CEH Lab Manual Cryptography Module 20 (CoH Lab Manual Page 1679oN KEY © Valuable formation P Tos you nowdee BE Woberece BD Workbook review © Toots ‘demonstrated in this lab are available in ToolsiCEHv10 Module 20 Cryptography (CoH Lab Manual Page 1680 ‘Module 20 - Cryptography Cryptography Coyptograploy is the study and art of hiding meaningful information in a unreadable format. Lab Scenario With the increasing adoption of the Internet for business and personal ‘communication, securing sensitive information such as credit-card and personal identification numbers (PINS), bank account numbers, and private messages is becoming increasingly important, and yet, more difficult to achieve. ‘Today’s information-based organizations extensively use the Internet for e-commerce, market research, customer support, and a variety of other activities. ‘Thus, data security is critical to online businesses and privacy of communication. Cryptography and cryptographic (“crypto”) systems help in securing data from interception and compromise during online transmissions. Cryptography enables ‘one fo secure transactions, communications, and other processes performed in the electronic world, and is additionally used to protect confidential data such as ‘email messages, chat sessions, web transactions, personal data, corporate data, c- commerce applications, etc. As an ethical hacker or penetration tester, you should suggest to your client Proper encryption techniques to protect data, both in storage and during transmission. ‘The labs in this module demonsteate the use of encryption to protect information systems in organizations. Lab Objectives ‘The objective of the lab is to use encryption to conceal data and perform other tasks that include, but is not limited to: * Generate hashes and checksum files * Calculate the encrypted value of the selected file + Use encrypting/deceypting techniques "Perform file and data encryption © Create self-signed certificates © Perform email encryption "Perform disk encryption © Perform cryptanalysis Lab Environment ‘To carry out this lab, you need: © Windows 10 virtual machine ‘Ethical Hacking and Countermessures Copyright © by EC Coun "Al RightsReserved. Reproduction fSrcty Prohibited.(CoH Lab Manual Page 1682 ‘Module 20 - Cryptography © Windows Seever 2019 vietual machine © Web browsers with an Intemet connection Administrator privileges to run the tools Lab Duration Time: 110 Minutes Overview of Cryptography “Cryptography” comes from the Greek words Aryptos, meaning “concealed, hidden, veiled, secret, or mysterious,” and graphia, “writing”; thus, cryptography is “the art of secret writing.” Cryptography is the practice of concealing information by converting plain text (readable format) into cipher text (unreadable format) using a key or encryption scheme: it is the process of the conversion of data into a scrambled code that is sent across a private or publie network, There are two types of cryptography, determined by the number of keys employed for encryption and decryption: Symmetric Encryption: Symmetric encryption (secret-key, shared-key, and private-key) uses the same key for encryption as it does for decryption "Asymmetric Encryption: Asymmetric encryption (public-k different encryption keys for encryption and decryption; these keys are known as public and private keys Lab Tasks Ethical hackers or pen testers use numerous tools and techniques to perform ‘eryptography to protect confidential data, Recommend labs that will assist you in uses learning various cryptography techniques include: Baerypt the Information using Various 4 1 | Ceyptography Tools 4 7 1.1 Galeulate One-way Hashes using, v Y HashCale 12. Calculate MD5 Hashes using MDS. y 1 Calculator 1.3. Caleulate MD5 Hashes using. v Y HashMyFiles 14 Perform File and Text Message y V Encryption using CrypioForge Ethical Hacking and Countermeasures Copyright © by E-Coumell "Al RightsReserved. Reproduction fSrcty Prohibited.(CoH Lab Manual Page 1682 ‘Module 20 - Cryptography 1.5. Perform File Paeryption using Advanced Pneryption Package 1.6 Encsypt and Decrypt Data using, BCTestEncoder 2_| Greate a Sd-Signed Centfcate v V 2i_ Grate and Use Selfsigned Certificates | _V 3_[ Pesform Email Encryption v 3a_ Perform Email Eneryption using Real q 4 | Perform Disk Encryption v Vv 47 Reoen Dat Ean ig 1 7 42 Perform Disk Eneryption using i BitLocker Drive Encryption 7 43. Perform Disk Eneryption using Rohos q Y Disk Eneryption 5 | Periorm Copia 7 Coyptanalysis Tools 5.1_ Perform Cryptanalysis using CrypTool q v 52. Perform Cryptanalysis using q AlphaPccler ‘ Remark EC Counc has prepared 2 considered amount of lab exercies for stale to practice and at thei fee time to enhance thee Knoreedge and sil. ring the Say clas "Core «Lab exeris(@) masked ver Core ate recommended by C-Counel to be practised daring the Sedny cass. -4Seff-atudy - Lah exrcses) marked under slf-stady is For students to practise the Fee time, Stops to access the alton ab excches ean be found in the ist page of CEH 11 volume 1 book. ‘s+8;Labs - Lab exercises) marked unde Labs ae available in on Labs soltion, Labs is «clon: based virtual lab environment preconfigured with vulnerabilities, exploits, tools and scrips, an ean be accessed fiom anywhere with an Internet connection Ifyou are interested to learn more about our Habs solation, plea contact your training center or vit hips: / abs eecoumeong. Lab Analysis Analyze and document the results related to the lab exercise. Give your opinion on ‘your targets security posture and exposure, PLEASE TALK TO YOUR INSTRUCTOR IF YOU HAVE QUESTIONS RELATED TO THIS LAB ‘Ethical Hacking and Countermessures Copyright © by EC Count "Al RightsReserved. Reproduction fSrcty Prohibited.© Valuable information P Tos you nowdce BS Webexenie 1D Workbook review & Toots domonstrated in this lab are available in ToolsiCEHv11 Module 20 Cryptography (CoH Lab Manual Page 1683 ‘Module 20 - Cryptography Encrypt the Information using Various Cryptography Tools Cope i nad to en sent cata io poet tre rather by ary pty aber ‘a the pron for nbn itis rence Lab Scenario As a professional ethical hacker and penetration tester, you should use various cryptography techniques oF tools to protect confidential data against unauthorized access. Cryptography protects confidential data such as email messages, chat sessions, web transactions, personal data, corporate data, e-commerce applications, and many other kinds of communication. Encrypted messages can at times be decrypted by ‘cryptanalysis (code breaking), although modem encryption techniques are virtually unbreakable. ‘The labs in this exercise demonstrate how: ‘encrypt important information in the system. Lab Objectives * Calculate one-way hashes using HashCale * Calculate MD5 hashes using MD5 Calculator * Calculate MD5 hashes using HashMyFiles * Perform file and text message encryption using CryptoForge can use various cryptography tools to + Pesform file encryption using advanced encryption package # Enceypt and deerypt data using BCTextEincoder Lab Environment ‘To carry out this lab, you need: # Windows 10 vietual machine © Windows Server 2019 virtual machine © Web browsers with an Intemet connection, ‘Ethical Hacking and Countermessures Copyright © by EC Coun "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography Administrator privileges to run the tools * HashCalc located at BACEH-ToolsiCEHv11 Module 20 GryptographyiMDS and MDG Hash Calculators\HashCale + MDS Calculator located at EACEH-Tools\CEHV14 Module 20 CryptographyiMDS and MD6 Hash CalculatorsiMDS Calculator * HashMyFiles located at EACEH-ToolsiCEHV11 Module 20 CryptographyiMD5 and MD6 Hash Calculators\HashMyFiles * CeyptoForge located at EACEH-Tools\CEHV14 Module 20 Cryptography\Cryptography Tools\CryptoForge Advanced Encryption Package located 2 EAGEH-ToolsiCEHv11 Module 20 Cryptography\Cryptography Tools\Advanced Encryption Package * BCTextfincoder located at E:\GEH-ToolsICEHv11 Module 20 Cryptography\Cryptography Tools\BCTextEncoder # You can also download the latest version of the above-mentioned tools from their official websites. If you decide to download the latest versions, the screenshots shown ia the lab might differ Lab Duration Time: 35 Minutes Overview of Cryptography Tools System administeators use cryptography tools to encrypt system data within their network to prevent attackers from modifying the data or misusing it in other ways. Ceyptogeaphy tools can also be used to calculate or decrypt hash functions available in MD4, MDS, SHA-1, SHA-256, ete. (Ceyptogeaphy tools are used to convert the information present in plain text (readable format) into cipher text (unreadable format) using a key or eneryption scheme, ‘The converted data arc in the form of a scrambled code that is encrypted and sent across a private of public network. Lab Tasks 8 TASK 1 Calculate One-way Hashes using HashCalc Here, we will use the HashCalc tool to calculate one-way hashes. 1, Turn on the Windows 10 virtual machine and log in with the credentials Admin and PaS$wOrd. 2. Navigate to EACEH-Teols\CEHV11 Module 20 CryptographyMDS and MDG Hash Calculators\HashCale and double click setup.exe. B rask Install & Launch ; HashCale Too! Note: If the User Account Control pop-up appears, click Yes. 3. Setup - HashGale window appears, click Next. (CeH Lab Manual Page 1684 ‘Ethical Hacking and Countermessures Copyright © by EC Count "Al RightsReserved. Reproduction fSrcty Prohibited.Hates ‘alate a unique Ged se bitsting representation, call a esse est, of any biter Hock of {nfommation. Message des (One sy Hash) fants dil he iimmntioncontseedin le (mall or ao) i002 sige fed engh numbes, pally berwaen 128and 256 bits. any sgren bit of the fens {puts changed, every ‘ouput bit hs a 50 cance of changing. (Given an apt ands comrsponing mesege des tail bene Jnnpossblew find ancther Sle withthe same message sdges vale, sit is ‘computationally inks toave tn es wih he same message digest wake. abet crables yum compare ipl shes, ‘hechaamy and HMACS fortes cx and hex stings Ie suppons the Secure Hash Akg fey: MD2, MDs, IMs, SHIA SHIA2 (SHIA2S%, SHA364, SHASI2) RIPEMDICA, PANAMA TIGER, (CRE, ADLER, and the bash sed inthe per topene fe sig appheasons, Donkey and eke, (CoH Lab Manual Page 1685 B) Setup - HashCale = x ‘Module 20 - Cryptography Welcome to the HashCalc Setup Wizard Ts wl ital Haale 2.020 your compute. Iie recommended that you cose al ether apocatione before continang, (ick Neto continue, or Cancelto ext Setup [tet >] cance! Fig 1. Seep - Hae wink Follow the installation wizard to install HashGale using all default settings. Afier the completion of the installation, Completing the HashCale Setup Wizard appears, Uncheck the View the README file checkbox and click ‘Completing the HashCalc Setup Wizard ‘Setup has fished nstaling HashCalc on your computer The ‘applcation may be launched by selecting the ald icon. Chek Fish to ent Setup epee 112 Soup: Charing Haale esto ‘Ethical Hacking and Countermessures Copyright © by EC Count "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography 6. ‘The Hasheale main window appears, as shown in the screenshot. Fig LL. Hake Window 7. Minimize the HashGale window. Navigate to Desktop, right-click on the Desktop winclow, and navigate to New > Text Document (0 create a new text file. Note: You can create a text file at any location of your choice. 8. A newly created text file appears; rename it to Testetxt and open it Write some text in it (here, Helle World #) and press Gtr#8 to save the file. Close yg 14° Tete (CoH Lab Manual Page 1686 ‘Ethical Hacking and Countermessures Copyright © by EC Count "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography z 9. Now, switch back to the HashGale window; ensure “ot File option is Cancolabe selected in the Data Format field snd click ellipsis icon (~~) under the Data Values of a File fled. Hirashcaic ep KeyFoumat Ke Pwmac — [Testeting >] a i MDB mp4 i shal igure 11 Open ex le 10. The Find window appears, navigate to the location where you saved the Test.txt file crc, Desktop) and click Open. Segoe q a Ficttpe: [Wet] s]__ ee je 11. winds Tee (CoH Lab Manual Page 1687 ‘Ethical Hacking and Countermessures Copyright © by EC Coun "Al RightsReserved. Reproduction fSrcty Prohibited.(CoH Lab Manual Page 1688 ‘Module 20 - Cryptography 11. ‘The path of the selected file (Test-bet) appears under the Bata field. Ensure that the MDS, SHA1, RIPEMD160, and CRC32 hash functions are selected. Click the Gateulate button. resco austen ovat P nwac T sHazse T shase I shast2 T PaNaMa TIGER T Moz [7 ADLER32 eDonkey! eMule SlavaSoft [iaonaenbengnten J] Foot oT ig 1.7 Ces vals of Tene ‘Ethical Hacking and Countermessures Copyright © by EC Coun "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography 12. The calculated hash values of the Testtxt file appears, as shown in the sereenshot, IH Hashcate x Data Format Date: [Fie =] [CAUsentdarnnDeshop\Tenme —_| fom i rwwac— frewstis =] Ws Mpa | oa Ty sHazse T SHas84 sHasi2 ¥ Art RARER —] Pema [— Pir [ mp2 | Papers [ © ¥ once Bette SlavaSoft Close Help gee 114 Cauda es of es fe Borasx 1.3 15, Minimize the HashGale window, navigate to Desktop, and double-click the —— Test.tet file 0 open it. Modify the file content by writing some text (here, Modify Modified File wl!) and press Gtel#S to save it. Close the text file, File Content Titec nated File_Edt_Format_View_Help fified File ...11 Fe 112 Ned ex ete (CoH Lab Manual Page 1689 ‘Ethical Hacking and Countermessures Copyright © by EC Coun "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography 14. Now, double-click Hash@ale shortcut from Desktop to launch another HashCale window. A new Hash€ale window appears, perform Steps #9-42. Drask 16, Now, maximize the first HashGale window and place it beside the second < Mach HashCale window. You can observe changes in the hash values of the text, ‘ompere fore and af jon, as shown in the screens! un cro file (Test.txt) before and aftce the modification, as sh the shot, and Modified File [H'~ Original File Wie wodified File a Fie 1.1.10 Direc sh hf the set fe ‘Note: In sea-time, the HashCale tool is used to check the integrity of a file where the changes in the hash values indicate that the file content has been modified. 17. This concludes the demonstration of calculating one-way hashes using HashCale 18, Close all open windows and document all the acquired information. Calculate MD5 Hashes using MD5 Calculator TASK 2 Here, we will use the MDS Calculator tool to calculate MD5 hashes. Dorask 1, In the Windows 10 virtual machine, navigate to EACEH-ToolsiCEHv11 Module 20 GryptographyiMD5 and MD6 Hash GalculatorsiMD5 Calculator Install MDS and double-click mdScale(1.0.0.0).msi. Calculator Too! ‘The MBS Caleulator setup window appears; click Next, (CeH Lab Manual Page 1600 ‘Ethical Hacking and Countermessures Copyright © by EC Count "Al RightsReserved. Reproduction fSrcty Prohibited.& p24, MDSa0d MDY ae ims: igs sts oedicigal ponne {pylons w amos domes scarey teow te stem sit fils pay Tee Smtr ember coe eh bute resing menage ges ey Loire 2 tremps gosh sa wily wed ‘eypogplic hash funtion that kes 2 smceage of aitasy Tenet as inp an ‘tts 2 2b (bye) Engepant or mesage des of the np. The IMDS alprtim isuselin a wide vanity of expogranive appeaions ands well for digi Signararsappixions le intogy checking and song prow © MDs Calealatoe ‘sa simple application that ‘eats the MDS ash fofagive fie, anditean be weit lage files (ex mail rin) I featuesa progres ‘oun aid text Bld from wbich the final MIDS hssh ean be cs copied tothe clean! MDS ‘ear ca be wel 0 (CoH Lab Manual Page 1601 ‘Module 20 - Cryptography “The ral il guido you trough th toe raquo to sal MDB Cakustor on yur compte WARNING: Thc conte pomam i pitected by conyinhlaw ardor testes. UUnauhorzed ciciaton of deaon of hs progam or ny poor ol may res seve ch or imal pense and vil be porecle othe mani ele! posse unde the gure 212M Car Win Follow the installation wizard to install the MDS Caleulator using all default settings. Note: Ifa User Account Control pop-up appears, click Yes. 4. After the completion of the installation, che Installation Complote wizard appears; click Close. Installation Complete OS Cake hasbeen curceshuy tale Clic“ to ont Fleate use Windows Usdteto checker ary cite updates to the NET Frsmenark Figue 22:lmeton Compl wie ‘Ethical Hacking and Countermessures Copyright © by EC Count "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography 5. Navigate to Desktop, right-click on the text file (Testetxt) that we created Calculate MDS: calculate the MD5 hash of the file. es Sn Te Edit with Notepad~+ \@ Share — = = 6. ‘The MDS Calculator window appears, with the path of file under the File Name ficld and MD5 hash valuc under the MDS Digest ficld, as shown in the vores 7. Copy the MDS hash value from the MDS Digest ficld. a 11 Upper case nvm tt ean mma "Al RightsReserved. Reproduction fSrcty Prohibited.(CeH Lab Manual Page 1603 ‘Module 20 - Cryptography 8. Now, double-click the Test.te fle from Desktop to open it and change the content of the file by inserting, text within (here, Helle World.) Save and close the Test.txt fle. Testibt = Notepad Fare 125: Made coment 9. Afier changing the file content, again right-click on the text file (Festotxt) and click MDS Calculator from the context menu to calculate the MDS hash of the file, 10, A new MDS Cateulator window appears, with the MID5 hash value under the MDS Digest ficld. In the Compare To cid, paste the copied MDS hash value of the file before it was modified 11. The symbol (<>) between the MDS Digest and Compare To ficlls indicates that the MDS hash values of the file before modification is not equal to the MD35 hash value of the file after modification, File Tools Help Fle Name [CAUsers\Adir Desktop Test nt Caealte Original File a Modified File let 50e541910ic oaTede76cTS _] SS] [basessavesrosmsoaucdssaOtew Ti User case MDS Digest Fp 126 Mak he conan ‘Note: Ifa person wants to send a file to another person via a medium, they ‘will calculate its hashes and send the file (along, with the hash value) to the intended person. When the intended person receives the email, they will download the file and calculate its value using the MD5 Calculator ‘Ethical Hacking and Countermessures Copyright © by EC Coun "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography “The recipient compares the generated hash value with the hash value that was sent through email: iff both ally, tis evident that they received the file without any modifications by a third person and that the integrity of the file is intact. 12. This concludes the demonstration of calculating MDS hashes using MDS Caleulator. 13, Close all open windows and document all the acquired information. STas a Calculate MDS Hashes using HashMyFiles Here, we will use the HashMyFiles tool to calculate MDS hashes. Drase 3.1 1. In the Windows 40 virtual machine, navigate to E:ACEH-Tools\CEHV11 es Module 20 Cryptography\MD5 and MD6 Hash ast toot Calculators\HashMyFiles and double-click HashMyFiles.exe. 2. ‘The HashMyFiles main window appears, as shown in the screenshot © vaddirisi sol ily ht albws sotverbae he MDS ZSUSHAT hat of one ‘eros fein yoar speemyon cin ey ops be MDS/STTAL tenes ano ie Soar cesaetiem isn cane fle TlatNyFesca ao be tar an emtst imam of Wands spon and con ay the MDS/SIIAT ses tine wel or fate: Filename Mos Hat Fig 3. In the HashMyFiles window, click Files from the menu bar. From the drop-down list, click the Add Felder option. lnk wie ‘Note: You can also use the Add Files option to add multiple files. "Bad Proces Fler ‘add By Wierd rs Chee tex Figee 132 Hale window: Fis (CeH Lab Manual Page 1604 ‘Ethical Hacking and Countermessures Copyright © by EC Coun "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography 4. The Select Folder pop-up appears; click on the clips icon [LID to scloct the folder you want to encrypt. Fig 13 Sea alee pop ap ‘The Browse for Folder window appears; navigate to ENCEH- Tools\CEHv11 Module 20 Cryptography\MD5 and MDG Hash Calculators\HashMyFiles and sclect the Sample Files folder, then, click OK. Note: You can sclect any folder of your choice that you wish to enesypt. |\CEH-Tools\CEHWv11 Mode 0 Cryptography WD and [T] ceHv11 Mode 19 Goud Computing \ [] cev1i Module 29 Cryptography ‘ge 1 Barwa fo Flee 6. The location of the sclected folder appears in the ficld; click OK. ge 1 Skt Flr pop ue Sct fle ation (CoH Lab Manual Page 1605 ‘Ethical Hacking and Countermessures Copyright © by EC Coun "Al RightsReserved. Reproduction fSrcty Prohibited._ Youensbowe ‘other MDS and MDG Ish eles och a MD6 Hash Generator (apes fa brouser ‘comm, A Hash Generator haps /cbrosseding som), MD6 Hash Generator (haps feomver: tookcom), and md hash ‘caleulator (aps: fontinchatuooke ‘ont 0 caeulte MDS and MD hashes. = TAsK 4 (CoH Lab Manual Page 1696 ‘Module 20 - Cryptography 7. Allist of files contained in the folder appears, along with their various hash values such as MDS, SHAT, GRC32, cic. Confsenioite——_e2SS6c500SDSeseDTSS0O) lf) sos oicealeoooonesa wel Ta Diving Licensjpg —SOOLATaIOLCTE7IOINDCSADETSAS e771SRMBEDTZSIOSGL SeTEPEatd. Fg 136 ass wi i wi ah wae 8. In the HashMyFiles window, click Options from the menu bar and choose Hash Types from the options, You can observe a list of hash functions such as MDS, SHA1, CRC32, SHA-256, SHA-512, and SHA-384, which you can choose (here, the MID5, SHAT, and CRC32 hash functions were selected). range seats cnn Cipboors esse ak enc! Hass 2c Emile plow Conte Mane Eni lo Conte Mason Show Hern pear [Bl exc Veron nemaon ‘A Hendetne To SY tede ition On Ty sons 0n 0p gme 137 Hades window: Opin at ‘Note: In real-time, you may share confidential information in the folder in an ‘encrypted form to maintain its integriy 9. This concludes the demonstration of calculating MDS hashes using HashMyFiles, 10. Close all open windows and document all the acquired information Perform File and Text Message Encryption using CryptoForge Here, we will use the CryptoForge tool to encrypta file and text message. Note: Hasure thar the Windows 10 vietual machine is sunning. 1. ‘Turn on the Windows Server 2049 virtual machine; log in with the credentials Administrator/Pa$SwOrd. ‘Ethical Hacking and Countermessures Copyright © by EC Coun "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography 2. Navigate to ZACEHV44 Module 20 Cryptography\Cryptography EB task ToolsiCryptoForge and double-click CryptoForge.exe. Install Note: Ifa User Account Control pop-up appears, click Yes. CryptoForge 3. The CryptoForge Installation window appears; click Next. 2 Coprorong isn for pereoal and professional deta secu Iealows ym to protect fhe pac of senive Sl, foldes, oe emul messages by enoypiing thm wih trons cnenption algothms (Oc te information has deen energie can be stored on insecure media insceure nctwork ach 2 the Inernet—ane remain pata: Late the infematsoa canbe decrypted im ison fom Figee 142: Gypeog Insane 4, Follow the installation steps to install the application using all det settings After completion of the installation, CryptoForge installa successful wizard appears; click Finish Fig 142: Gypfong: eslion secs CEH Lab Manual Page 697 Ethical Hacking and Countermeasures Copyright © by E-Coumell ‘A RightsReserved. Reproduction Suit Prohited.‘Module 20 - Cryptography 6. Now, switch to the Windows 40 virtual machine. Navigate to EACEH-ToolsiCEHv11 Module 20 Cryptography\Cryptography Tools\CryptoForge, double-click CryptoForge.exe, and follow the steps to install the application using, default settings. 8. Right-click the Confidential-txt file located at the same location Brasw a2 (ENCEH-Tools\CEHv11 Module 20 Cryptography\Cryptography Encrypt a File Tools\CryptoForge) and sclect Enerypt from the context menu. Note: In this task, we are encrypting the Confidential.txt file, although you ‘can encrypt any file of your choice. Os copra ips ovsanse + 4 [De cyptogaphy Teak» coptoFowe HB downionse 4 Name Date moses Bi tocomen 9) crea} op Bream 4 topo civtoas a ta G coined Ws cater cin tedae Uf tae nape alia © Onetrve % sed int were 2 Sue Bw obec pen ith Zits Item siected 15 bytes Sate ARSh4_ Gor eccensto gute 43: Bneryping Fle 9. ‘The Enter Passphrase - CryptoForge Files cislog-box appears; type a password in the Passphrase ficld, retype it in the Confirm field, and click OK. The password used in this lab is qwertya1234, WD Enter Pazsphrace~ CiyptoForge Fes (CeH Lab Manual Page 1608 ‘Ethical Hacking and Countermessures Copyright © by EC Coun "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography 10. Now, the file will be encrypted in the same location, and the old file will be deleted automatically, as shown in the screenshot. ‘Note: No one can access this file unless the user provides the password for the encrypted file. You will have to share the password with the user through message, email, or any other means. Oia ae 4s ei Protoqui: Cony Pate fy Dv mE ew” eseries 2 see Cippoad Organize New Open © > +t DD cyptoge...» CryptoForge vO) Search CoptoFoxge $F downloads Name Date moiied |B Documents Come TeronoIssnaP ipcmes 6 Ta [cet toote Ty cet Module Th cett Module w Fig 145: Fle Baopted Totasn 4.3 11, Let us assume that you shared this file through a shared network drive. Decrypt the 12. Now, switch to the Windows Server 2019 virtual machine and navigate Encrypted File to ZACEHV11 Module 20 Cryptography\Cryptography Toolsi¢ryptoForge. You! will observe the encrypted file in this location, 13, Double-click the encrypted file to deceypt it and view its contents. Pinto Quick Copy Paste ctpvoars organize Open © [« cop. » CoyptoFer W/O) Semen CyptoForge Date modified H Quick access Mi dettop + Downloads B Documents + y < 2items_1 item seected_166 byt Dacre he erp Fe (CoH Lab Manual Page 1609 ‘Ethical Hacking and Countermessures Copyright © by EC Coun "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography 14. The Enter Passphrase - GryptoForge Files dialog-box appears; enter the password that you have provided in Step#9 to encrypt the file and click OK. Fg LA: ter Phen - Cong kes Dlg Boe 15. Upon entesing the password, the file will be successfully decsypted. You may now double-click the text file to view its contents, Wer Of oem ae GF ee, 1 « coptopnghy Tol » Captefoge profowe 2 1 Ovi ccs i copteceere [Fat Foret View Hele dates + Isy vise credit Card manber ds 426 see tees se3e Downloade sy Sank Account munbor is 34¥"440"21 Became # sy Card pin moaber is *68 Di cyptoroge » « Windows (tnt Col 10% Figure 14 File Deen Suessfly 16. So far, you have scen how to encrypt a file and share it with the intended user. Now, we shall share an encrypted message with a user. 17. In the Windows Server 2019 machine, click the Start icon present in the Task 4.4 bottom-left comer of Desktop and click GrypteForge Text from the Encrypt a apps to launch the application. Message mn Pn 18. The EryptoFerge Text window appears; type a message and click Encrypt from the toolbar. (cet tab Manual Page 1700 ‘tical Hacking nd Countermeasures Copy © by £8 Comal "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography 1D CrpteForge Tot (Tal Mode) Document MyAccount Number ia rae] Figure 149: Bnerypting Text Message 19. The Enter Passphrase - CryptoForge Text dialog-box appears; type a password in the Passphrase ficld, retype it in the Confirm field, and click 0K. The password used in this lab is test@123. Erker Barsphiare CoptoForge Tet xX a FAHide Typing SS Num Lack mm Copa] ~§_ =] — —— gre 1.410 inte Pasptnse -Copofoge Text Diogo 20. The message that you have typed will be encrypted, as shown in the screenshot. TW copetonge Tex tl ode Docoment Fle Git View Message Insert Fermst Hep pica cecal Dea) slo oO) BZ uy [eae Figue 14.1: Encrypted Message (CoH Lab Manwal Page 1701 ‘Ethical Hacking and Countermessures Copyright © by EC Coun "Al RightsReserved. Reproduction fSrcty Prohibited.Fey New chien * v Las Open..ctivo | Deeypt | Ime Fie Reopen Me 2) 9%) BLD |[Coreitien ‘Module 20 - Cryptography 21. Now, you need to save the file. Click File in the menu bar and click Save. TW copterorge Tex Tal Mode) Document? “as it View Message Insert Format Help iS TAsK Decrypt the Enerypted Message (CoH Lab Manual Page 1702 fd sve cans le4 Prine, cotep _[exbtkvbuLwmayrs0rkLapes 7p7A64‘ez0zez ninapecqloveBsubZl vy | cont rar T3VyoNTOXS3 Inag4# Sms TSCFBZEOR ET 0GYTWGT xPmufe2C frnaucgowraritesprmatargon20peb1 1kOBIISS2e61NCOSETEFE}ORGD Page Setup. ge 1412: Sing the Fe 22. The Save As window appears; navigate to ZACEHV11 Module 20 Gryptography\Gryptography ToolsiGryptoF orge, specify the file name as, ‘Secret Message.cfd, and click Save. ome z . > Organize + New folder E+ @ Wi Desktop * Name - Date modified Type a aon ee wm ae ae ese [een] ‘Save as type: CryptoForge Document (*.cfd) »| Wield a Fig Sig the Fe 23. Close the GryptoForge Text window. 24, Now, let us assume that you shared the file through the mapped network drive and shared the password to decrypt the file in an email message oF through some other means. 25, Switch to the Windows 40 virtual machine and navigate to ENCEH- Tools\CEHv11 Module 20 Cryptography\Cryptography ‘Ethical Hacking and Countermessures Copyright © by EC Coun "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography 26. You will observe the encrypted file in this location; double-click the file Secret Message.cfd. TDD Di | coprororge ax Home | share View ¢ @O4e% 92 Ge pinto cack Copy Pate tis Sy levis | some nas a mat em | covoma rpnue New open & > +t De copoge. » Coptafoge ——/0| | SewehCyptfenge 9 «Name - Date modified H Ouie access BB confidentiatie 12/10/2019 604 PM Wi Dektop & CoyptoForge exe /10/2019 5:47 PM WF Pownioads ¢ Secret Message ta aA TOS B Documents Eire te I 3ikems_ litem selected 518 bytes State MR Shared Figure 14.4 Viewing the Encrypted Fle 27. ‘The GryptoForge Text window appears, displaying the message in an encrypted format. Click Beerypt from the toolbar to decrypt it, © CryptoForge Tet (Tiel Mode) - Secret Messagectd Deagalsmaal oe b#* Downloed CryptoForge ~ https://we.cryptoforge.com *** evLda83 J9UGE2 9645 fcxlrarT jVIROTOKS STnxg4SentbI¢CFBZEOR¢ 1oGYTWG7TPaufeB2C ‘PusBoJcGaRr1JulTe€ExpatybulyalyrSQcHLEpcE Pp7Aélee207d7fhLaibttglJvZB4ab2] 90g ‘TogdsbOGcG U0 KPvSAiTORCGS/xETbSbf stat sPg2n2dpeDl IKDBITBS2Sei=OMsTYEF JORIS KoyyiRpowoFeW3ac <-+= CRYPTOFORSE END BLOCK -—-> caer (Coe ew xp ~)) ge 14.15: Decrpting the Fert Fi 28. The Enter Passphrase - GryptoForge Text dialoy-box appears; enter the password you provided in Step#19 to decrypt the message in the Passphrase field and click OK. (CoH Lab Manual Page 1703 ‘Ethical Hacking and Countermessures Copyright © by EC Count "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography ID) Enter Basiphrase - CryptoFerge Tea Figure 1416 Enter Pasphens - Copan Text Dio tox 29. ‘The GryptoForge Text window appears, displaying the message in plain- text format, as shown in the screenshot. Cryprge Tet (hel Mode) Secret Message.cd File Edit View Message Inst Format Help 2 | a é a Passphrase| Encrypt Decrypt Insert File oF S| A Bs | [eaceut gue 1417 Mesage Deep Saceesily ‘Note: In real-time, you may share sensitive information through email by ‘encrypting data using CryptoForge. 30. This concludes the demonstration of performing file and text message encryption using CryptoForge. 31. Close all open windows and document all the acquired information. 32. Turn off the Windows Server 2049 virtual machine DS TasK se” Perform File Encryption using Advanced Encryption Package Here, we will use the Advanced Encryption Package tool to perform file encryption. 1. In the Windows 10 virrual machine, navigate to ENGEH-Tools\GEHv14 CETTE Module 20 Cryptography\Cryptography Tools\Advanced Encryption Install Advanced Package and double-click aep.mst Encryption 2. Windows Installer initializes and the Advanced Eneryption Package Package rypt kag Setup window appears; click the | accept the terms in the License Agreement checkbox; thea, click Install. (CoH Lab Manual Page 1708 ‘Ethical Hacking and Countermessures Copyright © by EC Count "Al RightsReserved. Reproduction fSrcty Prohibited.Advanced mention Package 2 fe enenption sofwate for Winds uscd foe secure trans, bch Seererption sel ccrypd beclaps I suppoas le and/orwext ‘cespio, pestis secure fe deletion and ‘rete ened ‘eatating fle wo snd ‘pera arachment. (CoH Lab Mana Page 1705 ‘Module 20 - Cryptography ‘Note: If User Account Control pop-up appears, click Yes, BE avanced Encypion Package 217 Scop = Please read the Advanced Encryption Package 2017 License |1_ All convrinhts to AFP 2017 ‘icc intal tonsa the product wth default ptons fora users, Cc Advanced to change nstallaton options. pet) [Renee] [eee igre 15: Adranced Encryption Paclaye Sep window Follow the steps to install the application with default settings. After the completion of the installation, Completed the Advanced Encryption Package Setup Wizard appears; then, click Finish. Bavenced Encryption Package S017 Saup ‘Completed the Advanced Encryption Package 2017 Setup Wizard Click the rich bution to ext the Setup Wizard Figure 1.2: Advanced Encryption Paclage Setup window ‘Ethical Hacking and Countermessures Copyright © by EC Coun "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography 5. Now, click the Start icon from the bottom-left comer of Desktop; and from the list of Recently added applications, click Advanced Encryption Package 2017 to launch the application. 6. ‘The Advanced Encryption Package - License Manager window appears. Under the License Manager scction, select the Start free 30- day trial radio bution and click Next. Advanced Encrypt License Manager Oseyacmatoncote | — — (CoH Lab Mana Page 1706 Ethical Hacking and Countermeasures Copyright © by E-Coumell "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography 7. ‘The Metivating step appears displaying a Sueeess! message; then, click Next. Advanced Encryption Package - License Manager Activating success! Figure 155: Action Window 8. Leave all options set to default in the License Information step and click Finish. ‘Advanced Encryption Package - License Manager License Information Produc: ‘Advanced Enenpton Padage Evan Figs 156: Lice aformation section (CoH Lab Manual Page 1707 ‘Ethical Hacking and Countermessures Copyright © by EC Count "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography 9. ‘The Advanced Encryption Package main window appears, as shown in the screenshot, ‘igue 157: Lieene Information scion (CoH Lab Manual Page 1708 ‘Ethical Hacking and Countermessures Copyright © by EC Count "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography 10. In the Advanced Encryption Package window, expand E: drive and task 6.2 navigate (o CBH-ToolsiGEHv11 Module 20 Cryptography\Cryptography Encrypt a File ToolsiAdvanced Encryption Package. Sclect thc Sample.docx file located in the given location and click Enerypt in the toolbar Elvanced Encrpon Poclage 2577605" Wal Vosson rox fle E-Mail Options Tooke Help FE contede Ce itab Prevegiter (ist Made 2 Fotrning ard Recaaisace CBrvsiMoade O4Esuneaten CBr Moai 0 Urey arayss Cons iMaade 0 Sjtenracing cer skMoade 8 Sing Err skoae 9 Sol ngneerng CBs Mole 19Denlf race Bite 1 Seen cng CBs 1Maae 126vedeg Ds, Frewall, na Heneypots Ber tMoaie 13hacin ie Severs GonsiMaase rshacin ie Apiestons Cevrimoade 1559. ect cEvnimoaie 1sracere wrekesnetraris Ceevii mode 17 Hace Hobe Pitome cErvskMoade 1 Goud Conoutng ¥ Tl cewsimoae m eypoo—y > [mos ensrs ch cedars lester set OupatFoter itv atne @onevate Oreste. al Osim sab l gure 1.5.8 Min window of Advance Bnorypton Package (CoH Lab Manual Page 1709 ‘Ethical Hacking and Countermessures Copyright © by EC Count "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography 11. You need to provide a password for eneryption. In the right-hand pane, enter the password into the Pwd field, retype it in the Again field, and click Enerypt Now! button (ere, the password provided is teste123) EW LMadse19Dena-o Seve (CEh iMod 1 Season dg CW Made 12Esadrg Ds, Freval, an Honeypots (CBW Made 13 Hoc ie Severe CE Made 14s le eats CBW Madde 1559. econ (EW Madde 16a ress Netrrs cowiavesie ireangeseratone eyaivotse Wad core ceraincas wenpowrey + Tewermn igure 159% Bary the select le (CoH Lab Manual Page 1710 ‘Ethical Hacking and Countermessures Copyright © by EC Count "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography 12, The encrypted Sample.decx.aep file appears in the same location as the original file (.c., ENCEH-Tools\CEHv11 Module 20 Cryptography\Cryptography Tools\Advanced Encryption Package). 13. To deeeypr the file, fest, select the encrypted file and click on Decrypt. IGE Siranced Enoyplon Package 2077806. Tal Venion Srisubmeecste cove storey dnc Sbwiiieassasernghecnte SEitweic otc Ceustneta Srey oe cerainodseteoeerasee ceratneases sang Sine sd peers CEwishetae nowutatsence Series iesesrgcg hives inscng rend mt Geuatnens ona snes ceratvens tesa ne pee ceysinens 54 Deen eyainods irate rare eSratnetse osmaese re SSrtease Gaede Srasncioe nemponey Terman oon o kretedoepsmteage DE ES TeckICSW ii odie 2 piogaahrvpngaahy Tob aancE Sane doo [148 => Sang doc np [118], bane, Posed 1 es. Succeeded Fad 0 Proceed 1:1. Aeron spec: 11 48/6 Fg 1.5.10 Decrpting the sect ke (CoH Lab Manual Page 1714 ‘Ethical Hacking and Countermessures Copyright © by EC Count "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography 14, You will be prompted to enter the password. In the right-hand pane, under the Password ficld, enter the password that you have provided in Stepitt. 15. Under the Souree file(s) section in the right-pane, click the Delete radio- Task 5.3 button to delete the source file Sample.deex; then, click Decrypt Now!. Decrypt a File Ti cotteae CB: Peres CE: Moale 02Fetsntng ard Recon ons Moae 0 Sesmng heb CevriiMoale osesuneaten cestode 2 ure ay seas CBr Mode 65 ten ada Bett Mode 8 ing (CEtvst Make 9 Sol ngeering CBvsiMoale Woenal Seve Berit Mone 1Sessogscng Cows iMoaie 126.9ar9 Ds, Frew, na Heneypots ceviimoale 1shacere We Severs Cevrmode 1enscer ie Apistone cerrsimoade 1559. econ CEvsimode s5racing Wess Netatis CBs Mole 17 Hac MoblePiorms eBvit Mole 18 Oaud Comey CBwsiMale DErDY [1 eyotooeny Tos [Agreed treypsonPacoge Sore soo, 1D EB Tes GSH 1 Ne 20 Cypagachy plore Tosbicranend Seni docs [1168] => Sane dx np [118), Dove Proceed 1 es. Sueded Fale: 0 2 Procased 1298, hve sped: 1148/2 Fig 5.11: Derpeing the selected le (CoH Lab Manwal Page 1712 ‘Ethical Hacking and Countermessures Copyright © by EC Coun "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography 16, The File exists already... pop-up appears, click Yes. File exists slresdy.. Fle E:\CEH-Tools\OE4V11 Module 20 Cryptography cryptography Todls\Advanced. Encrypton Package’ Sample.docx"is existing. Overarite? CD we [eae Figure 15.12 Flext ead... pop-up 17. ‘The decrypted file (Sample-deex) appears in the same location, as shown in the screenshot. fle EMO Options Tools Help ode: Passed al — (Ev Hosde 19 Grud comoving (Ce Mose 20 Cyptsrashy Set Outpt Fler @aoest eer Coston Serpe docx. [118] DSETED) => Same doe (1112) TZ done. recess Res. Suze. Foie Processed 1116. Average sped: 118)s Figae 15.15: Deep fle (CoH Lab Manual Page 1713 ‘Ethical Hacking and Countermessures Copyright © by EC Count "Al RightsReserved. Reproduction fSrcty Prohibited.5S TASK 6 Task Encrypt the Data 2 wetenitinander Ges encoding aad doccing text dita Pin test dats ae compresed, ‘cenit and coer to tent foc, wh ean then be eal epics the clpboatd or saved asa text le Ths ity sofware ese pic ey ‘exyption methods and pesstond bed ‘ceeypiog 25 wel as strong and approved Symnmetic ard pub hey ‘gris fox data ‘cenption, (CeH Lab Manual Page 1714 ‘Module 20 - Cryptography ‘Note: In real time, network administrators or ethical hackers use this tool to ‘encrypt files and send it to the intended persons to safeguard the integrity of the files. 18. This concludes the demonstration of performing data encryption using the Advanced Encryption Package 19. Close all open windows and document all the acquired information. Encrypt and Decrypt Data using BCTextEncoder Here, we will use the BCTextEncoder tool to enerypt and decrypt data. 1. In the Windows 10 virtual machine, navigate to ENCEH-Tools\CEHV11 Module 20 Cryptography\Cryptography Tools\BCTextEncoder ani double click BCTextEncoder v.1.03.2.1.exe. 2. ‘The BeTextEncoder Utility window appears, as shown in the screenshot. BCTecEncoder Uulty 10321 “Ts Fie Edt Key Options Help Baesorrtae? peeiion et eS 7, = igre Le Min window of BCTistnenlee ‘Ethical Hacking and Countermessures Copyright © by EC Coun "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography 3. Toenerypt the text, insert text in the clipboard Or Select the data that you want to encode and paste it to the clipboard by THT ectoatncoderiyye RT File Edt Key Options Help BaoaoTrdae? peoniin ot cttn ee —-—EeEeEEES gw 162 NC Tear Set into pad 5, The Enter password pop-up appears; enter the password into the Password ficld and retype it ia the Confirm ficld; thea, click OK. Heze, ‘we use the password test@123. Figuee 1.43: Set the pasnwond fr enenpion 6. BETextEncoder cacodes the text and displays it in under the Eneoded text section, as shown in the screenshot. (CoH Lab Manual Page 1715 ‘Ethical Hacking and Countermessures Copyright © by EC Coun "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography HF ecTonEncoderUuiiy GRR le Edt Key Options Help Basertid ae? Hoge 1464 Baie tex Bovase 7. ‘To decrypt the data, first, you need to clean the Decoded plain text in the the clipboard, and then click the Decode button. Bi actostncoaer yyy 12) Fle fat Key Options Help agsottae? OcTexteader Uy. 1.05.2.1 4 EC CMCP SLAF op NEREWPSRK AE ASHES SP SOhgDeT ces SONI ZSPN tenia Is hsalehasaciimecg apc anes? ZabORaCGeEDAIARC SnIDATSNAN SC MSE REG AI PAHENETIS ADMD gu 65: Decing dat 8, ‘The Enter password for encoding text dialog-box appears; insert the Password (test@123) into the password ficld and click OX. Ener password for encoding tod ["f') cncaded text -Sesson key packet ge 1 Batre pteword or deeding (CoH Lab Mana Page 1716 ‘Ethical Hacking and Countermessures Copyright © by EC Coun "Al RightsReserved. Reproduction fSrcty Prohibited.© Youemnakoue other expla tok such AXCype haps? ewwaxenpe ne) Micra Cryptography Tools (tps docs icrnote ‘nn, and Concealer haps? mulch. com) tocnenne ‘comida data (CoH Lab Manual Page 1737 ‘Module 20 - Cryptography 9. ‘Whe decoded plain text appears under the Decoded plain text section, as Shown in the screenshot. FF ScTectncoder Uslty 1032) ile Edt _Key Options Help Baasurtrtase? ge 1.67: Opt decade ext Note: In real-time, using this procedure, you can encode the text while sending it to the intended user along with the password used for encryption. ‘The user for whom the text is intended should have the BCTextEncoder application installed ‘onhis/her machine. He/she will have to paste the encoded text into the Encoded text section and use the password you shared, to decode it to plain text. 10. ‘This concludes the demonstration of enerypting and decrypting the data using BCTextEncoder. 11. Close all open windows and document all the acquired information, 12. ‘Turn off the Windows 10 virtual machine, Lab Analysis Analyze and document all the results discovered in the lab exercise, PLEASE TALK TO YOUR INSTRUCTOR IF YOU HAVE QUESTIONS ABOUT THIS LAB Int Oyes No Platform Supported Classroom Hitabs ‘Ethical Hacking and Countermessures Copyright © by EC Coun "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography Create a Self-signed Certificate A af sped ania isan ikntty arte sie ly the sare ently nhs icky it veri. Lab Scenario As a professional cthical hacker and penetration tester, you must possess a proper [> knowledge of creating this ceztificate as it validates the public key contained within knowledge B Weberercie DD Workbook review © Toots ‘demonstrated in this lab are available in ‘ToolsiCEHv11 Module 20 Cryptography (CoH Lab Manual Page 1718 the certificate belonging to the person, company, server, or other entity mentioned. ‘The labs in this exercise demonstrate the exeation of a self-signed cestfiate. Lab Objectives © Create and use self-signed certificates Lab Environment ‘To carry out this lab, you need: © Windows Server 2019 virtual machine Web browsers with an Intemet connection * Administrator privileges to run the tools Lab Duration ‘Time: 10 Minutes Overview of Self-signed Certificate In cryptography and computer sceusity, a self-signed certificate isan identity certificate signed by the same entity whose identity it verifies. However, the term is unrelated to the identity of the person or organization that actually performs the signing procedure. ‘Ethical Hacking and Countermessures Copyright © by EC Coun "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography Lab Tasks -B_TASK 14_ Create and Use Self-signed Certificates Here, we will create a self-signed certificate in Windows Server 2019. 1, Turn on the Windows Server 2019 anc log in with the credentials Administrator and PaSSwOrd. 2. Before you start this task, you will need to check with your local sites whether they include a self-signed certificate. 3. Launch any web browser (here, Google Chrome), type Verify Self-Signed https:/iwww.goodshopping.com in the address bar, and press Enter. 4. As you are using an https channel to browse the website, it displays a page stating that This site can't be reached. 2 setesigned As the site does not have a self-signed certificate, it displays a connection as refused message, as shown in the screenshot. Close the web browser. Sgpod eee a set cenates prof publ comedienne * eel pevate keys sng € > © [0 inwe/mmaocdshoppingcom suchas Adobe Acrobat Reads Java's ejool, Apple's Keychain, ete and sgt the deeument wi 5 the public key This site can't be reached wer goodshopping com ses o cone + Checking the connection + Checking the proxy and the fewal pre 21s wo goebhoppg com bein ing Cerio (CoH Lab Manual Page 1719 ‘Ethical Hacking and Countermessures Copyright © by EC Coun "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography 6. Click the Type here to search icon 1} preseat in the bottom-left of Borasx 12 aS Desktop and type fis. Select Internet Information Services (IIS) Launch IIS Manager from the results. Manager 7 = oD & Internet Information Services (IS) Manager Daskop FP © Tense Tope reps the peat ky frm the ek onder "Intent information Services (IS) 60 Manager dbeclosing the privat key ths mabey self certctes wef only ina self comzoled testing D tasn 7. The Internet Information Services (IIS) Manager window appears; click — the machine name (SERVER2019 (SERVER2019\Administrator)) under Configure Server the Connections scction from the left-hand panc. Certificates ‘et Lab Manual Pope 1720 Ethical Hacking and Countermeasures Copycat © by EE Commel "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography 8. In SERVER2019 Home, double-click Server Certificates in the US section, [SERVER?OTO Home| (nemaneememeey (eee | | eto 2438 fee aR 4 & ae Pe atte eee el a #8 6 @ a we. Soe, ye aA oe pote 21.5115 Manges Server Ceneates 9. ‘The Server Certificates wizard appears; click Create Self'Signed Certificate... from the right-hand pane in the Aetions section. Gy server Certiticates ‘eens te sack Seonterccn'gucstor Fite: Ye: Tame ‘eueso Figure 21.4 Server Catetes (CoH Lab Manual Page 1723 ‘Ethical Hacking and Countermensures Copyright © by EC-Coumell "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography 10. he Greate SelfSigned Certificate window appears; type GoodShopping in the Specify a friendly name for the certificate {ick Ensure that the Personal option is sclected in the Select a certificate ‘store for the new certificate ficld; then, click OK. Specy fierametortheceticaerequet. Th inernation can bent te ease authority fr soning Specy fend namefor the ceiiate eon Selecta cece storeforthe now cenicete EE igi 218 Spey Pedy Name 11, A newly exeated self-signed certificate will be displayed in the Server GJ Server Cericates = 8s =e Gpiy omens Figure 21.6 Server Cetfates (CoH Lab Manual Page 1722 ‘Ethical Hacking and Countermessures Copyright © by EC Coun "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography and the Sites node from the left-hand pane, and select GoodShopping irom the available sites. Click Bindings. from the right- hand pane in the Aetions scction. Ver apabetions| Vn il Deets Manage Webste 2 Rett > su 8 sep Browne Wee = TE som joosheping com ‘onto ra80 mp) gue 21.7 ing Ste Bindings 13. ‘The Site Bindings window appears; click Add. See Bndnge Type HoaName Pot IPAs: ‘Binding informa. ftp wom goodshop... 1010.09 gure 21.8 See Binding window (CoH Lab Manual Page 1723 ‘Ethical Hacking and Countermensures Copyright © by EC-Coumell "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography 14, ‘The Add Site Binding window appears; choose https from the Type field drop-down list. Once you choose the https type, the port number in the Port ficld automatically changes to 443 (the channel on which ITTTPS runs) 15. Choose the IP address on which the site is hosted (here, 10.10.40.49) 16. Under the Host name ficld, type www.goodshopping.com. Under the SSL certificate ficld, sclect GoodShopping from the drop-down list, and click OK. Add Site Binding Type IP address: y] foraroas y] [wunv.goodshopping.com 1 Digable OCP stapling gute 219, Aang Ste Binding (CeH Lab Manual Page 1724 ‘Ethical Hacking and Countermessures Copyright © by EC Coun "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography 17. The newly created SSL. certificate is added to the Site Bindings window; thea, click Clase. Padres Bindinglnfora. sa03019 igure 21.10 Added HTTPS Chane, 18, Now, right-click the name of the site for which you have created the self signed certificate (here, GeodShepping) and click Refresh from the context menu. Tran elemnaion Sone Ma TD (Wy serve + ster + Goottnsing + ew poten | | Manage Webte 2 heen 2 sm a . sp rome = srnlsieires) ‘Sriofenenes gape Ads FT Pbiteg. pasaned Sting Scho Comet View igre 21.11: Added HEFT Chane 19. Minimize the Internet Information Services (IIS) Manager window. (CoH Lab Mana Page 1725 ‘Ethical Hacking and Countermessures Copyright © by EC Count "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography 20. Open the Google Chrome browser, type Inttpsiiwww.goodshopping.com in the addr 21. ‘The Your connection is not private message appears, click ADVANCED to proceed. bar, and press Enter. oF © > © [Bi Nemcwe| cosathoppnacom = Your connection is not private Hat improve Come scunty by sending URL ame pages you vist ed pte oman and eome fasecakent te Google Pivacyclicr gue 21.42: Cooncetion i at Private 22, Click Proceed to www.goodshopping.com (unsafe). © Pin enoe xo © > Sh notsecwe | goossropningcom * @ iat i fom Server2018, Ts server could not prove that tis www.goedshopping com: it secu ‘Mas may be caused by 9 mscontiguaion a an attacker inteteepting your connection, Figane 21.1% Proceed to Une Page (CoH Lab Mana Page 1726 ‘Ethical Hacking and Countermessures Copyright © by EC Count "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography 23. Now you can sce Goodshopping webpage with ssl certificate assigacd to it, as shown in the screenshot. © ceossteesre x + > © [a Noten | pipe immigootsnoppng.cm gue 21.14 Selsigned Cove Page 24, ‘This concludes the demonstration of creating and using a self-signed certificate. 25, Close all open windows and document all the acquired information. 26, Tur off the Windows Server 2019 virtual machine. Lab Analysis Analyze and document all the results discovered in the lab exercise, PLEASE TALK TO YOUR INSTRUCTOR IF YOU HAVE QUESTIONS ‘ABOUT THIS LAB Oves ENo Platform Supported © Classroom BiLabs (cet tab Manual Page 1727 ‘Ethical Hacking and Countermessures Copyght © by &&-Counel "Al RightsReserved. Reproduction fSrcty Prohibited.© Valuable infoom P Tos you novels B Weberercise 1D Workbook review © Toots ‘demonstrated in this lab are available in ‘ToolsiCEHV11 Module 20 (CoH Lab Manual Page 1728 ‘Module 20 - Cryptography Perform Email Encryption Exaailerrypion isthe proces of ering eel mec top te cnet ig rene by cote cer than te inte een’ Lab Scenario Currently, the majority of businesses use email as their primary source of ‘communication, asitis simple and easy to communicate or share information. Emails ‘can contain sensitive information about an organization such as projects, upcoming ‘news, and financial data, which, when accessed by the wrong person, can cause huge losses to the organization, One can protect emails containing sensitive information by ‘encrypting them. As a professional ethical hacker and penetration tester, you must have proper knowledge of encrypting email messages so that scasitive information sent through ‘emails remain intact. This lab will demonstrate how to enerypt email messages using, various email encryption tools. Lab Objectives © Perform email encryption using RMail Lab Environment To carey out this lab, you nced: # Windows 10 virtual machine © Windows Server 2019 virtual machine = Web browsers with an Intemet connection © Administrator privileges to run the tools Lab Duration ‘Time: 10 Minutes ‘Ethical Hacking and Countermessures Copyright © by EC Coun "Al RightsReserved. Reproduction fSrcty Prohibited.= TASK iS tasK Create an Account in the RMail Website (CoH Lab Manual Page 1729 ‘Module 20 - Cryptography Overview of Email Encryption Email encryption hides the email content from eavesdroppers by encrypting itinto an unreadable form, Emails can be encrypted and decrypted by means of a digital signature mechanism that uses public and private keys: the public key is shared, while the private key is kept private, There are numerous methods that can be employed for email encryption, including: * Digital Signature: Uses asymmetric cryptography to simulate the security properties ofa signature in digital, rather than written form Secure Sockets Layer (SSL): Lises RSA asymmetric (public key) encryption (o encrypt data transferred over SSL connections + Transport Layer Security (TLS): Uses a symmetric key for bulk encryption, an asymmetric key for authentication and key exchange, and message authentication codes for message integrity «Pretty Good Privacy (PGP): Used to encrypt and decrypt data that provides authentication and cryptographic privacy "GNU Privacy Guard (GPG): Software replacement of PGP and free implementation of the OpenPGP standard that is used to eneryptand decrypt data Lab Tasks Perform Email Encryption using RMail Heee, we will use the RMail tool to perform email encryption. 1, Turn on the Windows 10 and Windows Server 2019 virtu:l machines. 2, Inthe Windows 10 virtual machine and log in with the credentials Admin and PasSwOrd. Open any web browser (here, Google Chrome), typc https:iiwww.rmail.com/free-triall in the address bar, and press Enter. ‘The RMail FREE TRIAL webpage appears, as well as the registration form. Fill in the required personal details. ‘Ethical Hacking and Countermessures Copyright © by EC Count "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography © RMadisanemal 5. Check the 'm net a rebet checkbox and click Start Free Trial. soy ed hat pe — sero eddie soe Sicpenicenes fe > ¢ [eamarmeaw zJ]e ‘coi sei ge ‘eter fnccoatiy, Qi serves soumnors mone asovsecs sors CD ‘cane wah se? Seay cl patos ice Mens Oita al Ge, cen thot oem case eaoeeeab a secre fray cng Fig 3 FREE TRIAL reso om 6. ‘The FREE TRIAL - GETTING STARTED page appears; click Apps page hyperlink. @ Free Wial- Getting Stotes-AM Ko —— > © eatconieva te #8 Mail FREETRIAL == To get started, visit our[Apps page|to choose the email platform you use to send emails. Figur 312 PREP TRIAL GFT ab aul ap 1790 ‘hil Mecking and countermeasures opi © y #8 Come "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography 7. ‘The APPS & DOWNLOADS page appears; click the RMall for Gmail (Chrome) option from the available platforms. “ee ‘Note: In this task, we will be using the Gmail platform to demonstrate the a ‘working of RMail. Howeves, you can use RMail on the platform of your choice. vee-tat x Oh are ee EES LT ees jie 81.5 APTS &e DOWNLOADS pgs Cen Lab Manual Page 1731 ‘hla Macking nd Countermeasures Copyright ©by BB Come "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography 8. ‘The RMAIL FOR GMAIL (GOOGLE CHROME) page appears; scroll down and click the ADD TO CHROME button. © Wot Crore) Rand RMAIL FOR GMAIL (GOOGLE CHROME) Gmail Trackemallopens prove ems devery every prvace @nmail « Gmail gure 3.142 RMAIL FOR GMAIL (GOOGLE CHROME) page (CoH Lab Manual Page 1732 ‘Ethical Hacking and Countermessures Copyright © by EC Coun "Al RightsReserved. Reproduction I Sic Prohibit‘Module 20 - Cryptography 9. chrome web store page appears; click the Add to Chrome bucton under the RPost for Gmail option. @ Butecant cmon © Xm Henle Crone C_& cremegoagiecomcsnenidepst ergnalnanembsomigsencts Qt Be chrome web store 9 sen RPost for Gmail es nem emsve meso tattachrent fer eraey gute R15 chrome web stone page 10, ‘The Add “RPost for Gmail”? notification appears; click Add extension. @ Add “RPost for Gmail"? Itean: Read and change your data on a number of websites Show Details Read your browsing history Manage your apps, extensions, and themes Figure 3.1.46 Add “Rt for Goa? ietion (CoH Lab Manual Page 1733 ‘Ethical Hacking and Countermessures Copyright © by EC Count "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography 11. RPost is added to the browser and an RPost for Gmail has been added to Chrome notification appears. 12, Now, open a new tab in the browser and open the Gmail account within which you wish to implement email encryption. 15, Once you log in to your @mail account, the RMail pop-up appears. Click the task Set RMail in your ‘Gmail Account Thank you for choosing RMail for Gmail Pose aca he sic provide Rll acess Gal Figure 31.7 Adding Mat th account (cet tab Manual Page 1734 ‘tical Hacking nd Countermeasures Copy © by £8 Comal "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography 14, ‘The Sign in- Google Accounts page appears; under the Choose an account, click on your account. pr Googe Aceon GS signinwith Google ‘Choose an account to continue to RPost for Gmail @ Use another account Figure. Sign in - Google Account page 15. The RPost for Gmail wants to access your Google Account wizard appears; click the Allow button, Tpnm GoopeRcors RPost for Gmail wants to access your Google Account . ‘This wil allow RPost for Gmail te IML eat compose, send nd permanent delete oll) your enal tom Gmal BE see,ecit dowiond and permanent delete your) contacts Make sure you trust RPost for Gmail Yournay be shatng senshi ffo wih this seo ap, Lea abot now Rost for Gmat wil hare you data by revewingnsterms of seriee and privacy piles. You can aay se or emveactessin your Google Account gure 3.19: Rot foe Ga wanes aces you Google Account wizard Learn about te ok (CoH Lab Manual Page 1735 ‘Ethical Hacking and Countermessures Copyright © by EC Count "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography 16. The Thank you For Choosing RMall page appears. Close the tab and navigate back to your Gmail account page. SB _tasK ‘Compoce an 17. Click Compose from the left-hand pane; the email body appears. Compose Email ‘an email and click Send Registered. © & matgoogiecommsistabimaosbeeboricmpo%ePm M cma anes Sale Mode 2019) oe (128) nm Sms Te BT iene 31.10 Compose an eal Doan 18. The RMail Track & Prove pop-up appears; ensure that the Marked radio enmanounes buttonis selected. Under the Register Replies section, check the Receive ae proof of content and time of replies to this message checkbox. ‘Then, = click the Enerypt cab. Cen Lab Manual Page 1736 ‘hla Macking nd Countermeasures Copyright ©by BB Come "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography > © malasopacominataniut-mieginte ngs 1 facto pel samen nip Sra et 29 2 z Fg 31.11 Taek & Prove tb 19. In the Enerypt tab, check the Enerypt message and any attachments checkbox and click the E-sign tab. athe Tign Sane | PO Cowen Encrypt Proc you emai wih encryption for pracy. Password Option (© Automatic - (Mal system gnats random decrypton acevo and sdomateseenas fo recilent yest) (© Custom - accion mus ays vee custom deorstan ° ge 31.12: Encrypt ab (CoH Lab Manual Page 1737 ‘Ethical Hacking and Countermessures Copyright © by EC Count "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography 20. In the E-Sign tab, check both the Send your attachments for electronic ‘signature and Send e-sign request encrypted checkboxes. Click the Send Registered button. Track & Prove | Encrypt ‘SideNote | PDF Convert E-Sign @wmail ‘Send an email requesting the “To” recipient(s) to electronically sign attached POF andior Microsoft Ofice files. You and all recipients will receive a signed copy afterall parties complete the signing process % Send your attachments for electronic signature. Signing order (for multiple recipients only): © First come: Recipients can sign in any order ‘Sequential: Send to the recicients in the order they are listed inthe To" tid ‘Add Eneryption ‘Send e-sign request encrypied Features Selected: Track & Prove Encrypted E-Sion Fipue 3113 Figo 21, In the Inbox, you can observe an Acknowledgement cml with Proof of, Sending 22. In this task, for the purpose of demonstration, we will open the recipient's account and view the email. 23. To do so, switch to the Windows Server 2049 virtual machine and log in BS rasn ts. with Administrator /PaSSwOrd. Login as 24, Open any web browser (here, Google Chrome) and log in to the Gmail Recipient account of the recipient. Open the email from the sender. 25. You can observe that the email received is tagged as a registered email wherein a document has been sent for the recipient to review and electronically sign to confirm his/her identity. (CoH Lab Manual Page 1738 ‘Ethical Hacking and Countermessures Copyright © by EC Coun "Al RightsReserved. Reproduction fSrcty Prohibited.(CoH Lab Manual Page 1739 ‘Module 20 - Cryptography 26. Click the View & Sign Document button to sign an agreement. Registered: Business Strategy Model. intorx Mail Electronic Signature Request - Transmitted Securely curanthas been st for you to ically sgn. Please ck he ylow requesting by reping button snot active plesse copy and peste tink into your web owner tpsJsin 1 ast net/dcuments igo igs EP SOD MING YORIEW zsar11020 Oiaer snes staesy— gr igure 3.1.14 Beal rom the sender 27. A new ESign webpage appears displaying the email content; click CONTINUE. Mapa kisah x @ ora + @mail ‘Ethical Hacking and Countermessures Copyright © by EC Count "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography 28. ‘The Instructions: How To E-Sign page appears; read the instructions carefully and click CONTINUE. M topnc Rarenseanyh x @ 59 & > & esgnrepeetnatOccimertsionsoss E-Sign Instructions: How To E-Sign Review The Agreement Bieegedbewrcvon stan Ad Yost Optiona!) the "Chet Type utlon and ads tn ees ge 3.1.16 astro: Hove To BS pg (CoH Lab Manual Page 1780 ‘Ethical Hacking and Countermessures Copyright © by EC Count "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography 29. The attached document to the email (Business Strategy Model (2019)) appears, as shown in the screenshot. 30. After viewing the attached document, click FINISH. Mipoaiansaye OS coe @wmail E-Sign Business Strategy Model Por Inception Tech (2019) Figae 31.17 Aticheddocument (CoH Lab Mana Page 1783 ‘Ethical Hacking and Countermessures Copyright © by EC Count "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography 31. The Final Step - Please Complete the Information Below page appears with the Document Signature form, In the Please enter your name field, cater your name (Recipient's name) and leave the Title ficld blank. 52. Click the Draw It tab, sign in the field below and dlick the Click to Sign burton. Meta @ hater @waii E-Sign ee Document Signatur Fig 3.1 Find Step: ase Complete dhe Infomation Below page (CoH Lab Manual Page 1782 ‘Ethical Hacking and Countermessures Copyright © by EC Count "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography 33. The YOU'RE ALL DONE! page appears; close the current tab to return to the opened email. Click tnbox from the lefi-hand pane to navigate to the inbox. 34. Open an email from RPest eSignOff Service. You can observe that it is an acknowledgment email from RPost along with various details such as Signed By, Date, Time, Original Recipient, IP, Message Id, cc Registered: Re: Business Strategy Model b= ‘ot eignot Sec gat Rep ee onak on igure 3.1.19 RPonteSignO Service ema (CoH Lab Manual Page 1783 ‘Ethical Hacking and Countermessures Copyright © by EC Coun "Al RightsReserved. Reproduction fSrcty Prohibited.© Youcanshouse ‘cereansteacyion tools suchas Vie (heaps /wesienscom), ZixMait (hips fe rixcomco. 1, Egress Secure Email und Fle Transfer (ape: /wwwegesscom) and Proofpoint Email Protection (tips / free prin com) taper ema ‘exeyption, (CoH Lab Manual Page 1704 ‘Module 20 - Cryptography 35. Now, return to the Windews 40 virtual machine, where the sender's account is opened. In Inbox, you can observe two emails (Receipt and RPost eSignOff Service). Click to open the Receipt cmail. Note: You might receive a Receipt mail in the RMail Receipts inbox folder present in the left-hand pane. 36. The Receipt email contains information about the Delivery Status, Message Envelope, inci Message Statisties of the sent email, as shown, in the screenshot, 37. The Receipt email also includes the DeliveryReceipt and HtmiReceipt attachments containing detailed information regarding the sent email Receipt: Business Strategy Model == ocr act een Waconia ‘Tee recaot catamaran tour Ros wat, ‘Thera of neces pou ode ese on acter oer sof nec edn andrecest Droensgensevon secs heen abney heel eyed renner een rae Tommie ren ert eal be amet ely as et ims oer oe 212 oF igure 31.20 Recep mal 38. Now, navigate back co the Inbox and open an email from RPost eSignOft Service. This email contains the same information as the email received from RPest eSignOff Service by the recipient. ‘Ethical Hacking and Countermessures Copyright © by EC Coun "Al RightsReserved. Reproduction fSrcty Prohibited.(CoH Lab Mana Page 1785 ‘Module 20 - Cryptography 39. ‘This concludes the demonstration of performing email encryption using RMail. 40. Close all open windows and document all the acquired information, 41 ‘umn off the Windows 10 and Windows Server 2019 virtual machines. Lab Analysis Analyze and document all the results discovered in the lab exercise. PLEASE TALK TO YOUR INSTRUCTOR IF YOU HAVE QUESTIONS ABOUT THIS LAB Platform Supported Classroom HiLabs ‘Ethical Hacking and Countermessures Copyright © by EC Coun "Al RightsReserved. Reproduction fSrcty Prohibited.2 Vatable F Tox yor Ince B Wobesercise 1 Workbook review © Toots ‘demonstrated in this lab are available in ‘ToolsiCEHvt1 Module 20 Cryptography (CoH Lab Mana Page 1746 ‘Module 20 - Cryptography Perform Disk Encryption Disk encryption encrypts every bit and byte of data stored om a disk or a disk volume, dus preventing ileal acess data storage Lab Scenario Disk encryption is a technology that protects the confidentiality of the data stored ‘ona disk by converting it into an unreadable code using disk encryption software or hardware, thus preventing unauthorized users from accessing it. Disk encryption provides confidentiality and privacy using passphrases and hidden volumes. As a professional ethical hacker or pen tester, you should perform disk encryption in order to prevent seasitive information from unauthorized access. Disk encryption works in a manner similar to text-message encryption and protects data even when the OS is not active. By using an encryption program for the user’s disk (Blue Ray, DVD, USB flash drive, External HDD, and Backup), the user can safeguard any of all information burned onto the disk and thus prevent it from falling into the wrong hands. Disk-encryption software scrambles the information burned on the disk into an illegible code. It is only after decryption of the disk information that one can read and usc it ‘This lab will demonstrate the use of various disk encryption tools to perform this technique Lab Objectives © Perform disk encryption using VeraCrypt * Pesform disk encryption using BitLocker Drive Encryption Perform disk encryption using Rohos Disk Encryption Lab Environment ‘To carry out this lab, you need: Windows 10 virtual machine © Administrator privileges to run the tools © Web browsers with an Internet connection ‘Ethical Hacking and Countermessures Copyright © by EC Coun "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography * VeraCrypt located at EAGEH-Tools\CEHv11 Module 20 CryptographyiDisk Encryption Tools\VeraCrypt * Rohos Disk Encryption located at E\CEH-ToolsiCEHv11 Module 20 Cryptography\Disk Encryption Tools\Rohos Disk Encryption © You can also download the latest version of the above-mentioned tools from their official websites. If you decide to download the latest versions, the screenshots shown in the lab might differ. Lab Duration “Time: 30 Minutes Overview of Disk Encryption Disk encryption is useful when the user needs to send sensitive information through email. In addition, disk enceyption can prevent the real-time exchange of information from threats, When users exchange encrypted information, it minimizes the chances of compromising the data; the only way an attacker could access the information is by decrypting the message. Furthermore, encryption software installed on a user's system ensures the security of the system. Install encryption software on any systems that hold valuable information of on those exposed to unlimited data transfer. Lab Tasks Dtask a Perform Disk Encryption using VeraCrypt Here, we will use the VeraCrypt tool to perform disk encryption. 1. ‘Turn on the Windows 10 virtual machine and log in with the credentials Admin and Pa$Sword, 2. Navigate 10 EACEH-ToolsiCEHv14 Module 20 Cryptography\Disk Sirasw 1.4 Encryption Tools\WeraCrypt and double-click VeraCrypt Setup 1.24- Hotfixt.exe. Install and Launch VeraCrypt_ Note: If the User Account Control pop-up appears, click Yes. 3. Veracrypt Setup Wizard appears, click OK. ge 41: Venope Sap Wid 4. Follow the steps to install the application using all default settings. (CoH Lab Manual Page 1787 ‘Ethical Hacking and Countermessures Copyright © by EC Count "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography 5. After the completion of the installation, the VeraGrypt has been Veotaptisa pr successfully installed wizard appears; then, click Finish. cab a heay PE WeatnptSaup 122 Hota % Grenson” | veraryptn ben sccm aed “ CERNSERARET | ene conser mating denaton Yau can ek ich anime ts cose the tale. — inant compet at eis Seed endcecyyed ot cise ncn No dinanead onan nerpted volume cin be Soot omen len tan erty teal leenptd) thot nsider making a donation. wont vont) or trent een Teeue degen compte pH es ae ttm ear Fac 12 VeaCnpe tin ben ic inalll wiand 6. A VeraGrypt Setup notification appears then, click Ne. 7. Click the Start icon in the bottomleft comer of Desktop and click Veratrypt from the applications to launch VeraCrypt. oe Figure 415: Launch Vong (CoH Lab Manual Page 1788 ‘Ethical Hacking and Countermessures Copyright © by EC Count "Al RightsReserved. Reproduction fSrcty Prohibited.Module 20- Cryptography 8. ‘The VeraGrypt main window appears; click the Greate Volume button, an woecibe Mu <) [Sees WO er savory Vole Took. Select Deve. Mount ‘Auto Mount Devices Deraunt Al eat Fg 14: Veep ni wide 9. The Veratrypt Volume Creation Wizard window appears. Ensure that the Create an encrypted file container raclio-button is selected and click Next to proceed. ‘Vortapr ebm Comer aaa ‘VeraCrypt Volume Creation Wizard ‘Cement. on system parton /érve ‘et aronaysenpttenen ay renee dee 2a Se) Open oats sen dae. teryecthe sistem pan or entre system dre Set Pepe ttre ee dos ena Anerestia vas {pr Ses suns stan em sede sy nr te ered pamerd ett tne bale rdom boc Couray comer Nico VeraCrypt Figure 4.15: VeaGpt Volare Craton Wid (CoH Lab Manual Page 1789 ‘Ethical Hacking and Countermessures Copyright © by EC Count "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography 10. In the Volume Type wizard, keep the default settings and click Next 11, In the Volume Location wizard, click Select File... WEE NOE Cn Wea = Ea ‘Volume Location eve covenenry ‘averact vole can eae fe aed veracrpt corte), ich cn ee {pecan seers yore: yeu sli ong fe, Yeserpt MA NOT eres ee lbs Figure 4.162 VersCpt Volume ction Wizard Volume Location 12. The Speeify Path and File Name window appears; navigate to the desired location (here, Desktop), provide the File name as My Volume, and click Save. W Speci Path and Fe Name © TBS ThePe > Desktop + 0] | Search Destop Organize © New older tame ae oe cnc seceee - a (2) Documents ay Eris ¢ Dy Advanced Encry ¥ € Figure 41.7 Spey Pah and File Nase Window (CoH Lab Manwal Page 1750 ‘Ethical Hacking and Countermessures Copyright © by EC Count "Al RightsReserved. Reproduction fSrcty Prohibited.‘Module 20 - Cryptography 13. After saving the file, the location of a file containing the VeraGrypt volume appears under the Volume Location field; then, click Next. Weipa Crest Wand ‘Volume Location Cte ireeep hy ane ‘set. nee sovenetey sarpiranemra amar me eo Serer te eee Seekers eer ns yan: 1 yausdet an etn Me, verncrat MINOT eno: he Rene eke conces whe ey aces oar cana aud bee Siesta ese 09 by va ew tesa oan Paes Veracrypt Fig. VeraCipt Voli Cetin Wizard: Volume Location 14, In the Eneryption Options wizard, keep the default settings and click Next. 15. In the Volume Size wizard, cnsuse that the MB tadio-button is sclected and specify the size of the VeraCeypt container as 8; then, click Next [er Weep cone Creslon Wied Volume Size EJ oe Oe on Feo space on dive Cl 2.77 GB Pee spect Hes of te tare ya nt cet Ifyou cents a as ope Re entre, the parameter est te oemom peste ne ote a ne mrp ae of FAT vine #290, The un posele sc ofmeiatveime's shh erm pane se fs Nl e SBN he mma snmp so oven vaumes igure 419% VraCnpe Volume Crasion Wiad Volume Sie (CoH Lab Manual Page 1752 ‘Ethical Hacking and Countermessures Copyright © by EC Coun "Al RightsReserved. Reproduction fSrcty Prohibited.(CoH Lab Manual Page 1752 ‘Module 20 - Cryptography 16. ‘The Volume Password wizard appears; provide a strong password in the Password field, retype in the Confirm ficld, and click Next. The password provided in this Iab is qwerty@123. VeraCrypt Figure 4.102 VenGnpe Volume Crain Wid: Volume Password ‘Note: A VeraCrypt Volume Creation Wizard warning pop-up appears; then, click Yes. 17. The Volume Format wizard appears; ensure that FAT is selected in the Filesystem option and Default is sclected in Cluster option. 18. Check the checkbox under the Random Pool, Header Key, and Master Key section. 19. Move your mouse as randomly as possible within the Velume Creation Wizard window for at least 30 seconds and click the Format button. PE Ven VBE CeaTeN WS gue 42.11: VeraCipt Volame Creation Winad-Volume Format ‘Ethical Hacking and Countermessures Copyright © by EC Coun "Al RightsReserved. Reproduction fSrcty Prohibited.