o d

w i n d o w a p p e a r s . C l i c k Try Now!.

Advanced Encryption Package 2013 Professional

Register Advanced Encryption Package 2013 ׳011Professional nowYou m ay use AEP PRO during the tria l period. It expires in 30 days. Please click Buy Now! if you w ould like to continue using it after tha t period.

You can order the registered version online. Im m ediate online delivery is available fro m www.aeppro.com

Try Now! 11 Buy Now! 1|~ Activate ] | Cancel

s h o w

F IG U R E 3.3: A c tiva tion W ind ow

4 . T h e m a i n w i n d o w o f A dvanced Encryption P ack ag e a p p e a r s ,

1 1 1 t h e f o l i o w m g f i g u r e .

Advanced Encwlion Package 2012 v5 67 ■ Trial V<*i־n . □Fie E-Mail Options Tools Help

> c:► a 01

> 2 *

Encrypt j [ Decrypt

SFX || ZIP

Delete | | E-mail

O EncryptionMode: Password

PubkcKey I | | ! ״ 1■> |

Password:

□ 0Again:

Ridde:

Algorithm:jDESX 128-bit key v |

[“ Pack file, then crypt

Source Filesr Delete after encryption

I” Securely delete

Wes Fiter Set Output Folder C Show all files (• Current folder

(• Apply filter... [777] ^ Custom:

1-------------------------------1 1Apply | 1— 1

Logflmfl:

Encrypt Now!

> <

F IG U R E 3.4: W elcome screen o f Advance E ncryp tion Package

5 . S e le c t t h e s a m p le f i l e t o e n c r y p t . T h e t i l e i s l o c a t e d D:\CEH- Tools\CEHv8 Module 19 Cryptography\C ryptography Tools\A dvanced Encryption P ackage.

6. C l i c k Encrypt. I t w i l l a s k y o u t o e n t e r t h e p a s s w o r d . T y p e t h e p a s s w o r d

1 1 1 t h e P assw ord f i e l d , a n d a g a in t y p e t h e p a s s w o r d i n t h e Again f i e l d .

7 . C l i c k E ncrypt Now!.

m Advance E ncryp tion Package is easy to use fo r novices.

m Advanced E n cryp tio n Package is a symmetric-key encryption com prising three b lock ciphers, AES- 128, AES-192 and AES- 256.

Ethical Hacking and Countemieasures Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Stricdy Prohibited.


http://www.aeppro.com


-rmmFile E-Mail Options Tools Help> fc C :A r a D:

A ± CEH-Todst> M CEHv8 Module 02 Footpmbng and Reconnaissance> CEHv8 Module 03 Scanrmg Networks t> >) C&tv8 Module 04 Enumeration

^ CEHv8 Module 05 System Hacking> J4 C&tv8 Module 07 Viruses and Worms a CEHv8 Module 18 Cryptography

J Advance Enaypbon Package0 sppprn. m«i

[_ Encrypt | Decrypt

SFX L ZIPDelete 1 6׳™־

O EncryptionMode: Password

| [ Public Key ]

Pwd (6 of 16)

113] Sample File.docx 1 t> M HA4h(JAk> 2 MO 5 Calculator

» New folder״ ► E:2*

E -Again:

“־״״־1Riddle:

Algorithm:jDESX 128 *it key v |

r Pack fite, then crypt Source FJesP Delete after enaypbon

■ Securely delete

Set Output Folder (• Current folder

Files Fiterr Show all files

(• Apply filter... ם

Apply

F IG U R E 3.5: W elcome screen o f Advance E n cryp tio n Package

T h e e n c r y p t e d s a m p le f i l e c a n b e s h o w n 1 1 1 t h e s a m e l o c a t i o n o f t h e

o r i g i n a l t i l e , a s s h o w n 1 1 1 t h e f o l l o w i n g f i g u r e .

Advanced Encryption Package 2012 Professional v5 67 • Trial VersionFile E-Mail Options Tools Help

0 Encryption

Mode: Password

EE

PQ: □C Riddle:

Algorithm:128 ■bit keyDESX

I- Pack fie, then crypt Source FilesP Delete after encryption

f ” Securely delete

.C:

± CEH-Toolst> CEHv8 Module 02 Footprntmg and Recormarssance> CB־tv8 Module 03 Scamrxj Networks> ,. CEHv8 Module 04 Enumerationt> j . CEHv8 Modiie 05 System Hacking> J . C&tv8 Module 07 Viruses and Worms a j . CEHv8 Module 18 Cryptography

a J . Advance Encryption Package 0 aeppro.msi g!*I Sample File.docx

|« 3 Sample File.doot.aep|> J HashCalc> J. MD5 Calculator 1, New folder

Set Output Folder (• Current folder

Files Filter r Show all files

QApply

Logg^g:D D:\CEH-T00ls\CEHv8 Module 18 CryptographyVVdvance Encryption Packaged ^ |Sample Fie.docx [18 KB] -> Sample F4e.docx.aep [18 KB]0 Done. Processed 1 files. Succeeded: 1. Failed: 00 Processed 18 KB. Average speed: 18 KB/s v Ia


C EH Lab Manual Page 929 Ethical Hacking and Countermeasures Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Stricdy Prohibited.


9 . T o d e c r y p t d i e t i l e , f i r s t s e l e c t t h e e n c r y p t e d f i l e . C l i c k D ecrypt; i t w i l l

p r o m p t y o u t o e n t e r t h e p a s s w o r d .

1 0 . C l i c k Decrypt Now!.

rc—

FIG U RE 3.6: Encrypting the selected file

Advanced EncryptionFie E-Mai Options lools Help

** II ZIP

Delete | E-mai

O DecryptionMode: Password

Pnv Key |

Password:

....1 □EFind password on USB Stock

Source fite(s):

CEH-TodsCEHv8 Module 02 Footpnntmg and Recomassance

J4 CEHv8 Module 03 Scamng Networks ,. CEHv8 Module 04 Enumeration ,. CEHv8 Module 05 System Hadang

JA C&tv8 Module 07 Viruses and Worms ^ CB־tv8 Module 18 Cryptography a ,. Advance Encryption Package

$ aeppro.msi .*T! Sample File.docx

|<3 Sample File.docx.aep |> ^ HashCak> J . MO 5 Calculator1. New folder

(• Leave it alone r Delete

Set Ojtput Folder (• Current folder

Files Fiterr Show afl files

(• Apply filter... Q

Apply

Logging:

Q D:VCEH-T00ls'CEHv8 Module 18 Cryptography Wivance Encryption PackageV Sample Ne.docx [18 KB] -> Sample He.docx.aep [18KB]0 Done. Processed 1 files. Succeeded: 1. Faled: 0 0 Processed 18 KB. Average speed: 18 KB/s

F IG U R E 3.7: D ecrypting tlie selected file

m I t creates encrypted self-extracting files to send as email attachments.

Lab AnalysisA n a l y z e a n d d o c u m e n t d i e r e s u l t s r e la t e d t o t l i e l a b e x e r c is e .



A d v a n c e

E n c r y p t i o n O u t p u t : E n c r y p t e d s i m p l e F i l e . d o c x . a p e




P a c k a g e

Questions1 . W h i c h a l g o r i t h m d o e s A d v a n c e d E n c r y p t i o n P a c k a g e u s e t o p r o t e c t

s e n s i t i v e d o c u m e n t s ?

2 . I s t h e r e a n y o t h e r w a y t o p r o t e c t t h e u s e o f p r i v a t e k e y t i l e w i t h a

p a s s w o r d ?

0 N o


□ Y e s


0 ! L a b s





T r u e C r y p t

TrueCrypt is a software system for establishing and maintaining an on-the fly encrypted volume (data storage device). On-thefly encryption means that data is automatically enaypted or decrypted right before it is loaded or saved, nithout any user intervention.Lab ScenarioC i T x i s a b i l l i o n - d o l l a r c o m p a n y a n d d o e s n o t w a n t t o t a k e c h a n c e s 0 1 r ־ i s k t h e

d a t a s t o r e d 0 1 1 i t s l a p t o p s . T h e s e l a p t o p s c o n t a i n p r o p r i e t a r y p a r t n e r

i n f o r m a t i o n , c u s t o m e r d a t a , a n d f i n a n c i a l i n f o r m a t i o n . C i T x c a n n o t a f f o r d i t s

d a t a t o b e l o s t t o a n y o f i t s c o m p e t i t o r s . T h e C i T x C o m p a n y s t a r t e d u s i n g f u l l

d i s k e n c r y p t i o n t o p r o t e c t i t s d a t a f r o m p r e y i n g e y e s . F u l l d i s k e n c r y p t i o n

e n c r y p t s a l l d a t a 0 1 1 a s y s t e m , i n c l u d i n g f i l e s , f o l d e r s a n d t h e o p e r a t i n g s y s t e m .

T i n s is m o s t a p p r o p r i a t e w h e n t h e p h y s i c a l s e c u r i t y o f t h e s y s t e m is n o t a s s u r e d .

E n c r y p t i o n u s e s o n e 0 1 m ־ o r e c r y p t o g r a p h i c k e y s t o e n c r y p t a n d d e c r y p t t h e

d a t a t h a t t h e y p r o t e c t .

Lab ObjectivesT h i s l a b w i l l g i v e y o u e x p e r i e n c e 0 1 1 e n c r y p t i n g d a t a a n d s h o w y o u h o w t o d o i t .



■ C r e a t e a v i r t u a l e n c r y p t e d d i s k w i t h a f i l e


■ TrueCrypt l o c a t e d a t D:\CEH-T00ls\CEHv8 Module 19 Cryptography\Disk Encryption Tools\TrueCrypt

■ Y o u c a n a l s o d o w n l o a d t h e l a t e s t v e r s i o n o f TrueCrypt f r o m t h e l i n k

h t t p : / / w w w . t r u e c r v p t . o r g / d o w n l o a d s

ICON KEY

/ V a lu ab lein fo rm a t io n

> > T e s t y o u rkn o w le d g e

— W e b exercise





http://www


■ I f y o u d e c i d e t o d o w n l o a d d i e la te s t version, d i e n s c r e e n s h o t s s h o w n


■ F o U o w t h e w izard-driven in sta lla tion i n s t r u c t i o n s



Lab DurationT i m e : 1 0 ] M in u t e s

Overview of TrueCryptTrueCrypt is a s o f t w a r e a p p l i c a t i o n u s e d f o r o n - d i e - f l y e n c r y p t i o n ( O T F E ) . I t is

d i s t r i b u t e d w i t h o u t c o s t , a n d d i e s o u r c e c o d e is a v a i la b le . I t c a n c r e a t e a virtual encrypted disk w i d i u i a t i l e o r e n c r y p t a p a r t i t i o n o r a n e n t i r e s t o r a g e d e v ic e .

Lab Tasks1 . L a u n c h t h e S ta rt m e n u b y h o v e r i n g t h e m o u s e c u r s o r o n t h e l o w e r - l e l t


F IG U R E 4.1: W indows Server 2012—Desktop view

2 . C l i c k t h e TrueCrypt a p p t o o p e n t h e TrueCrypt w i n d o w .

F IG U R E 4.2: W indow s Server 2012 - Apps

3 . T h e TrueCrypt m a i n w i n d o w a p p e a r s .

B TASK 1

C reate a Volume

m Y o u can also dow nload T ruecrypt fro m h t tp : / /w w w . truecrypt.org



http://www


4 . S e le c t t h e d e s i r e d v o l u m e t o b e e n c r y p t e d a n d c l i c k C rea te Volume.

TrueCrypt□HomepageVolumes System Favorites Tools Settings Help

Size Encryption algorithm Type aDrive Volume

e ̂־: TT *#»K: *#*l:>̂ N:"̂ O:s*״P:s-Q:«̂ R:x̂»T:

Wipe CacheVolume Properties...Create Volume

Volume

- Select File.

Select Device.Volume Tools.W Never save history1

ExitDismount AllAuto-Mount Devices

m T rueC rypt is a software application used fo r on-the -fly encryption (O TF E ). I t is distribu ted w ith o u t cost and die source code is available.

m T rueC rypt have die ab ility to create and run a h idden encrypted operating system whose existence may be denied.

F IG U R E 4.3: T rueC rypt M a in W ind ow W ith Create V o lum e O p tio n

T h e TrueCrypt Volume C reation Wizard w i n d o w a p p e a r s .

S e le c t the C rea te an encry p ted file co n ta in e r option. T h i s opdon creates a virUial encrypted disk w ithin a tile.

B y d e f a u l t , t h e C rea te an en c ry p ted file co n ta in e r o p t i o n is s e le c t e d .

C l i c k N ext t o p r o c e e d .

.כ

.6

TrueCrypt Volume Creation Wizard□

m IM P O R T A N T : N o te tha t T rueC rypt w ill n o t encrypt any existing files (when creating a T rueC rypt file container). I f you select an existing file in d iis step, i t w ill be overw ritten and replaced by the new ly created volum e (so the overw ritten file w ill be lost, n o t encrypted). Y ou w ill be able to encrypt existing files (later on) by m ov ing d iem to the TrueC rypt vo lum e that we are creating now.

F IG U R E 4.4: TrueC rypt V o lum e Creation W izard-Create Encrypted File Container

Help < Back Next > Cancel

Create an encrypted file container •׳

TrueCrypt Volume Creation Wizard

Creates a vrtual encrypted disk within a file. Recommended for inexperienced users.More mformabon

Encrypt a non-system partition/drive

Encrypts a non-system partition on any internal or external drive (e.g. a flash drive). Optionally, creates a hidden volume.

Encrypt the system partition or entire system drive

Encrypts the partition/drive where Windows is installed. Anyone who wants to gain access and use the system, read and write files, etc., will need to enter the correct password each time before Windows boots. Optionally, aeates a hidden system.

More information about system encryption




8. 1 1 1 t h e n e x t s t e p o f t h e w i z a r d , c h o o s e t h e t y p e o f v o l u m e .

9 . S e le c t S tandard TrueCrypt volum e; t h i s c r e a t e s a norm al T r u e C r y p t

v o l u m e .

1 0 . C l i c k N ext t o p r o c e e d .

rzz------------------------------------------------------------------- 1— ״ 1 ^□ TrueCrypt Volume Creation Wizard

N o te : A fte r you copy existing unencrypted files to a T rueC rypt volume, you should securely erase (,wipe) the orig inal unencrypted files. There are software tools that can be used fo r the purpose o f secure erasure (many o f them are free).

< Back

F IG U R E 4.6: T rueC rypt Vo lum e Creation W izard-Volum e Location

1 3 . T h e s t a n d a r d W i n d o w s f i l e s e l e c t o r a p p e a r s . T h e TrueCrypt Volume C reation Wizard w i n d o w r e m a in s o p e n 1 1 1 t h e b a c k g r o u n d .

1 4 . S e le c t a d e s i r e d location; p r o v i d e a File nam e a n c l Save i t .

F IG U R E 4.5: T rueC rypt Vo lum e Creation W izard-Volum e Type

1 1 . 111 t h e n e x t w i z a r d , s e l e c t t h e Volume Location.

1 2 . C l i c k S e lec t File...,

w TrueCrypt Volume Creation Wizard ־

Volume Location

[ * Never save history

A TrueCrypt volume can reside in a file (called TrueCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A TrueCrypt container is just like any normal file Ot can be, for example, moved or deleted as any normal file). Click ,Select File' to choose a filename for the container and to select the location where you wish the container to be created.

WARNING: I f you select an existing file, TrueCrypt will NOT encrypt it; the file w i be deleted and replaced with the newly created TrueCrypt container. You will be able to encrypt existing files (later on) by moving them to the TrueCrypt container that you are about to create now.

Volume Type

| ♦ Standard TrueCrypt volume |

Select this option if you want to create a normal TrueCrypt volume.

C Hidden TrueCrypt volume

It may happen that you are forced by somebody to reveal the password to an encrypted volume. There are many situations where you cannot reflise to reveal the password (for example, due to extortion). Using a so-called hidden volume allows you to solve such situations without revealing the password to your volume.

More information about hidden volumes

Help | < Back | Next > | Cancel

m T rueC rypt supports a concept called plausible deniability.




r־ aSpecify Path and File Name□Search DocumentsV C© © ״ ^ [" - ► Libraries ► Documents

Organize ▼ New folder

- Name Date modified | Type

J i Hyper-V 8/8/2012 2:22 PM File fo lder

J i Snagit 8/7/2012 11:42 PM File fo lder

J i SQL Server Management Studio 8/9/2012 5:40 PM File fo lder

=

Visual Studio 2010 9/4/2012 2:58 PM File fo lder

V < ו ייי

> 0 Documents

> ^ Music

t> S Pictures

t> § Videos

^ 1 9 Computer

> i b Local Disk (C:)

P 1_ * Local Disk (D:)

> <_* Local Disk (E:)

t % Network

MyVolume

A ll Files (ף.״

File name:

Save as type:

Hide Folders

m The mode o f operation used by T rueC ryp t fo r encrypted partitions, drives, and v irtua l volumes is XTS.

F IG U R E 4.7: W indow s Standard-Specify Path and File Nam e W ind ow

1 5 . A f t e r s a v i n g t h e f i l e , t h e Volume Location w i z a r d c o n t i n u e s . C l i c k Next t o p r o c e e d .

m T rueC rypt volumes do n o t contain know n file headers and the ir content is indistinguishable fro m random data.

F IG U R E 4.8: T rueC rypt V o lum e Creation W izard-V o lum e Loca tion

16. Encryption O ptions a p p e a r 1 1 1 t h e w i z a r d .

1 7 . S e le c t AES Encryption Algorithm a n d RIPEMD-160 H ash Algorithma n d c l i c k Next.

Help < Back | Next > j Cancel

□ TrueCrypt Volume Creation Wizard

Volume Location

[ C:VJsefs\Administrat0r p 0QjmentsV>1yV0 ▼j Select File.״ I

W Never save history

A TrueCrypt volume can reside in a file (called TrueCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A TrueCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.

WARNING: I f you select an existing file, TrueCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created TrueCrypt container. You will be able to encrypt existing files (later on) by moving them to the TrueCrypt container that you are about to create now.




FlPS-approved cipher (Rjjndael, published in 1998) that may be used by U.S. government departments and agencies to protect classified information up to the Top Secret level. 256-bit key, 128-bit block, 14 rounds (AES-256). Mode of operation is XTS.

More information on AES Benchmark I

|RIPEMD-160 ]▼] Information on hash algorithms

Hash Algorithm

Encryption Options

Test

r= -------------------------------------------------------------L3 TrueCrypt Volume Creation Wizard

m T rueC rypt currently supports d ie fo llow ing hash algorithms:

R ־ IP E M D -160

■ SH A-512

■ W h ir lp o o l

F IG U R E 4.9: T rueC ryp t V o lum e Creation W izard -E ncryp tion O ptions

1 8 . 111 t h e n e x t s t e p , Volume Size o p t i o n a p p e a r s .

1 9 . S p e c i f ) * t h e s iz e o f t h e T r u e C r y p t c o n t a i n e r t o b e 2 m e g a b y t e a n d c l i c k

Next.

TrueCrypt Volume Creation Wizard□

Volume Size

C kb <* MB c GB

Free space on drive C:\ is 10.47 GB

Please specify the size o f the container you want to create.

I f you create a dynamic (sparse-file) container, this parameter w l specify its maximum possible size.

Note that the minimum possible size of a FAT volume is 292 KB.The minimum possible size o f an NTFS volume is 3792 KB.

F IG U R E 4.10: T rueC rypt Vo lum e Creation W izard-Vo lum e Size

2 0 . T h e Volume P assw ord o p t i o n a p p e a r s . T h i s i s o n e o f t h e m o s t

i m p o r t a n t s t e p s . R e a d t h e i n f o r m a t i o n d i s p l a y e d 1 1 1 t h e w i z a r d w i n d o w

o n w h a t i s c o n s i d e r e d a g o o d p a s s w o r d c a r e f u l l y .

2 1 . P r o v i d e a g o o d p a s s w o r d 1 1 1 t h e f i r s t i n p u t f i e l d , r e - t y p e i t 1 1 1 t h e

Confirm f i e l d , a n d c l i c k Next.

N o te : The bu tton " N e x t " w il l be disabled u n t il passwords in both in p u t fields are the same.

Ethical Hacking and Countenneasures Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.



□ TrueCrypt Volume Creation Wizard | - | □

Volume PasswordPassword:

Confirm: |

r Usekeyfiles Keyfiles...V~ Display password ------------*

I t is very important that you choose a good password. You should avoid choosing one that contains only a single word that can be found in a dictionary (or a combination of 2, 3, or 4 such words). It should not contain any names or dates of birth. It should not be easy to guess. A good password is a random combination of upper and lower case letters, numbers, and special characters, such as @ A = $ * + etc. We recommend choosing a password consisting of more than 20 characters (the longer, the better). The maximum possible length is 64 characters.

Help | < Back | Next > | Cancel

m The longer you m ove the mouse, the better. This s ignificantly increases the

c r y p t o g r a p h i c

s t r e n g t h o f the encryption keys.

F IG U R E 4.11: T rueC ryp t V o lum e Creation W izard-Vo lum e Password

2 2 . T h e V olume Form at o p t i o n a p p e a r s . S e le c t FAT F ilesystem , a n d s e t

d i e c l u s t e r t o Default.

2 3 . M o v e y o u r m o u s e a s r a n d o m l y a s p o s s i b l e w i t h i n t h e Volume C reation W i z a r d w i n d o w a t le a s t t o r 3 0 s e c o n d s .

2 4 . C l i c k Form at.

" [3 TrueCrypt Volum e Creation W izard | — | ם

Volume Format

1“ Dynamic| Default ▼]Cluster

Options -

Filesystem

Random Pool: 933382CB6290ED4B3&33B13E03911ESE-J17 Header Key:Master Key:

Done Speed Left

IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then dick Format to create the volume.

< Back | Format | Cancel

m T rueC ryp t volumes have no "signature" o r ID strings. U n til decrypted, they appear to consist solely o f random data.

F IG U R E 4.12: T rueC ryp t Vo lum e Creation W izard-V o lum e Form at

2 5 . A f t e r c l i c k i n g Form at v o l u m e c r e a t i o n b e g m s . T r u e C r y p t w i l l n o w

c r e a t e a f i l e c a l l e d MyVolume 1 1 1 t h e p r o v i d e d f o l d e r . T i n s f i l e d e p e n d s

o n t h e T r u e C r y p t c o n t a i n e r ( i t w i l l c o n t a i n t h e e n c r y p t e d T r u e C r y p t

v o l u m e ) .

2 6 . D e p e n d i n g o n t h e s iz e o f t h e v o l u m e , t h e v o l u m e c r e a t i o n m a y t a k e a

l o n g t i m e . A f t e r i t f i n i s h e s , t h e f o l l o w i n g d i a l o g b o x a p p e a r s .




TrueCrypt Volume Creation Wizard

o The TrueCrypt volum e has been successfully created.m Free space on each TrueC rypt vo lum e is filled w ith random data when die vo lum e is created.

OK

F IG U R E 4.13: T rueC rypt Vo lum e Creation W izard- V o lum e Successfully Created D ia log Box

2 7 . C l i c k OK t o c l o s e t h e d i a l o g b o x .

2 8 . Y o u h a v e s u c c e s s f u l l y c r e a t e d a T r u e C r y p t v o l u m e ( f i l e c o n t a i n e r ) .

2 9 . 111 t h e TrueC rypt Volume C reation w i z a r d w i n d o w , c l i c k Exit.

_ □ xTrueCrypt Volume Creation Wizard□

Volume Created

The TrueCrypt volume has been created and is ready for use. I f you wish to create another TrueCrypt volume, dick Next. Otherwise, dick Exit.

[II

1^1< BackHelp

F IG U R E 4.14: TrueC rypt Vo lum e Creation W izard-Vo lum e Created

3 0 . T o m o u n t a v o l u m e , l a u n c h TrueCrypt.

3 1 . 111 t h e m a i n w i n d o w o f TrueCrypt. c l i c k S e le c t File...

1y=! TrueC rypt is unable to secure data on a com puter i f an attacker physically accessed i t and TrueC rypt is used on the com prom ised com puter by the user again.

Mount a Volume





Wipe CacheCreate Volume

H rj j | Select File...

H h H Iv Never save historyVolume Tools... Select Device...

Dismount AllAuto-Mount Devices

m M o u n t options affect the parameters o f the volum e being mounted. T ire M o u n t O ptions dialog can be opened by clicking on the M o u n t O ptions bu tto n in tlie password entry dialog.

F IG U R E 4.15: T rueC ryp t M a in W ind ow w ith Select F ile B u tton

3 2 . T h e s t a n d a r d t i l e s e l e c t o r w i n d o w a p p e a r s .

3 3 . 111 t h e t i l e s e l e c t o r , b r o w s e t o t h e c o n t a i n e r t i l e , s e l e c t t h e f i l e , a n d c l i c k

Open.

B Select a TrueCrypt Volume

( ^ 1) ( 1* >) ' 7 ^ 1 3 * Libraries ► Documents v C | | Search Documents 1̂®Size

SEEType

File folder File folder File folder

File folder

Date modified

8/8/2012 2:22 PM 8/7/2012 11:42 PM 8/9/2012 5:40 PM 9/4/2012 2:58 PM9/25/2012 3:02 PM File

Organize ▼ New folder

Name

Hyper-V

Jt Snagit

1 . SQL Server Management Studio

, Visual Studio 2010

* " if Favorites

■ Desktop

J(. Downloa

^ Recent p

J* Music

* Libraries

( j Documei

> Music

t> B Pictures

> 3 Videos

* ;P» Computer

I L Local Dis '

Cancel

v | All Files (*.*)

Open

File name: | MyVolume

£ U i D e fau lt m ount options can be configured in the m ain program preferences (Settings ־) Preferences).

F IG U R E 4.16: W indow s Standard File Selector W ind ow

3 4 . T l i e t i l e s e l e c t o r w i n d o w d i s a p p e a r s a n d r e t u r n s t o t h e m a i n TrueCrypt w i n d o w .




3 5 . 111 t h e m a i n TrueCrypt w i n d o w , c l i c k Mount.


Drive Volume Size Encryption algorithm Type /s

<*»G:

״«-- L

■>-»P'-■*Q

N*Ss ^ T -

Wipe Cache IVolume Properties...Create Volume

Volume

־ ב

Select Device...Volume Tools...

| C:VJsers\AdministratorVDocumentsWyVolume

17 Never save history


m This o p tio n can be set in the password entry dialog so d ia t i t w ill apply on ly to that particular m oun t attempt. I t can also be set as default in the Preferences.

F IG U R E 4.17: TrueC rypt M ain W ind ow w ith M o u n t B u tton

3 6 . T h e P assw ord prom pt d i a l o g w i n d o w a p p e a r s .

3 7 . T y p e t h e p a s s w o r d ( w h i c h y o u s p e c i f i e d e a r l i e r f o r t i n s v o l u m e ) i n t h e

Passw ord i n p u t f i e l d a n d c l i c k OK.

------------------------- 1---------------------------- 1------------------------Enter password for C:\Users\Administrator\Docu...\MyVolume

Password: 3C3CXX:3CXXX3Cxj OK

F Cache passwords and keyfiles in memory Cancel

I־־ Display password

”־] Usekeyfiles Keyfiles... Mount Options...

m W hen a correct password is cached, volumes are automatically m ounted after you click M oun t. I f you need to change m oun t options fo r a vo lum e being mounted using a cached password, ho ld dow n d ie C o n tro l (C trl) key w h ile clicking M oun t, o r select M o u n t w ith O ptions fro m the Vo lum es menu.

F IG U R E 4.18: T rueC rypt Password W ind ow

3 8 . T r u e C r y p t n o w a t t e m p t s t o m o u n t t h e v o l u m e . A f t e r t h e p a s s w o r d is

v e r i f i e d , T r u e C r y p t w i l l m o u n t t h e v o l u m e .




F IG U R E 4.19: TrueC rypt M a in W indow

3 9 . M y V o l u m e h a s s u c c e s s f u l l y m o u n t e d t h e c o n t a i n e r a s a v i r t u a l d i s k I : .

4 0 . T h e v i r t u a l d i s k i s e n t i r e l y e n c r y p t e d ( i n c l u d i n g f i l e n a m e s , a l l o c a t i o n

t a b le s , t r e e s p a c e , e t c . ) a n d b e h a v e s l i k e a r e a l d i s k .

4 1 . Y o u c a n s a v e ( o r c o p y , m o v e , e t c . ) t i l e s t o t i n s v i r m a l d i s k a n d t h e y w i l l

b e e n c r y p t e d o n t h e f l y a s t h e y a r e b e i n g w r i t t e n .

4 2 . T o d i s m o u n t a v o l u m e , s e l e c t d i e v o l u m e t o d i s m o u n t a n d c l i c k

Dismount. T h e v o l u m e i s d i s m o u n t e d .

m N o data stored on an encrypted vo lum e can be read (decrypted) w ith ou t using the correct password o r correct encryption key.




1- i°r»Homepage

TrueCrypt□Volumes System Favorites Tools Settings Help

Size I Encryption algorithm Type ^Drive I Volume

•■-HiI: C:yjsers\Administrator documents V̂ ly Volume

K«*»־

•W״M »̂ N •+*0 s*P s*.Q

«*««S■̂ T

Wipe CacheVolume Properties... |Create Volume

Volume

1 C:VJsers\Administrator documents V l̂yVolume פ Select File...

I? Never save historyVolume Tools..

-

_ j .Select Device...


U5UJ TrueC rypt cannot autom atically d ism ount all m ounted TrueC rypt volumes o n system shutdow n/restart.

F IG U R E 4.20: T rueC ryp t M a in W ind ow w ith D ism oun t B u tton

Lab AnalysisA n a l y z e a n d d o c u m e n t d i e r e s u l t s r e la t e d t o d i e l a b e x e r c is e .



T r u e C r y p t

E n c r y p t e d V o l u m e : I

V o l u m e F i l e S y s t e m : F A T

Questions1 . D e t e r m i n e w h e t h e r t h e r e i s a n y w a y t o r e c o v e r t h e f i l e s f r o m t h e

T r u e C r y p t v o l u m e i f y o u f o r g e t t h e v o l u m e p a s s w o r d .

2 . E v a l u a t e w h e t h e r T r u e C r y p t u s e s a n y t r u s t e d p r o g r a m m o d u l e

( T P M ) t o p r e v e n t a t t a c k s . I f y e s , h n d o u t t h e r e l e v a n t T P M .




In ternet Connection Required

□ Y e s

Platform Supported

0 Classroom

0 N o

0 !Labs




Lab


C r y p T o o l

CiypTool is a freeware program that enables yon to apply and anajy-̂ e cryptographic mechanisms. It has the typical look and feel of a modern Windows application. CrypTool includes every state-of-the-art cryptographic function and allows yon to learn and use cryptography within the same environment.

L a b S c e n a r io

Most security initiatives are defensive strategies aimed at protecting the perimeter of the network. But these efforts may ignore a crucial vulnerability: sensitive data stored 011 networked servers is at risk from attackers who only need to find one way inside the network to access this confidential information. Additionally, perimeter defenses like firewalls cannot protect stored sensitive data from the internal threat of employees with the means to access and exploit this data. Encryption can provide strong security for sensitive data stored 011 local or network servers. 111 order to be an expert ethical hacker and penetration tester, you must have knowledge of cryptography functions.L a b O b je c t iv e s

This lab will give you experience 011 encrypting data and show you how to do it. It will teach you how to:

■ Use encrypting/decrypting commands■ Visualize several algorithms■ Calculate hash values and analysis

L a b E n v ir o n m e n t

To carry out the lab, you need:■ CrypTool located at D:\CEH-T00ls\CEHv8 Module 19

Cryptography\Cryptanalysis Tools\CrypTool

ICON KEY/ Valuableinformation

>> Test yourknowledge

— Web exercisem Workbook review

& Tools demonstrated in this lab are available in D:\CEH- Tools\CEHv8 Module 19 Cryptography




■ You can also download the latest version of CrypTool from the link http: / / www.cn~ptool.org/en/download-ctl -en

■ If you decide to download the latest version, then screenshots shown 111 the lab might differ

■ Follow the wizard-driven installation instructions■ Run tliis tool 011 Windows Server 2012 host machine■ Administrative privileges to nin the tool

L a b D u ra tio n

Time: 10 Minutes

O v e r v ie w o f C ry p T o o l

CrypTool is a tree, open-source e-leaming application used 111 the implementation and analysis ot cryptographic algorithms. It was onguially designed for internal business application for information security training.Lab Tasks

1. Launch the Start menu by hovering the mouse cursor 011 the lower-left corner of the desktop.

: | Windows Server 2012WifYfexvs Server X)V Belcaca Card id ate Datacente

fcwuarj oi copy. MO 54*■ I . ■

FIGURE 5.1: Windows Server 2012—Desktop view2. Click the CrypTool app to open the CrypTool window.

m You can also download CrypTool from http://www.cryptool.org

FIGURE 5.2: Windows Server 2012 — Apps

C EH Lab Manual Page 946 Ethical Hacking and Countermeasures Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Stricdy Prohibited.

ServerManager

WindowsPowerShell

GoogleChrome

Hyper-VManager

CrypTool

F a . T 9 m C l

Computer

t נ

ControlPanel

Hyper-VVirtualMachine...

Q

SQL Server Installation Center...

?

eCommandPrompt

F T ־

WorkspaceStudio

3

MozillaFirefox

־3■Nmap - Zenmap GUIo

HashCalc

m

ca CrypTool is a free e-leaming application for Windows.

— TASK 1Encrypting the

Data

http://www.cryptool.org


3. The How to Start dialog box appears. Check Don’t show this dialog again and click Close.

How to Start

16 41 F6 4F

68 FB 6A BB

CrypTool is a free e-learning program, designed to demonstrate the application and analysis of encryption algorithms.

CrypTool includes an extensive online help database. Context-sensitive information can be accessed by pressing the F1 key while selecting any menu item or viewing any dialog box.

If you press the F1 key now. the online help vill present an introduction to CrypTool

Have fun!

m

4 K B 1 4F 2C

Close[* I Don't show this dialog again

FIGURE 5.3: How to Start Dialog Window4. The mam window ot CrypTool appears, as shown in die following

figure. Close die startingexample-en.txt window in CrypTool.CrypTool 1.4.31 Beta 5 [VS2010] - startingexample-en.txt

File Edit View Enjrypt/Decrypt Digital Signatures/PKI Jndiv. Procedures Analysis Qptions Window Help

p|cg|tflHiai x i»la l *M W l

FIGURE 5.4: startingexample-en.txt window in CrypTool5. To encrypt die desired data, click the File option and select New from

die menu bar.

m CrypTool Online provides an exciting insight into the world of cryptology with a variety of ciphers and encryption mediods.




0 CrypTool 1.4.31 Beta 5 [VS2010] \ - \ ° T xFile 1 Edit View Encrypt/Decrypt Digital Signatures/PKI Indiv. Procedures Analysis Options W indow Help

New Ctrl+N | f|¥?|Open... Ctrl♦ 0

Close Ctrl+F4

Save Ctrl+S

Save as...

Document Properties...

Print... Ctrl♦ P

Print Setup...

Recent Files

Exit Alt+F4

Creates a new document

1lLI

FIGURE 5.5: CrypTool Main Window6. Type a few lines 111 the opened Unnamedl Notepad of CrypTool.7. On the menu bar, select Encrypt/Decrypt. Symmetric (modern),

and select any encrypting algorithm.8. Select the RC2 encrypting algorithm.

CrypTool 1.4.31 Beta 5 [VS2010] ־ Unnamedl

File Edit View ^ n c ry p ^ D e c ry p ^ Digital Signatu es/PKI Indiv. Procedures Analysis Options W indow Help

Shift + Strg + R

RC2...

RC4...

DES (ECB)...

DES (CBQ ...

Triple DES (ECB)...

Triple DES (CBC)...

Rijndael (AES)...

Further Algorithms

AES (self extracting)...

Symmetric (classic)Dla־ rf USymmetric (modem)

Asymmetric

Hybrid

The CrypTool portal is a centralized place forj project- The CrypTool project develops the w< programs in the area of cryptography and cry

NUML:1 C:227 P:227Encryption / decryption with RC2

FIGURE 5.6: Select the RC2 Encrypt algorithm9. 111 the Key Entry: RC2 wizard, select Key length from the drop-

down list10. Enter the key using hexadecimal characters and click Encrypt.

0=5! CrypTool was originally designed for internal business application for information security.

Ethical Hacking and Countenneasures Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.



Key Entry: RC2

Enter the key using hexadecimal characters (0..9, A..F).

Key length: bits !־3

CancelDecryptEncrypt

FIGURE 5.7: Selecting Key Length in the hexadecimal character11. RC2 encryption of Unnamed 1 notepad will appear as shown 111 the

following figure.0 0 ■RC2 encryption of <Unnamed1>, key <00>

-

00000000 EC 55 4F 23 16 IB A4 72 E4 67 D4 IB .UO#...r .g..0000000c 40 73 6E 09 A2 3A 9D FI 24 El CE A7 ten00000018 AD 49 3D B7 23 B5 36 28 43 6D 2F BC .1=.#.6(Cm/.00000024 9B C8 C9 4B 57 87 E2 96 71 48 46 E3 ...KU...qHF.00000030 6B 4F 41 12 AE 2A 2B 42 57 CC 09 43 kOA..*+BU..C0000003C DD 62 FB 9CE4 A4 C2 6C 98 6B 0B 71 . b.........l.k.q00000048 96 98 78 57 4B A6 E6 B7 99 94 38 7A ..xWK 8z00000054 BE A9 7A CE 2B 81 58 50 A0 94 8CF4 ..z. +.XP___00000060 DA E6 8B DA 57 5A IB B2 88 EC 78 Al . .. .UZ... .x.0000006C 2A 97 BA DA D6 B2 62 24 4F 40 49 FC * [email protected] F3 30 02 5F 5B 03 8B 77 B9 76 41 4E .0._[..w.vAN00000084 96 0A 72 81 3A C7 30 6A BB F8 E4 08 . .r . : .0 j. . . .00000090 C8 00 F0 8B EA B9 84 C8 BD 2A FB 9D *0000009C 6B 2D 3C 91 B9 6E DD 5D ID F8 C3 DF k-<..n.]....nnnnnrufi F9 84 F9 1 7 39 5ח 1 F 3ח 7? ?9 חח an 91 ■rl

FIGURE 5.8: Output of RC2 encrypted data

L a b A n a ly s is

Analyze and document die results related to die lab exercise.

PLEASE TALK TO YOUR INSTRUCTOR IF YOU HAVE QUESTIONS RELATED TO THIS LAB.

Tool/Utility Information Collected/Objectives Achieved

CrypToolEncrypted Algorithm: RC2Result: Encrypted data for selected text

m CrypTool includes every state-of-the-art cryptographic function and allows you to leam and use cryptography within die same environment.




Q u e s t io n s

1. Wliat are the alternatives to CrvpTool for encrypting data?2. How can you differentiate between encrypting data 111 CrypTool and

other encrypting tools?

0 NoInternet Connection Required

□ YesPlatform Supported

0 1Labs0 Classroom

Ethical Hacking and Countermeasures Copyright © by EC-CouncilA ll Rights Reserved. Reproduction is Strictly Prohibited.



E n c r y p t i n g a n d D e c r y p t i n g D a t a

U s i n g B C T e x t E n c o d e r

B CTextE 11 code/ * simplifies encoding and decoding text data. Plaintext data is compressed, encrypted, and con vetted to text format, which can then he easily copied to the clipboard or saved as a text file.


111 order to be an expert ethical hacker and penetration tester you must have knowledge of cryptography functions.L a b O b je c t iv e s

Tins lab will give you experience 011 encrypting data and show you how to do it. It will teach you how to:

■ Use encode/decode text data encrypted with a passwordL a b E n v ir o n m e n t

To carry out the lab, you need:■ BCTextEncoder located at D:\CEH-T00ls\CEHv8 Module 19

Cryptography\Cryptography Tools\BCTextEncoder■ You can also download the latest version of BCTextEncoder from the

link http://www.jet1c0.com/e11ciTpt1011-bctexte11c0der/■ If vou decide to download the latest version, then screenshots shown

111 the lab might differ■ Run tins tool 011 Windows Server 2012 host machine■ Administrative privileges to run the tool

L a b D u ra tio n

Tune: 10 Minutes

ICON KEY[£Z7 Valuable

informationTest yourknowledge



Ethical Hacking and Countenneasures Copyright © by EC-CouncilA ll Rights Reserved. Reproduction is Strictly Prohibited.


http://www.jet1c0.com/e11ciTpt1011-bctexte11c0der/


O v e r v ie w o f B C T e x tE n c o d e r

BCTextEncoder uses public key encryption methods as well as password-based encryption. Tins utility software uses strong and approved symmetric and public key algonthms for data encryption.

a T» s ■ 1 L a b T a s k sEncrypting the 1. Double-click the BCTextEncoder.exe file. The main window of

Data BCTextEncoder appears, as displayed 111 the following figure.BCTextEncoder Utility v. 1.00.6 L־ I ° - ׳

File Edit Key Options Help

[3 0 s? ?

Decoded plain text: Encode by: password v I I Encode |

I A

V

Encoded text: [_ Decode ]

A

V

m You can also download BCTextEncoder fromhttp://www. jetico.com

FIGURE 6.1: Main window of BCTextEncoder2. To encrypt the text, type die text 111 Clipboard (OR) select the secret

data and put it to clipboard with Ctrl+V.

C EH Lab Manual Page 952 Ethical Hacking and Countemieasures Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Stricdy Prohibited.

http://www


3. Click Encode. The Enter Password window will appear. Set the password and confirm the same password 111 the respective fields.

4. Click OK.י ד ^ BCTextEncoder Utility v. 1.00.6־


Encode by: passwordDecoded plain text: 130 B

Enter password

Cancel

Session key algorithm AES-256

Password: •••••••••׳

Confirm :

LoginUsernPassw

Encoded text:

FIGURE 6.3: Set die password for encryption5. The encoded text appears, as show 111 the following figure.

m BCTextEncoder utilizes the following encryption algorithms:• ZLIB compression algorithm• AES (Rijndael) encryption algorithm for password based encryption

• RSA asymmetric encryption algorithm for public key encryption

BCTextEncoder is intended for fast encoding and decoding text data




BCTextEncoder Utility v. 1.00.6 1 1 ° ־ X


Decoded plain text: 128 B Encode by: password v | | Encode |

Login Infomation:Username: samchoang ®yahoo. com Password:asdfgh

A

V

Encoded text: 664 B [ Decode

-- BEGIN ENCODED MESSAGE--Version: BCTextEncoder Utility v. 1.00.6

wy4ECQMCDgigsNHLCPBgULNwLKVwVmExFmiL/zkMcw9wj0hkL7w/dsw2sfC 51pJ3 OnABN +yXn 12R9NYpU6N lvNRNFwV +S9hLNrkA6A3eBumfSyNE70qdguFmjYs8yhV0 b 5b 5 -fblmROaUBQjcYNM 5XqpnTi4pfbsspMtTMzQgXAT aiEEcS8MhEgyPqpdUrR 5 pmeRQVEVQY08GUbT +HiOyS 40 -- END ENCODED MESSAGE--

A

m Tlie main advantage of BCTextEncoder is support of public key encryption.

FIGURE 6.4: Encoded text3 t a s k 2 6. To decrypt the data, you first clean the Decoded plain text

clipboard.Decrypting theData 7. Click the Decode button

FIGURE 6.5: Decoding the data8. The Enter password for encoding text widow will appear. Enter

the password 111 the Password held, and click OK.




BCTextEncoder Utility v. 1.00.6File Edit Key Options Help

Encode by; passwordDecoded plain text:

Enter password for encoding text

Cancel

Encoded text -Session key packet

Password :

Encoded text: 664 B [ Decode

-- BEGIN ENCODED MESSAGE--Version: BCTextEncoder Utility v. 1.00.6

wy4ECQMCDgigsNHLCPBgULNwLKVwVmExFmiL/zkMcw-9wj0hkL7w/dsw2sfC5JpJ3 OnABN+yXn 12R9NYpU6N lvNRNFwV+S9hLNrkA6A3eBumfSyNE70qdguFmjYs8yhVo b 5b 5 -fbJmROaUBQjcYNM 5XqpnTi4pfbsspMtTMzQgXAT aiEEcS8MhEgyPqpdL)rR 5 pmeRQVEVQY08GUbT+HiOyS +0 -- END ENCODED MESSAGE--

FIGURE 6.6: Enter the password for decoding9. Decoded plaintext appears as shown in the following figure.

5 " BCTextEncoder Utility v. 1.00.6 L “ T n xFile Edit Key Options Help

Decoded plan text: 128 B Encode by: | password v | |~ Encode

Login Infomation:Username: samchoang ®yahoo. com Password:asdfgh

/\

V

Encoded text: 664 B Decoded by password | Decode

— -BEGIN ENCODED MESSAGE-- [7 ]Version: BCTextEncoder Utility v. 1.00.6

wy4ECQMCDg1gsNHLCPBgULNwLKVwVmExFm1L/zkMcw9wj0hkL7w/dsw2sfC5Jp J3 OnABN +yXn 12R9NYpU6N lvNRNFwV +S9hLNrkA6A3eBumfSyNE70qdguFmjYs8yhVo b 5b 5 +bJmR0aUBQjcYNM 5XqpnTi 4pfbsspM tTMzQgX AT aiEEcS8MhEgyPqpdUrR 5 pmeRQVEVQY08GUbT -H-liOyS +0 -- END ENCODED MESSAGE--

FIGURE 6.7: Output decoded text

L a b A n a ly s is

Analyze and document die results related to die lab exercise.

£fl BCArchive includes the BC Key Manager utility to manage your own public/secret key pair as well as public keys you have received from other people

BCTextEncoder not only encrypts, but alsocompresses the data





Tool/Utility Information Collected/Objectives AchievedBCTTextEncoder

Result: Encoding and Decoding text for selected data

Q u e s t io n s

1. How can you differentiate between encrypting or decrypting the data in BCTextEncoder and other encrypting tools?


□ YesPlatform Supported

0 Classroom




Lab


R o h o s D i s k E n c r y p t i o n

The Rohos D isk Encryption-program creates hidden and protectedpartitions on the computer or USB flash drive andpasswordprotects/ locks access to your Internet applications.


Today's web browsers automatically encrypt text when making a connection to a secure server. This prevents intruders from listening in on private communications. Even if they are able to capture the message, encryption allows them to only view scrambled text or what many call unreadable gibberish. Upon arrival, the data is decrypted, allowing the intended recipient to view the message 111 its original form. 111 order to be an expert ethical hacker and penetration tester, you must have knowledge of cryptography functions.L a b O b je c t iv e s

Tins lab will give you experience on encrypting data and show you how to do it. It will teach you how to:

■ Use encrypting/decrypting commands■ Create a viruial encrypted disk with a file

L a b E n v ir o n m e n t

To carry out the lab, you need:■ Rohos Disk Encryption located at D:\CEH-Tools\CEHv8Module19

Cryptography\Disk Encryption Tools\Rohos Disk Encryption■ You can also download the latest version of Rohos Disk Encryption

from the link http: / /www.rohos.com/products /rohos-disk-encryption/■ If you decide to download the latest version, then screenshots shown

111 the lab might differ■ Follow the wizard-driven installation instructions

ICON KEY[£Z7 Valuable

informationTest yourknowledge





http://www.rohos.com/products


■ Run diis tool 011 Windows Server 2012 host machine■ Administrative privileges to run the tool

L a b D u ra tio n

Time: 10 MinutesO v e r v ie w o f R o h o s D is k E n c r y p t io n

Rolios Disk Encryption creates hidden and password protected partitions 011 the computer or USB flash drive with megabytes of sensitive tiles and private data 011 your computer or USB drive. Rohos Disk uses NIST-approved AES encryption algoridim, and 256 bit encryption key length. Encryption is automatic and on-thefly.

L a b T a s k s

1. To install Rohos Disk Encryption, navigate to D:\CEH-T00ls\CEHv8 Module 19 Cryptography\Disk Encryption Tools\Rohos Disk Encryption.

2. Double-click the rohos.exe tile/ Select the language English and click OK.

TASK 1Installation of Rohos Disk Encryption

Select Setup Language

Select the language to use during the installation:

English

CancelOK

FIGURE 7.1: Select die Language3. The Setup window appears. Read the instruction and click Next.

y=H You can also download Rohos from http://www.rohos.com



http://www.rohos.com


Setup - Rohos Disk Encryption

Welcome to the Rohos Disk Encryption Setup Wizard

This will install Rohos Disk 1.9 on your computer.

It is recommended that you dose all other applications before continuing.

Release Date: 06.07.2012 15:31:09

s

©

Cancel

FIGURE 7.2: Rohos setup wizard4. The Licence Agreement window will appear. Read the agreement

carefully and select the I accept the agreement radio button5. Click Next.

Setup - Rohos Disk Encryption

License AgreementPlease read the following important information before continuing.

Please read the following License Agreement. You must accept the terms of this agreement before continuing with the installation.

□

-

Tesline-Service S.R.L.http: //www. rohos. com /

License for use and distribution

The Rohos Logon and Rohos Disk Encryption ('Rohos') are distributed as try-before-you-buy. This means:

1. All copyrights to Rohos are exclusively owned by the authors

® I accept the agreementO I do not accept the agreement

Cancel< Back

m Portable Rohos Disk Browser allows to use encrypted partition on any PC without Admin rights, without install.

ca Encryption is automatic and on-the-fly. AES 256 bit key length. Using NIST compliant encryption standards

FIGURE 7.3: License agreement window6. Click Next.




FIGURE 7.5: creating Rohos desktop iconClick Install. Rohos Disk Encryption is ready to install.

FileVirtualization: prevents secret data leak outside encrypted disk on TEMP folders, Registry, Recent documents list, etc.

m Any file or folder can be easily moved into Encrypted Rohos Disk with shredding afterwards.




Setup ־ Rohos Disk EncryptionReady to Install

Setup is now ready to begin installing Rohos Disk Encryption on your computer.

Click Install to continue with the installation, or dick Back if you want to review or change any settings.

Start Menu folder: ARohos

Additional tasks:Additional icons:

Create a desktop icon

V

< l>

CancelInstall< Back

FIGURE 7.6: Rohos disk encryption installation9. Click Finish.

Setup - Rohos Disk Encryption_ ם

Completing the Rohos Disk Encryption Setup Wizard

Setup has finished installing Rohos Disk Encryption on your computer. The application may be launched by selecting the installed icons.

Click Finish to exit Setup.

0 Launch Rohos Disk

oS

©

Finish

FIGURE 7.7: Complete installation of Rohos disk encryption10. The Rohos Get Ready Wizard window will appear. Specify the

password to access the disk 111 the respective field.11. Click Next.12. Alternatively, you can also launch the program trom the Start menu

apps of Windows Server 2012.

m Secured virmal keyboard - protect encrypted disk password from a keylogger

TASK 2Disk Encryption




Rohos Get Ready Wizard

Step 1 of 3Disk Encryption

This wizard helps you create your personal encrypted disk. You can use it to store sensitive files and folders. The disk will be protected by a password. The wizard has determined best parameters for the disk but you may change it using 'details' link.

Encrypted Rohos disk size 5000 Megabytes, disk letter R :. Disk container path: Documents\rdisk0.rdi. [Change...]

Specify password to access disk:

Confirm password:

You can change disk parameters later on in Rohos Center window

Press ,Next'.

Next >ExitSkip this Wizard...

FIGURE 7.8: Select password for access disk13. The Setup USB Key window appears. Read the information, and

click Next.Rohos Get Ready Wizard

step 2 of 3Setup USB Key

If you have a USB key, you can use it to access your Rohos disk, so you don't have to manually enter the password every time.

Plug it in and choose check boxes to setup USB Key. If you don't have a USB flash drive, dick ,Next'.

Please insert your USB device. [Change...]

Learn more..

Setup this USB device :To access your Rohos disk

Press 'Next'.

Next >ExitSkip this Wizard...

FIGURE 7.9: Select USB key device14. The Rohos Updates window appears. Click Finish.

teisl Rohos disk uses NIST approved AES encryption algorithm, 256 bit encryption key length.

ca Rohos cares aboutusability: Your first Encrypted Drive can be turned on with a single click or automatically on system startup.




Rohos Get Ready Wizard

FinishRohos Updates

With Rohos Center you can check for updates over an Internet connection.You will have a chance to see what's new in Rohos and update size, and to download and install update instantly.

Inform ation:

R ra■ 16.2g You may dose Rohos Center window and Rohos will continue to run in . J z? lall taskbar (near the dock).

Find and use Rohos disk icon through Save As/Open dialog within MS Office and others applications.

It is strongly recommended to create a Password Reset File for Rohos disk \ to prevent forgotten password.

Press 'Finish' to create Rohos disk and open Rohos Center.

FinishExitSkip this Wizard.

Partition password reset option allows creating a backup file to access your secured disk if you forgot your password or lost USB key.

FIGURE 7.10: Rohos disk encryption update window15. The encrypted disk is created successfully, as shown 111 following

figure.Rohos Disk Encryption

Q Help..I SupportRoh

Disk is connected. Encrypted Disk (R:)I Size: 4.88 GB. Free space: 4.82 GB.Disconnect Browse Tools...

OptionsSetup disk auto start, disconnect hotkeys and other options.

Setup USB KeySetup USB stick as a hardware key to access Rohos disk.

■ Connect more...■ Create another one...י Create Rohos Disk within media file■ Restore Rohos disk.

•?

Hide folder l_ (£ ) Hide and encrypt a particular folder from

PC into Rohos Disk.

Change passwordSpecify new password to access Rohosdisk.

Encrypt USB drive I _* Create protected partition on your USB

flash drive.30-day trial period. 30 days left. Purchase License.

FIGURE 7.11: Successful creation of encrypted disk16. To decrypt the disk, click Disconnect.

m This option brings affordable and AES 256 strength encryption solution to improve security issues by preventing unaudiorized access to your Internet apps, such as Google Chrome, Firefox




- 1 ° p m iRohos Disk Encryption

SupportRoh s ן

Disk is connected. Encrypted Disk (R:) Size; 4.88 GB. Free space: 4.82 GB.Disconnect | Browse Tools...

0 OptionsSetup disk auto start, disconnect hotkeys and other options.


■ Connect more...■ Create another one...■ Create Rohos Disk within media file■ Restore Rohos disk.

• ז

I w a n t t o ...p*2!! Hide folderi— e> Hide and encrypt a particular folder from

PC into Rohos Disk.

Change passwordSpecify new password to access Rohos disk.

'a Encrypt USB driveCreate protected partition on your USB flash drive.£

30-day trial period. 30 days left. Purchase License.

FIGURE 7.12: Decrypt the disk17. Atter decrypting the disk, it will be displayed, as shown 111 the

following figure.

HU You can open 01 Save your protected documents right from MS Word (Excel) by clicking on die personal disk icon.

£ Support Q Help..

Rohos Disk Encryption

<3 UpdatesR oh^ s

Primary Rohos disk is not connected.f t Connect disk

OptionsSetup disk auto start, disconnect hotkeys and other options.


■ Connect more...■ Create another one...■ Create Rohos Disk within media file■ Restore Rohos disk.

I w a n t t o ...pa, Hide folder L .(2) Hide and encrypt a particular folder from

PC into Rohos Disk.

Change passwordSpecify new password to access Rohos disk.

Encrypt USB driveCreate protected partition on your USBflash drive.

30-day trial period. 30 days left. Purchase License.

FIGURE 7.13: Decrypt the disk

L a b A n a ly s is

Analyze and document the results related to the lab exercise.





Tool/Utility Information Collected/Objectives AchievedRohos Disk Encryption

Result: Successful connection of encrypted disk

Q u e s t io n s

1. Determine whether there is any way to recover the files from Rohos Disk Encryption if you forget the volume password.


□ Yes

Platform Supported0 !Labs0 Classroom



Technology

Ceh v8 labs module 19 cryptography