The CyberSecurity workshop organized by the Linux Club (Cybersec101) provided me with hands-on experience with various tools and techniques in the field of cybersecurity. This Repo contains a detailed account of what I learned and achieved during the workshop.
We began by exploring the powerful JWT toolkit, which is essential for handling JSON Web Tokens (JWTs) effectively. This toolkit allows for the creation, modification, and validation of JWTs, which are widely used for secure authentication.
At JWT.io, I learned about the core components of JSON Web Tokens, including:
We explored the concept of Magic Bytes, which are unique sequences of bytes used to identify file formats. Understanding Magic Bytes is crucial for file format exploitation and forensics.
Gained hands-on experience with Burp Suite from PortSwigger, a leading tool for web vulnerability scanning and penetration testing. Burp Suite is essential for identifying and exploiting web application vulnerabilities.
Learned about Gobuster, a tool used for brute-forcing URIs (directories and files) in websites and DNS subdomains. Gobuster is a powerful tool for discovering hidden resources on a web server.
Delved into the HS256 (HMAC with SHA-256) and RSA algorithms, which are widely used for secure token signing and verification. Understanding these algorithms is crucial for implementing secure authentication mechanisms.
Explored the differences between JSON Web Signature (JWS) and JSON Web Encryption (JWE). JWS provides integrity and authenticity, while JWE ensures confidentiality through encryption.
Learned the intricacies of SQL injections and how to protect against them. Practiced bypassing admin logins using SQL injections with SQLmap, a powerful tool for automating SQL injection exploitation.
Discussed the role of robots.txt files in web security and how they can be exploited if not properly configured. Robots.txt files can inadvertently expose sensitive information if misconfigured.
Explored various methods of data protection, including:
Compared the symmetric encryption (same key for encryption and decryption) and asymmetric encryption (public and private keys). Both methods are indeed essential for secure communications.
Explored various encoding schemes such as Base64, XOR, and UTF, and their applications in cybersecurity. These schemes are widely used for data representation and transmission.
Utilized Cyber Chef, a web-based tool for encryption, encoding, and data analysis. Cyber Chef simplifies complex cybersecurity tasks through a user-friendly interface.
Discussed the importance of public and private keys in encryption and secure communications. Public keys are used for encryption, while private keys are used for decryption.
Learned about Argon2, a memory-intensive key derivation function designed to resist brute-force attacks. Argon2 is considered one of the most secure password-hashing algorithms.
Explored CrackStation, an online tool for cracking passwords using precomputed hash tables. CrackStation is useful for understanding the vulnerabilities of weak password hashes.
Discussed the importance of salting in password hashing to prevent rainbow table attacks. Salting adds random data to passwords before hashing to ensure unique hash values.
Online editor for a JWT token to use the "none" algorithm by Gavin Johnson-Lynn. Just need to edit the header and the payload and get the encoded output with a "none" algorithm signature.
Successfully cleared three hacking tasks in picoCTF and retrieved the flag:
- Accessed the disallowed site by getting the address from robots.txt.
- Captured the flag.
Cracking a Password via SQL Injection: Demonstrated how SQL injection can be used to bypass authentication mechanisms.
- Used SQL queries to make an illusion for the website.
- The website thought that the query was complete with ';' but in reality, it was not.
- Injected queries as such that they can break through the filters applied on the website.
- After Round 5, checked the other .php file for the flag.
- Can be done either using the JWT toolkit OR Edit JWT Online
- Retrieved JWT token from Cookies present in the Application part of the Inspection page.
- Used the JWT token to see what it means with JWT.io.
- Manipulated the JWT token with Edit JWT Online.
- Logged in as Admin and captured the flag.
Feel free to reach out to me on LinkedIn!