Exploits related to Cryptography

Algorithm

AES (Advanced Encryption Standard)

AES-CBC Bit Flipping Attack

AES-CBC Padding Oracle Attack

AES-ECB Padding Attack

Ansible Vault Secret

Atbash Cipher

Base32, Base64

Caesar Cipher

Camellia Cipher

Certificates

Cryptography

Diffie-Hellman Key Exchange

ECC (Elliptic Curve Cryptography)

ECDSA (Elliptic Curve Digital Signature Algorithm)

Fernet

GPG (GNU Privacy Guard)

HMAC

KDBX Files

Length Extension Attack

MD4, MD5

Multi-Tap Cipher

NTLM, NTLMv2

PEM (Privacy Enhanced Mail)

PGP (Pretty Good Privacy)

PKCS (Public-Key Cryptography Standards)

RAR (Roshal Archive)

RIPEMD

ROT13, ROT47

RPNG (Pseudo Random Number Generator) Guessing

RSA (Rivest Shamir Adleman)

SHA1 Hash Collision Attack

SHA1, SHA256, SHA512

Transposition Cipher

Vigenere Cipher

Key Derivation Function

Bcrypt

PBKDF2

Scrypt

Tool

John the Ripper

Math

Chinese Remainder Theorem

Exponentiation

GCD (Greatest Common Divisor)

Modular Congruence

Quadratic Residue

Bit Wise Operation

AND Bitwise Operations

OR Bitwise Operations

Shift Bitwise Operations

XOR Bitwise Operations

Conversion

Convert Binary to Int in Python

Convert Bytes to Hex in Python

Convert Bytes to Int in Python

Convert Bytes to Matrix in Python

Convert Bytes to String in Python

Convert Character to Binary in Python

Convert Character to Unicode in Python

Convert Hex to Bytes in Python

Convert Hex to Int in Python

Convert Int to Binary in Python

Convert Int to Bytes in Python

Convert Int to Hex in Python

Convert Int to String in Python

Convert Matrix to Bytes in Python

Convert String to Binary in Python

Convert String to Bytes in Python

Convert String to Int in Python

Convert Unicode to Character in Python

Zero Padding in Python

Others

NTLM, NTLMv2

Last modified: 2023-02-05

Cryptography Windows

Windows New Technology LAN Manager (NTLM) is a suite of security protocols.

Hash Formats

The NTLM hash format is a bit comfused, but it looks like the following.
When cracking, we can copy them as they are and paste it.

# NTLM
b4b9b02e6f09a9bd760f388b67351e2b

# NTLMv2 (NetNTLMv2)
admin::EXAMPLE:aaaaaaaaaaaaaaaa:05e616169cf91bd88952bc3ef021dbaf:010100000000000080fc3d82a538d90182f1dba634ba98dd000000000100100053006b005400410052006e00520064000300100053006b005400410052006e0052006400020010006700480068007500670042006200470004001000670048006800750067004200620047000700080080fc3d82a538d901060004000200000008003000300000000000000000000000003000007c8dad06f879f804f9ee43a11aeaf5bf40609db4020697af76cd06f80d81241b0a0010000000000000000000000000000000000009001a0063006900660073002f00310030002e0032002e0034002e0033000000000000000000

Decrypt

There are online cracking tools sucy as CrackStation available.

We can simply run the following command without specifying the hash format (auto detected).

john --wordlist=wordlist.txt hash.txt

NTLM

john --format=nt --wordlist=wordlist.txt hash.txt
# or
hashcat -m 1000 -a 0 hash.txt wordlist.txt

NTLMv2

john --format=netntlmv2 --wordlist=wordlist.txt hash.txt

Pass The Hash

Also we can use NTLM hashes to login Windows system via some protocol such as WinRM.

Tools by HDKS

Automatic web fuzzer.

Auto reconnaissance CLI.

Hash identifier.