This is the write up for the room Encryption – Crypto 101 on Tryhackme and it is part of the complete beginners path
Make connection with VPN or use the attackbox on Tryhackme site to connect to the Tryhackme lab environment.
Tasks Encryption – Crypto 101
Task 1:
Read all that is in the task and press completre
Task 2:
2.1 Press complete
2.2 Are SSH keys protected with a passphrase or a password?
The answer can be found in the text of the question
Answer: passphrase
Task 3:
3.1 What does SSH stand for?
A good google search will bring you to this site SSH (Secure Shell) – Wikipedia . The answer is already inthe name of the site
Answer: Secure Shell
3.2 How do webservers prove their identity?
The answer can be found in the text of the task
Answer: certificates
3.3 What is the main set of standards you need to comply with if you store or process payment card details?
The answer can be found in the text of the task
Answer: PCI-DSS
Task 4:
4.1 What’s 30 % 5?
Answer: 0
4.2 What’s 25 % 7
Answer: 4
4.3 What’s 118613842 % 9091
Use the following python code
a=118613842%9091
print(a)
Answer: 3565
Task 5:
5.1 Should you trust DES? Yea/Nay
Answer: Nay
5.2 What was the result of the attempt to make DES more secure so that it could be used for longer?
Answer Triple DES
5.3 Is it ok to share your public key? Yea/Nay
Yea
Task 6:
6.1 p = 4391, q = 6659. What is n?
The hint is to use pyhton but this is not needed. We are getting told to read more go to https://muirlandoracle.co.uk/2020/01/29/rsa-encryption/. If you then navigate to the python bit. And notice n = p*q
Now put in the calculator 4391 * 6659
Answer: 29239669
6.1 Just press complete
Task 7:
Read all that is in the text and press complete. But do not forget to read all that is in the given link: https://robertheaton.com/2014/03/27/how-does-https-actually-work/
Task 8:
8.1 What company is TryHackMe’s certificate issued to?
To see the certificate click on the lock next to the URL then certificate
Answer: Cloudflare
Task 9:
9.1 and 9.2 just press complete
9.3 What algorithm does the key use?
Answer: RSA
9.4 Crack the password with John The Ripper and rockyou, what’s the passphrase for the key?
Download the file attached to this room. We see it is a rsa key. But in order for john to crack it we need to have a good hash for it. There is a python for this in kali /usr/share/john/ssh2john.py
Copy the ssh2john.py to the same location as the downloaded file. Then type in
python ssh2john.py idrsa.id_rsa > id.hash
Then we can use john to crack it
john id.hash -wordlist=/usr/share/wordlists/rockyou.txt
Following the above steps will give you the answer
Task 10:
Read all that is in the task and press complete. Do watch the video Secret Key Exchange (Diffie-Hellman) – Computerphile – YouTube
Task 11:
You have the private key, and a file encrypted with the public key. Decrypt the file. What’s the secret word?
Download the file attached to this task. We have 2 files the message.gpg and tryhackme.key
We need to import the key first in order to derypt the message. Type
pgp --import tryhackme.key
The we can decrypt the message by typing
gpg message.pgp
It will decrypt the message to a file called message. The answer of this question will reveal itself by typing:
cat message
