Jump to content
Hak5 Forums
Sign in to follow this  
PoSHMagiC0de

Forums Section for Cryptology?

Recommended Posts

hey Folks,

 

I hope all will read this.  There has been interest in post about cryptology.  In general, people asking about how to use crypto tools, do crypto, break crypto, leverage crypto, etc.  Briefly there were people asking about crypto in payloads (not subject that I would like discussed here if not pertaining to using crypto for obfuscation.).  In private chat there has been interest in it towards me and even someone from Hak5 mod group mentioning they would be interested in something and would not be against the idea of beginning a forum section for it.

Why do we need a separate section?  Well, look at crypto.  For all crypto questions, can you pick 1 forum it would fit in?  I do not.  If I want to post about crypto programmically then the app and coding section would suffice.  What if I wanted to know about GPG, maybe General questions, applications, Security all three would work.  What about writing code that uses GNUPGP for stuff and you the person needs function GPG can do and how to interact via code?  You tell me where that would go.

What will be discussed.  Everything crypto.  Help identify a hash for someone, post your own "roll your own crypto" algorithm, answer questions on how to do AES or RSA crypto.  Anything crypto from crypto app usages to doing your own can be discussed.  It will give the crypto guys a place to look if they feel like discussing or answering questions about the topic too.

Last, all other boards also see a need to separate out this topic because it covers multiple areas that anyone wanting to talk about crypto will be hopping all over the forums for a good place to post.

 

What we should not discuss.

I say any question leading to direct illegal goals.  That means no questions on how to write crypto lockers or such.

I know that code people may post may be able to be combined with others code to eventually create a crypto locker but some people already know that once you get down how to do crypto in a language, it is trivial to convert it to something bad.  That cannot be stopped but hopefully we will no entice by directly assisting in it.

 

What does everyone think?

Maybe I should have made this a poll.  One can be created if folks actually read and respond to this one hehe.

 

  • Upvote 1

Share this post


Link to post
Share on other sites

Sounds like an interesting sub-section.

So basics for starters and more advanced levels explained and possible "CrackMe!" challenges like in those Reverse Engineering boards, right?

 

Share this post


Link to post
Share on other sites
2 hours ago, PoSHMagiC0de said:

Aren't the CrackMe more binary exploit than crypto?  But if it is solving a crypto challenge then yelp.

Well it really depends. One could patch the binary to accept any code given OR the more elegant way is to RE it, find the key-algo and then build your own KeyGen for the specific CrackMe.

So it teaches two things at once. Understanding of the algorithm in use and how to implement it in your program.

 

Edited by Broti

Share this post


Link to post
Share on other sites

You been watching LiveOverflow videos too huh?  :-)

Yeah, I have not done those but have seen videos on them existing.  The section would definitely pertain to keygen making....if legit.  I do not want any illegal stuff like keygens for real apps popping up but reviewing the concept and techniques through the crackmes I do see as beneficial.

Share this post


Link to post
Share on other sites

LiveOverflow? Doesn't ring a bell here.

Of course I meant legit keygens, hence the mentions of CrackMes. If anyone wants a keygen for <insert product here> he or she is looking in the wrong place.

What about obsolete algorithms like DES or even more vintage stuff like ENIGMA or Playfair?

Share this post


Link to post
Share on other sites

All Crypto.  Old, new.  Want to talk RoT13 (don't know why) then yelp.  Want to discuss your own custom with shifting and xor'ing...yelp.

Anything crypto as long as it is not directly malicious in the ways of cryptolockers or cracks for commercial software.  On the cryptolocker side, if it is a discussion on how they work and they keying methods or discuss how an existing works (to understand it, not use it) then that is cool as it is not a discussion in hopes to build redeployments.

 

Very straight forward rules, talk about all things crypto as long as it is not a discussion on how to be an asshole with it. :-)

  • Upvote 2

Share this post


Link to post
Share on other sites
1 hour ago, PoSHMagiC0de said:

Very straight forward rules, talk about all things crypto as long as it is not a discussion on how to be an asshole with it. :-)

Well, that sums it up :smile:

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×