Social Icons

Sunday, August 13, 2017

Whonix : Debian GNU/Linux based Security-focused Linux distribution

1.     Even if one is not doing anything wrong, he is being watched and recorded in real time as Edward Snowden revealed few years back. Most Internet users value online anonymity, with majority saying they have taken steps to remove or mask their digital footprints, and  reporting that they have taken steps to avoid being observed by specific people, organizations, or governments.Whonix is a Debian GNU/Linux based security-focused Linux distribution which aims to provide privacy, security and anonymity on the internet. The operating system consists of two virtual machines, a "Workstation" and a Tor "Gateway", running Debian GNU/Linux. All communications are forced through the Tor network.This post gives you screen-shots of installation and execution of the virtual appliances involved.

2.    The Gateway VM is responsible for running Tor, and has two virtual network interfaces. One of these is connected to the outside Internet via NAT on the VM host, and is used to communicate with Tor relays. The other is connected to a virtual LAN that runs entirely inside the host.

3.    The Workstation VM runs user applications and is connected only to the internal virtual LAN, and can directly communicate only with the Gateway, which forces all traffic coming from the Workstation to pass through the Tor network. The Workstation VM can "see" only IP addresses on the Internal LAN, which are the same in every Whonix installation.

4.  Download the two virtual machines ie the Gateway and the workstation from https://www.whonix.org/wiki/VirtualBox

5.   Once you download the two machines as above from the link in reference,the following screen-shots will assist you in installation of the same.The two downloaded files are seen below : 
Instead of typically creating a virtual machine and then mounting a vdi,in this case more simply we have to just import the .ova appliance,rest is in auto mode.
Next
Next
Agree to the T&C
Next
Will take few minutes loading
Next
Import
Agree again
Import appliance of the workstation
So u have two machines in the virtualbox console as seen in the bottom two listing below :
Just click both with the start button...and the machine start



Next
Next
Next
Ok
Updated TOR download



Here we see the IP address relating to Budapest Hungary....and thats surely not the user....:-)

Sunday, July 23, 2017

Kali Linux 2 : Installing and Setting up OPENVAS

1.     This post will be useful for users who have just installed Kali Linux 2 and wish to install and setup OPENVAS.OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. The framework is part of GreenBone Networks commercial vulnerability management solution from which developments are contributed to the Open Source community since 2009. 

 2.   The following set of commands vide a Kali terminal will be in the following sequence :

:~ apt-get update
:~ apt-get -y upgrade
:~ apt-get install openvas
:~ openvas-check-setup

after you run the open-check-setup command ,there is a possibility of something going wrong during installation...if there are some errors ...do the following at the terminal

:~ openvasmd --rebuild

next you might be prompted to create a user

:~ openvasmd --create-user= --role=Admin && openvasmd --user= --new-password=yourpassword

:~ greenbone-certdata-sync

Run the check setup again :

:~ openvas-check-setup


 the check setup screen should look like below :

 Final step to the access will need to browse you at the link as below to access Greenbone web interface

https://localhost:9392


 Thats all...start exploring the interface

Generate Public Key- Private Key Pair and Test them

The Public and Private key pair comprises of two uniquely related cryptographic keys.The Public Key is made available to everyone via a publicly accessible repository or directory. On the other hand, the Private Key must remain confidential to its respective owner. Because the key pair is mathematically related, whatever is encrypted with a Public Key may only be decrypted by its corresponding Private Key and vice versa.In this post we will see how to generate a set of private and public keys and then test to encrypt with public and decrypt with private key.I have a Ubuntu system...and I attempt all here on the terminal.The following commands will be used as we work with RSA keys:

openssl genrsa: Generates an RSA private keys.
openssl rsautl: Encrypt and decrypt files with RSA keys.
openssl rsa: Manage RSA private keys (includes generating a public key from it).

Firstly to generate the key,the terminal command will be as follows and shown in the screenshot :

 :~ openssl genrsa -des3 -out private.pem 2048

 The following command will generate a public key from the private key generated above
: ~ openssl rsa -in private.pem -outform PEM -pubout -out public.pem
 So now we have generated a set of private key and public key with the extension .pem
 To just verify the generation,chk the contents inside as seen below :

:~ more public.pem
 :~ more private.pem
 Use the following command to generate the random key:
 :~ openssl rand -base64 128 -out key.bin
 Encrypt the sample pdf or any other file you want to encrypt with this key vide the following command :

:~ openssl enc -aes-256-cbc -salt -in anupam.pdf -out anupam.pdf.enc -pass file:./key.bin
 So now you have the original file here anupam.pdf and the encrypted file as anupam.pdf.enc
 We see that the files do not have much of a size difference but the file is encrypted.
Now use the following command to encrypt the random keyfile with the other persons public key:

:~ openssl rsautl -encrypt -inkey public.pem -pubin -in key.bin -out key.bin.enc
 The key.bin is encrypted now.
: ~ openssl rsautl -decrypt -inkey private.pem -in key.bin.enc -out key.bin1
 and finally we decrypt the pdf.enc file to original .pdf extension

:~ openssl enc -d -aes-256-cbc -in anupam.pdf.enc -out anupam1.pdf -pass file:./key.bin

Thursday, June 22, 2017

BLOCKCHAIN and BITCOIN : A TECHNICAL OVERVIEW

Presented a talk on "Blockchain and Bitcoins : A Technical overview" for the Summer Interns at Gurgaon Commisioner of Police Office.The program was being conducted under aegis of Rakshit Tandon .

Sharing the same here that brings out the technical side involved in the awesome technology ...aka BLOCKCHAIN


Sunday, June 18, 2017

Broadcom Wireless Drivers Installation : Ubuntu[SOLVED]

While one installs a fresh Ubuntu OS in any machine,typically he finds an initial deterrent as the Wifi adapter is not found  installed.This post gives a step by step direction on how and what to do,to get the Wifi working....and this happens since the same is not installed by default.

Since the PCI.ID initials for any Wifi broadcom adapter is prefixed 14e4,thus first we need to find the exact PCI.ID

Type 
lspci -nn -d 14e4:
  
Once you get the PCI.ID,you just need to ref the following table and find the corresponding driver to be installed.In our case is 14e4:4365 rev 01,so we choos the corresponding bcmwl-kernel-source
PCI.ID              14.04 LTS                        16.04+
------------------------------------------------------------------------------------
14e4:0576           Special Case #1                   UNKNOWN      
14e4:4301           firmware-b43-installer            firmware-b43-installer      
14e4:4306           firmware-b43-installer            firmware-b43-installer      
14e4:4306 rev 02    firmware-b43-installer            firmware-b43-installer      
14e4:4306 rev 03    firmware-b43-installer            firmware-b43-installer      
14e4:4307           firmware-b43-installer            firmware-b43-installer      
14e4:4311           firmware-b43-installer            firmware-b43-installer      
14e4:4311 rev 01    firmware-b43-installer            firmware-b43-installer      
14e4:4312           firmware-b43-installer            firmware-b43-installer      
14e4:4313           firmware-b43-installer            firmware-b43-installer               
14e4:4315           firmware-b43-installer            firmware-b43-installer      
14e4:4315 rev 01    firmware-b43-installer            firmware-b43-installer
14e4:4318           firmware-b43-installer            firmware-b43-installer                
14e4:4318 rev 02    firmware-b43-installer            firmware-b43-installer                
14e4:4319           firmware-b43-installer            firmware-b43-installer               
14e4:4320 rev 02    firmware-b43-installer            firmware-b43-installer               
14e4:4320 rev 03    firmware-b43-installer            firmware-b43-installer            
14e4:4321           firmware-b43-installer            firmware-b43-installer  
14e4:4324           firmware-b43-installer            firmware-b43-installer        
14e4:4325           firmware-b43-installer            firmware-b43-installer      
14e4:4328           firmware-b43-installer            firmware-b43-installer         
14e4:4329           bcmwl-kernel-source               bcmwl-kernel-source        
14e4:432a           bcmwl-kernel-source               bcmwl-kernel-source        
14e4:432b           bcmwl-kernel-source               bcmwl-kernel-source        
14e4:432c           bcmwl-kernel-source               bcmwl-kernel-source        
14e4:432d           bcmwl-kernel-source               bcmwl-kernel-source       
14e4:4331           firmware-b43-installer            firmware-b43-installer          
14e4:4335           firmware-b43-installer            firmware-b43-installer      
14e4:4350           firmware-b43-installer            firmware-b43-installer  
14e4:4353           Special Case #1                   UNKNOWN        
14e4:4353 rev 01    Special Case #1                   UNKNOWN                 
14e4:4357           Special Case #1                   UNKNOWN        
14e4:4358           bcmwl-kernel-source               bcmwl-kernel-source
14e4:4359           bcmwl-kernel-source               bcmwl-kernel-source       
14e4:4360           bcmwl-kernel-source               bcmwl-kernel-source    
14e4:4365           bcmwl-kernel-source               bcmwl-kernel-source      
14e4:4365 rev 01    bcmwl-kernel-source               bcmwl-kernel-source      
14e4:43a0           bcmwl-kernel-source               bcmwl-kernel-source
14e4:43ae rev 02    UNKNOWN                           UNKNOWN     
14e4:43b1           bcmwl-kernel-source               bcmwl-kernel-source        
14e4:43b1 rev 03    bcmwl-kernel-source               bcmwl-kernel-source              
14e4:4727           bcmwl-kernel-source               bcmwl-kernel-source        
14e4:4727 rev 01    bcmwl-kernel-source               bcmwl-kernel-source        
14e4:a962           firmware-b43-installer            firmware-b43-installer
Thats all folks...ready to go

Sunday, February 26, 2017

BITCOIN FORENSICS

1.  The increased use of cryptocurrencies such as Bitcoin among private users and some businesses has opened a new avenue of research in the field of digital forensics involving cryptocurrencies. Since the creation of Bitcoin in 2008, cryptocurrencies have begun to make a presence in the world of e-commerce. Cryptography serves as the underlying foundation for Bitcoin, which gives it the benefits of confidentiality, integrity, nonrepudiation and authentication. Having been designed and built upon the foundation of these four objectives makes Bitcoin an attractive alternative to mainstream currency and provides users with the benefits of payment freedom, security, very low fees, and fewer risks for merchants.This presentation brings out the FORENSICS aspects as associated with BITCOINS.

2.  I gave this presentation at DICE-2017 http://digitalinvestigatorsassociation.org/dice/

3.  Sharing the copy here for info please to all interested neitizens

4.   Few pics enclosed below :








5.    A small clip from the conference below


Sunday, September 25, 2016

Privacy Concerns & Server Locations : Hike-Telegram-Whatspp

1.    I have always seen and observed discussions amongst my friends and circle about which Chat Messenger is safe and which is not in terms of safety and privacy aspects.Whether the servers are located inside the country or they are off-shores,how their data is shared and how is their privacy likely to be compromised bu third parties.....So to just do a over view check,here I present an over view of such FAQs in context of Server Locations and data sharing aspects,primarily sourced from the original websites.

Powered By Blogger