## Quiz & Report
- Quiz
    - same format as quiz 1
    - 30 min
    - multiple choice
    - covers course materials up to this point
- Report
    - available on the website
    - at least 3 pages long
    - primarily a technical paper on how a tool works
        - i.e. what happens under the hood
    - must include a demonstration of the tool
    - **use a tool that is not covered in the course**
        - i.e. not nmap, zenmap, nessus, metasploit, etc.
    - include diagrams, screenshots, etc.
    - include citations
    - suggested LaTex template
        - https://www.acm.org/publications/proceedings-template
``` Report Grading Schema
Maximum number of points: 25 pts

Report:
1. (out of 4 pts) Organized and structured:
   a.(out of 2 pts) Appropriate length and structured using sections (and subsections): Introduction, Motivation, …, Conclusions, References
   b.(out of 2 pts) Pictures/diagrams and tables are numbered and have a title (may also have a brief description)

2. (out of 17 pts) Content:
   a.(out of 2 pts) Was the report focused on the given main topics/questions? 
   b.(out of 3 pts) Did the report have a logical order? Was it informative and clear? Were all the technical terms defined (e.g., spell-out acronyms and define them)?
   c.(out of 7 pts) What was the "demo component" and how was it covered? 
   d.(out of 5 pts) Was the report well-researched and without major errors?

3. (out of 4 pts) Language and Readability:
   a.(out of 2 pt) Academic/formal language
   b.(out of 2 pt) Easy to read and follow
```

## Password Cracking
- passwords can be cracked or guessed
    - weak passwords are easy to remember but also easy to guess
- guessing
    - automated trial of default and well known passwords
    - advantage: no special access or effort required
    - disadvantage: likely to be detected or logged
    - Tools
        - THC-Hydra & Medusa
            - *The Hacker's Choice*
            - fast network logon crackers
            - guess passwords on many network services
            - THC and Medusa work different ways but complement each other
        - Forking vs. Threading
            - forking: creates a new process as a copy of the current process
                - crashing a forked process does not affect the parent process
                - each process has its own memory space
            - threading: creates a new thread within the current process
                - crashing a threaded process crashes the parent process
                - threads share memory space
            - both achieve parallelism
            - hydra uses forking
                - more stable
            - medusa uses threading
                - more efficient
        - Hydra
            - `hydra -s 21 -L userlist.txt -P passwordlist.txt -vV 172.16.30.101 -f ftp`
                - `-s`: port number
                - `-L`: user list
                - `-P`: password list
                - `-vV`: verbose
                - `-f`: stop after first valid password found
        - Medusa
            - `medusa -h 172.16.30.101 -U userlist.txt -P passwordlist.txt -M ftp`
                - `-h`: host
                - `-U`: user list
                - `-P`: password list
                - `-M`: module
- cracking
    - more sophisticated than guessing
    - start with a copy of the authentication database
        - either a hashed copy or an encrypted copy
    - run a tool that attempts to crack the hash or encryption
    - advantage: can be done offline and without detection
    - disadvantage: requires access to the database which may involve detection
    - hashes
        - a hash is a one-way function
        - also called a digest
        - reveals whether two inputs are the same without revealing the inputs
        - hash size is fixed
        - collision: two different inputs produce the same hash
            - if the hash is large enough, collisions are extremely unlikely
    - encryption
        - reversible
        - reveals the inputs if the key is known
        - usually, ciphertext size = plaintext size + padding
    - hashes are good for integrity checks
        - if the hash of a file is the same as the hash of the original file, the file has not been altered
            - web hosted downloads should have the hash hosted on a different site
                - if the download site is compromised, the hash site is likely not
                - if hosted on the same site, a fake hash can be hosted if the download is compromised
        - if the hash of an entered password is the same as the hash in the database, the password is correct

# 08Oct24

## Report 1
- what a tool does vs how it works
    - may want a diagram for what it does
    - almost certainly need a diagram for how it works
        - inner workings
        - outputs
        - performance metrics
    - what it does
        - diagram describes behavior
    - how it works
        - diagram describes structure
        - describe components
- short paper can still be good

### Cryptography Basics
- mathematical method of protecting information
    - part of but not solely responsible for security
- used to remediate deficiencies in other security measures
- primitives
    - hash
    - symmetrical encryption/decryption
    - asymmetrical encryption/decryption
    - digital signatures
- using crypto primitives
    - build security protocols
        - SSL/TLS
            - SSL: Secure Socket Layer
            - TLS: Transport Layer Security
                - successor to SSL
            - used to secure web traffic
    - build more complex security systems
        - PKI (Public Key Infrastructure)
            - certificate authorities
            - used to verify the identity of a website

### Hash
- one-way function
    - $H(x) = y$
    - can't get $x$ from $y$
    - should be collision resistant
- **integrity** check
    - hash the original data
    - hash the received data
    - compare the hashes
- hash function is not assumed to be secret
    - only the data is secret
- salting
    - extra text added to the data before hashing
    - used to increase input space of the hash
    - makes brute force attacks more difficult

### Symmetric Encryption
- same key for encryption and decryption
    - $c = E(m, K)$
        - $c$: ciphertext
        - $m$: message
        - $K$: key
    - $m = D(c, K)$
- Kerckhoff's Principle
    - *A cryptosystem should be secure even if everything about the system, **except the key**, is public knowledge.*
- the problem
    - every party in a conversation needs a copy of the key
    - key distribution & management become difficult
    - leads to O(n^2) keys for n parties to communicate
        - i.e. every party needs a key for every other party
- openSSL for encrypting an aes key
    - `openssl  -aes-256-cbc -pbkdf2 -in file.txt -out file.enc`
        - `-aes-256-cbc`: encryption algorithm
        - `-pbkdf2`: key derivation function
            - used to derive a key from a password
        - `-in`: input file 
        - `-out`: output file
    - `openssl enc -d -aes-256-cbc -pbkdf2 -in file.enc -out file.txt`
        - `-d`: decrypt

### Asymmetric Encryption
- every party has a pair of keys
- public and private keys
    - $c = E(m, K_{pub})$
    - $m = D(c, K_{priv})$
- public key is shared
- private key is kept secret
    - hard to infer the private key from the public key
    - easy to infer the public key from the private key
- public key is used to encrypt
- private key is used to decrypt
- still follows Kerckhoff's Principle because the private key is secret
- key generation
    - creates a public/private key pair
    - usually involves a pseudo-random number generator
- advantage
    - does not require O(n^2) keys
    - public key can be shared with anyone in plain text
- disadvantage
    - much slower than symmetric encryption
- openSSL for creating an RSA key pair

# 17Oct24
- SSH (Secure Shell)
    - used to connect to remote systems
    - **should be using keys instead of passwords**
    - SSH server
        - will have the public key $K_{pub}$
            - ~/.ssh/.authorized_keys 
        - keeps port 22 open and listens for connections
    - client 
        - will have the private key $K_{priv}$
            - ~/.ssh/id_rsa
            - password protected
    - allows for a secure channel between client and server
        - messages are sent using a shared secret key
        - messages are authenticated via message authentication code (MAC)
        - public key is used by the server to authenticate the client
        - SSH supports other kinds of authentication but they should occur over the secure channel
        - challenge-response protocol
            - server gains zero knowledge of the private key of the client
            - the hash function "isolates" the private key
                - the server can't use the hash to impersonate the client
        - authentication of a client
            - server can send a message $\{m\}_{K_{pub}}$ to the client
            - client can return hash $H(m)$ to the server to prove its identity
            - assumptions
                - the private key is kept secret
    - the only insecure part is the initial key exchange

- SSH Agent
    - loads the private key into memory and performs challenge-response authentication on behalf of the user
        - private key must be protected by a passphrase
            - passphrase is used to encrypt the private key
    - not exposed to the network
    - separate from the SSH client process
        - if the client is compromised, the agent is not
    - SSH client is effectively an Entity in the Middle
        - EitM is not inherently bad
            - not inherently able to do anything with the intercepted data
    - SSH Agent handles keys and crypto calculations
        - SSH client handles network communication
    - Agent Forwarding
        - allows the SSH Agent to be used on a remote server
        - sort of like a VPN for the SSH Agent
        - SSH from Bob to Alice
            - SSH from Alice to Carol
            - Carol only sees the connection from Bob
        - Alice effectively becomes an EitM
            - Alice can't do anything with the intercepted data as long as Bob's private key is kept secret
- Heartbleed Bug
    - (former) vulnerability in OpenSSL
        - used for more than just SSH
            - web servers, VPNs, etc.
    - allowed an input overflow
    - allowed 512 bytes of RAM to be read per malformed heartbeat request
    - decrypted private keys live in RAM

- Entity in the Middle Attack (EitM)
    - Case 1: server already has the key
        - client sends a message to the server
            - "user@server_address"
        - attacker intercepts the message
            - forwards the message to the server
        - server responds with its challenge $\{m\}_{K_{pub}}$
        - attacker intercepts the challenge
            - forwards the challenge to the client
        - client responds with $H(m)$
    - in case 1, the attacker hasn't gained anything
        - it has only monitored encrypted traffic
    - Case 2: server does not have the key
        - "do you trust this server?"
            - EitM will have a different key fingerprint
                - but who actually checks those fingerprints before typing "yes"?
        - client sends its public key to the server
        - attacker intercepts the public key
            - forwards the public key to the server
        - now the attacker can impersonate the client
    - in case 2, there is a vulnerability
        - very limited window of time

- Issues with password based SSH
    - server has the password
    - server requests client's password
    - client sends password
        - **password is sent in plaintext in SSH protocol**
            - it's a very old protocol
    - if the channel is compromised, the password is compromised

- Terminal types
    - local terminal
        - the terminal on the physical machine
        - `tty` type terminal
    - remote terminal
        - the terminal on the remote machine
        - `pts` type terminal
    - `who` command
        - shows who is logged in and what kind of terminal they are using

- `ssh-keygen -b 2048`
    - `-b`: key size
    - creates a public/private key pair
        - public key is stored in `~/.ssh/id_rsa.pub`
        - private key is stored in `~/.ssh/id_rsa`
    - use a passphrase on machines that are not secure
        - passphrase encrypts the private key
        - passphrase is required to decrypt the private key
    - or trust the security of the machine
        - skip the passphrase
        - so probably not a good idea
- `ssh-copy-id user@host`
    - copies the public key to the remote server
    - adds the public key to `~/.ssh/authorized_keys`
- 