DEV Community: Jsquared

Demystifying PGP Keys: Understanding the Inner Workings of Public-Key Cryptography

Jsquared — Tue, 30 May 2023 21:36:02 +0000

In the world of secure communication, PGP (Pretty Good Privacy) stands as a widely used encryption standard. At the heart of PGP lies the concept of public-key cryptography, which ensures the confidentiality, integrity, and authentication of digital messages. In this article, we will delve into the workings of PGP keys, exploring the principles of public-key cryptography, key generation, encryption, and digital signatures.

Understanding Public-Key Cryptography

Public-key cryptography, also known as asymmetric cryptography, employs a pair of mathematically related keys: the public key and the private key. These keys are generated together, but while the public key is shared openly, the private key remains a closely guarded secret. Public-key cryptography relies on the fact that data encrypted with the public key can only be decrypted using the corresponding private key.

PGP Key Generation

Key Pair Generation: To generate a PGP key pair, a user typically utilizes specialized software or tools. The process involves generating a random private key and using mathematical algorithms to derive the corresponding public key. The private key must be kept secure, ideally stored in a password-protected keyring or secure key management system.
Public Key Distribution: Once the key pair is generated, the public key can be freely distributed to others via email, key servers, or public key directories. The public key is associated with the user’s identity and is used by others to encrypt messages intended for that user.

PGP Key Usage

Encryption: When a sender wants to send an encrypted message to a recipient, they obtain the recipient’s public key and use it to encrypt the message. This process ensures that only the intended recipient, possessing the corresponding private key, can decrypt and read the message. The encrypted message can be safely transmitted over insecure channels.
Decryption: Upon receiving an encrypted message, the recipient uses their private key to decrypt the message and access its contents. The private key is never shared or disclosed to others, ensuring the confidentiality of the communication.

Digital Signatures: In addition to encryption, PGP keys also enable the use of digital signatures. A digital signature is created by using the sender’s private key to encrypt a unique hash value derived from the message. This encrypted hash serves as a digital fingerprint, verifying the authenticity and integrity of the message. Recipients can verify the signature using the sender’s public key, confirming that the message has not been tampered with and originated from the claimed sender.

Key Trust and Web of Trust

To establish trust in the authenticity of public keys, PGP relies on a decentralized model called the Web of Trust. Users verify the identity of others by personally signing their public keys, essentially vouching for their authenticity. These signatures create a network of trust, where the reputation and trustworthiness of individuals within the network determine the level of confidence in the associated public keys.

Key Revocation and Expiration

In case a private key is compromised or lost, PGP allows for key revocation. A revocation certificate, generated with the private key, is distributed to notify others that the associated key is no longer valid or trustworthy. Additionally, PGP keys can have expiration dates, ensuring that keys are regularly renewed or revoked if no longer in use.

Conclusion

PGP keys and public-key cryptography provide a robust framework for secure communication, ensuring the confidentiality, integrity, and authenticity of digital messages. By understanding the workings of PGP keys, individuals can leverage this encryption standard to protect their sensitive information, establish secure communication channels, and authenticate the identity of participants. PGP’s reliance on public and private key pairs, encryption, and digital signatures empowers users to communicate with confidence in an increasingly interconnected and privacy-sensitive world.

Python V.S. Javascript: Which is Better for Webscraping?

Jsquared — Sat, 22 Apr 2023 03:56:48 +0000

JavaScript and Python are currently the most popular programming languages overall, but at the same time, they are also the top choices for web scraping. The data extraction discipline is developing fast as both small and large organizations rely on these practices to get valuable information that drives them forward.

Even though the capabilities of scraping bots are getting more advanced, there are more complexities involved. Web scrapers are becoming specialized and designed for different kinds of uses. In other words, when choosing a web scraping service or building your scraper, you will have a lot of things to consider.

This blog article will discuss which programming language you should choose for scraping and when.

What is Web Scraping?

Web scraping, web crawling, or data extraction are the terms that describe the process of gathering valuable data from web pages. It's an automated process involving large amounts of data. When browsing the web and downloading some page, text, or image, you could say that's manual web scraping. However, doing this manually doesn't make sense as it requires a lot of time and effort. Scraping bots can do this much faster and deliver data in a structured fashion so that you can easily use it for analysis. Web scrapers are software tools designed to help you with this process, but these tools come with different functionalities, capabilities, and features. Apart from the design, these factors depend on the coding language used for their development.

Python

Python is widely known as a scraping language because of its comprehensive capabilities and flexibility. You can use it for almost all web-crawling efforts without a hitch. At the same time, it's both simple to learn and great for beginners. Python is effective for simple data extracting processes and also suitable for more complex applications. One of the most used frameworks for scraping is BeautifulSoup, based on Python. It's straightforward to use and makes tasks like parsing, searching, and navigation a piece of cake. Python web scraping tools are effective at simulating human behavior, accurate scraping, and data targeting.

Javascript

JavaScript is the most popular web language, and one of the reasons for this is NodeJS. It's a modern and simple language originally developed to allow dynamic functionalities to websites accessed via a browser. When someone visits a website, the browser analyzes the JavaScript and transforms it into a code the computer can process. Node.JS is a JavaScript tool that allows it to run server-side and client-side processes. It can create network applications and run them very quickly. In other words, Node.JS gives JavaScript the capabilities needed to create server-side scripts. That helps scrapers quickly go through sites with dynamic structures and extract information without any problems.

Pros and Cons of Each Language

Python

Pros:

Python is excellent for both beginners and experienced programmers. Dynamic typing makes it easy to find the right features and functionalities and, combined with a simple syntax, provides a great learning curve.
Python has a great community with many libraries and tools. In other words, no matter what problem you encounter, you can find answers and the right technical solutions to execute solutions.
Python can support various task management approaches, including asynchronous programming, multiprocessing, and multithreading. The combination of these approaches makes Python really efficient.

Cons:

Compared to C++ and other statically typed coding languages, Python has a slower performance.
The Global Interpreter Lock in Python makes it more challenging to scale projects properly, and some tasks have slower execution.
Dynamic pricing can sometimes lead to mistakes.

JavaScript

Pros:

JavaScript is very fast with optimized memory usage and can work with multiple simultaneous web requests.
All of the libraries written for Node.JS for native use can also improve the development workflows leading to faster outputs.
JavaScript has a rich community with many Node.JS packages that can provide valuable tools for easier and quicker use.

Cons:

Node.JS's event-driven and single-threaded nature offers lower performance when working with demanding GPU computing tasks. However, users can solve this with the "worker threads" module.
The asynchronous approach involves a lot of callbacks, which can cause complex callback "pile-ups" that go into several layers and make the code difficult to maintain and understand.
JavaScript is also a dynamic language, meaning potential bugs can happen during runtime.

Conclusion

In the end, Python web scraping solutions are more popular because of a larger community and the Beautiful Soup library that makes it easy to use. Still, Python is often avoided when there's a need for scaling large projects. On the other hand, JavaScript might be a good choice for people who already know this language and would like to use it for scraping. The differences are subtle, and it all comes down to personal preference and knowledge.

Advice for Those Learning How to Code

Jsquared — Mon, 17 Apr 2023 18:02:57 +0000

Let's face it: Programming is hard. Even if you have years of experience under your belt, it feels like there is always something new to learn. It can be very frustrating for new programmers who want to learn how to code. Many beginners don't know where to start or even how to start.

Now, you might be asking who I am. My name is Jsquared and I am a 17 year old programmer, web developer, and cybersecurity enthusiast. I have been writing code since I was around 6 or 7 years old, with my first programs being simple games written in Python. As I learned more, I became more fascinated, I was able to code much cooler things than simple games, and over years I learned invaluable lessons that made me a better programmer. I believe that anyone can learn to code and in this blog I want to share some tips that has helped me in my journey of programming.

These are some general advice on how to be successful in learning how to code. It's important to know that you can take multiple approaches to learning programming and there is no one answer but these are the ones that have helped me the most Later on, I will write a blog with resources that I used to learn how to code.

1. Take Time Learning the fundamentals

Getting a good grasp of the fundamentals is critically important to achieving long-term success. The foundational knowledge you learn at the beginning of your programming journey will allow you to grasp the logic of more complicated topics further along. If you don’t learn basic computer programming, you could fall behind in the future. So, even if the fundamentals seem boring or unimportant at first, you need to recognize how important it is to learn them.

2. It's Okay to Ask for Help

Knowing when to ask for help is a skill you’ll need throughout the course of your life, not just when it comes to programming. To put it simply, you aren’t going to know everything, especially when you’re just starting out. The fastest and easiest way to gain the skills you need to have to be a programmer is to ask those who have the answers. After you try to figure out the answer to your question on your own, be sure to ask someone else. Whether you do it in person or online, speaking to your mentor or teacher and listening to what they have to say is critical when you are learning to become a computer programmer.

3. MAKE STUFF!!

If you really want to learn how to code, you need to do more than just read the book and take some notes. You need to put the information you’re learning into action. You might be surprised at how something you read can seem so simple until you try to do it for yourself. Therefore, you should actually start coding as you’re learning. That way, you put the information to use immediately. When you learn by doing, the information will be more likely to stick with you. Plus you can put your projects on GitHub to show off to potential employers.

4. Use the Internet to your Advantage

These days, you can find countless sources of information on the internet on just about any topic. This information can be especially helpful when you are learning how to code. Whether you decide to sign up for a coding boot camp or simply want to check out free tutorials on YouTube or other streaming services, you can learn a lot about coding by just going online. One of the main benefits of learning this way is that you can find the answers you need in many different formats. Therefore, if one explanation doesn’t make sense to you, you can always find a different explanation elsewhere. It's a win-win!

5. Don't Just read Source Code

When you get your hands on some source code, it’s easy to just read through it and think you have an understanding of what’s going on. But when you really want to become a computer programmer, you’re going to have to take this a step further. You should actually run the code and tinker with it to figure out how it truly works. This is a much more effective way to learn than simply reading through the code. Remember, being able to read the code isn’t the same as understanding it. As a programmer, you need to cultivate a deep level of understanding, and playing around with sample code is a great way to do that.

Conclusion

Learning how to code may seem scary at first but as you learn more, you'll realize that it's actually very fun. Don't think that you're the only one that is having a hard time learning how to code. Everyone is going/went through the same thing. I went through the same thing too. It's simply apart of the process. If you consistently learn and hone your skills, I guarantee you that you will see improvement and growth.

Thank you for reading my blog! If you liked this article, please consider liking it, sharing it with a friend, and following for more content like this! Got an idea for a future blog post? Comment it down below!

Once again, thank you for reading! I really appreciate it! :)

-- Jsquared

Password Cracking: What is a Rainbow Table Attack and how do I prevent it?

Jsquared — Mon, 17 Apr 2023 05:56:53 +0000

What is a Rainbow Table?

A rainbow table attack is a password cracking method that uses a special table (a “rainbow table”) to crack the password hashes in a database. Applications don’t store passwords in plaintext, but instead encrypt passwords using hashes. After the user enters their password to login, it is converted to hashes, and the result is compared with the stored hashes on the server to look for a match. If they match, the user is authenticated and able to login to the application.

The rainbow table itself refers to a precomputed table that contains the password hash value for each plain text character used during the authentication process. If hackers gain access to the list of password hashes, they can crack all passwords very quickly with a rainbow table.

How Does This Attack Work?

Hackers must first gain access to leaked hashes in order to carry out rainbow table attacks. The password database itself might be poorly secured, or they may have gained access to the Active Directory(A database and set of services that connect users with the network resources they need to get their work done). Others gain access through phishing techniques of those that might have access to the password database. Additionally, there are already millions and millions of leaked password hashes on the dark web that are available to hackers.

The reason why hackers like to use the rainbow table method is that it's an easy way to decrypt passwords to enable them to gain unauthorized access to systems, rather than relying on the dictionary attack method (which consumes more memory space) or brute force attack (which consumes more computing power). All the attacker needs to do is just check the rainbow table to find the password’s hash. Rainbow tables are deliberately designed to consume less computing power at the cost of using more space. As a result, it usually produces results quicker than a dictionary or brute force attacks, often taking minutes to crack where other methods may take much longer. But this does have some downsides. Rainbow tables take a considerable amount of time to compile from the ground up. This is because all the hashes and the computing work that goes with them must be calculated and stored beforehand (although precompiled ones can also be downloaded online). But once you figure that out, you have a rainbow table that you can always reuse whenever you need to crack a password.

Real World Scenarios:

Let's move on to how we can see this method of password cracking in the real world. Here are two real life examples of how this could be used:

An attacker spots a web application with outdated password hashing techniques and poor overall security. The attacker steals the password hashes and, using a rainbow table, the attacker is able to decrypt the passwords of every user of the application.
A hacker finds a vulnerability in a company’s Active Directory and is able to gain access to the password hashes. Once they have the list of hashes they execute a rainbow table attack to decrypt the hashes into plaintext passwords.

How to Prevent Rainbow Table Attacks:

Salting: Hashed passwords should never be stored without salting. Salting is a technique to protect passwords stored in databases by adding a string of 32 or more characters and then hashing them. This makes the password more difficult to decrypt.
Multifactor Authentication: Using multi-factor (MFA) or two-factor authentication (2FA) that involves multiple steps, for example, makes it difficult for anyone to access your account with just a password. This makes it impossible for an attacker to use a rainbow table attack effectively.
Outdated Hashing Algorithms: Hackers look for applications and servers using obsolete password hashing algorithms MD5 and SHA1. If your application uses either algorithm, your risk for rainbow table attacks substantially increases.
Monitoring Servers: Most modern server security software monitors against attempts to access sensitive information and can automatically act to mitigate intruders before they can find the password database.

Conclusion and Final Thoughts

Some security experts argue that rainbow tables have been rendered obsolete by modern password cracking methodologies. Instead, most attackers now use the more advanced Graphics Processor Unit (GPU) based password cracking methods.

A moderately-sized GPU farm can easily recreate a rainbow table within a few seconds. This means that encoding those passwords into a rainbow table would not make that much sense. Moreover, most passwords are salted anyway, meaning we would need rainbow tables for each salt value, and for larger salts, this is entirely impractical. Bitcoin and other cryptocurrency miners have been tapping GPU technology to calculate hashes for bitcoin farming. There are existing tools that can leverage GPU technology to decrypt password hashes potentially. For example, the Linux-based GPU cluster was used to crack 90 percent of the 6.5 million leaked LinkedIn password hashes in 2012.

Nonetheless, rainbow tables may not be the biggest threat to organizations today. Still, they are certainly a threat and should be considered and accounted for as part of an overall security strategy.

If you liked this article, please consider liking and following for more blogs on cybersecurity and hacking!!

-Jsquared

Tutorial: DNS Enumeration using Python

Jsquared — Sat, 08 Apr 2023 05:14:03 +0000

Explanation of DNS Enumeration

DNS Enumeration is a method of collecting data about a domain's configurations. DNS, or the Domain Name System, translates human readable domain names (for example, www.amazon.com) to machine readable IP addresses (something such as 192.0.2.44). The process of DNS Enumeration returns various important information about the target like DNS record types, host names, IP addresses and much more depending upon the configuration of that target system.The main objective of DNS enumeration is to collect as much information as possible about a particular victim to identify potential vulnerabilities.

In this article, I will show you how you can perform DNS enumeration using the Python language. We will be utilizing the dnspython library that will help us carry out DNS requests which will return us with DNS records for the website we choose.

to install dnspython all you need to do is run this command:
$ pip install dnspython

When you have finished installing the library, create a new file called dns_enumeration.py(or whatever you want to call it).

The Coding Part

To begin with, we need to specify the domain we want to analyze (we will use twitter.com) and what kind of DNS record types we want the program to return. For this tutorial, we'll just have the program return the six most common DNS record types:

import dns.resolver

# Set the target domain and record type
target_domain = "twitter.com" #using twitter as an example
record_types = ["A", "AAAA", "CNAME", "MX", "NS", "SOA", "TXT"]

(Don't forget to import the library)

You might be asking, what is a DNS record type? You can think of a set of DNS records like a business listing on Yelp. That listing will give you a bunch of useful information about a business such as their location, hours, services offered, etc. All domains are required to have at least a few essential DNS records for a user to be able to access their website using a domain name, and there are several optional records that serve additional purposes. In this case, the record types will give us information about the domain like the IP address, IPV6 address, which server contains the DNS records, etc.

Now, we can move on to creating a DNS resolver as well as creating the code that will perform the DNS lookup:

# Create a DNS resolver
resolver = dns.resolver.Resolver()
for record_type in record_types:
    # Performs DNS lookup for the defined domain and record type
    try:
        answers = resolver.resolve(target_domain, record_type)
    except dns.resolver.NoAnswer:
        continue

A DNS resolver, also known as a resolver, is a server on the Internet that converts domain names into IP addresses.When you use the Internet, every time you connect to a website using its domain name, your computer needs to know that website's IP address. So your computer contacts a DNS resolver, and gets the current IP address of the domain you want to access.

Last part is we need to print out the results from the queries (this is pretty simple):

    # Prints the results
    print(f"{record_type} records for {target_domain}:")
    for rdata in answers:
        print(f" {rdata}")

(f-strings are string literals that have an f at the beginning and curly braces containing expressions that will be replaced with their values)

When you run the program you should get an output that looks like this (depends on what domain you choose):

And that's the end of the tutorial! If you want to dive further, here are some links that I provided for you to read more:

If you liked this article, consider liking it and following me! If you want to see more tutorials like this in the future, comment down below!

Full source code: https://github.com/sleepyrob0t/DNS-Enumeration-Python

-Jsquared

Coding a Port Scanner with Python

Jsquared — Tue, 04 Apr 2023 05:34:51 +0000

Port scanning is a way for determining which ports on a network device are open, whether it's a server, a router, or a regular machine. To simply put it, a port scanner is just a script or a program that is designed to probe a host for open ports.

In this blog, I will show you step-by-step how to code a simple port scanner using the pre-installed socket library. The idea of making the port scanner is to connect to a host (it could be a website, server, or any device which is connected to a network/ internet) through a list of ports. If the scanner establishes a connection, then that means the port is open.

DISCLAIMER: THIS IS ONLY FOR EDUCATIONAL PURPOSES ONLY. DO NOT USE THIS ON A HOST THAT YOU DO NOT HAVE PERMISSION TO TEST. PORT SCANNING IS NOT ILLEGAL UNLESS IT IS USED TO GAIN UNAUTHORIZED ACCESS OR BREACH PRIVACY.

First things first, if you want to print in colors, you will need to install colorama (this is completely optional):

pip 3 install colorama

With that out of the way, now we can actually start coding the scanner. First, let's import the socket module:

import socket # for connecting to the host 
from colorama import init, Fore

# adding some colors (optional)
init()
GREEN = Fore.GREEN
RESET = Fore.RESET
GRAY = Fore.LIGHTBLACK_EX

The socket module is a module already built in the Python standard library, so you don't need to install it.

colorama is used later when the program prints the ports that are open or closed (again this is optional)

Next, let's create a function that will be used to decide whether a port is open or not:

def is_port_open(host, port):

    #determines whether the host has the port open
    # creates a new socket
    s = socket.socket()
    try:
        # tries to connect to host using that port
        s.connect((host, port))
        # make a timeout if you want it a little faster (means less accuracy)
        # s.settimeout(0.2) <-- if you want to add a timeout 
    except:
        # cannot connect (port is closed) and returns false 
        return False
    else:
        # the connection is established (port is open)
        return True

the s.connect((host,port)) function attempts to connect the socket to a remote address using the (host,port) tuple (Tuples are used to store multiple items in a single variable), it will bring up an exception when it fails to connect to the host, so that is why we put that code into a try-expcept block so when the exception is brought up, it tells us that the port is closed (otherwise it is open).

Lastly, we can use the function we just made above and repeat it over a number of ports:

# asks user to enter a port 
host = input("Enter the host:")
# repeat over ports, from 1 to 1024
for port in range(1, 1024):
    if is_port_open(host, port):
        print(f"{GREEN}[+] {host}:{port} is open      {RESET}")   #prints green text for open ports 
    else:
        print(f"{GRAY}[!] {host}:{port} is closed    {RESET}", end="\r") #prints gray text for closed ports

This part of the code will scan all ports from 1 to 1024. You can freely change the range if you so choose, but keep in mind that if you increase the range it will take longer to complete scanning.

Potential Issues

Upon running the code, you will notice that the script isn't the fastest. You can change this by adding a timeout of 200 milliseconds (using settimeout(0.2). Keep in mind that this will reduce the accuracy of the scanning, especially if you have high latency.

If you want, the full source code is on Github.