Editing Main Page (section)

= ToroHack Hackathon Participation: How do I...= 
== Use Scoring Engine to Participate? ==
===Getting Started===
<center>The page to participate in the challenge once you are assigned to a team is: https://torohack.ctfd.io/challenges </center>
<center><gallery>
File:SE1.png|Challenge questions main page.
</gallery></center>

To select a question to attempt, simply click on any one of the squares. A smaller window will appear with a question prompt and an entry field. Once you're sure of the answer you've entered, click on 'submit', and if it is correct, the point(s) that question is worth belong to you.
<center><gallery>
File:SE2.png|Select any question square.
File:SE3.png|Entering an answer.
</gallery></center>
*'''PASSWORD HASHES''' is where you will find the .txt files that the PASSWORD CRACKING questions rely upon as a reference for all the questions in that section. You should be able to take each of these files and feed it into your cracking software of choice.

*'''USERS''' maintains a list of current players who are properly registered with the site.

*'''SCOREBOARD''' shows the ongoing amount of accumulated points throughout the competition.

*'''CHALLENGES''' is where you will go to participate. You will be presented with a large list of questions you can choose to attempt freely, each one worth it's own individual number of points.

===Challenge Types===
Challenges are presented in a Jeopardy!-style grid in which you can select any question at your leisure and make up to 3 attempts at entering the correct answer.

====PEN TEST====
<center>https://cscp.csudh.edu/#/</center>
To participate in these types of questions, contact support and you will be given credentials to log into a remote Kali Linux machine that contains the necessary materials to answer the relevant questions. You can access this page at the link above.

====PASSWORD CRACKING==== 
Each question will ask you to refer to a specific username listed in the text files featured in the PASSWORD HASHING tab; find the corresponding username and it's hashed password, decrypt it, and enter the decrypted password to score the point. You will have 3 attempts, and passwords are case sensitive.

====HIDDEN MESSAGES==== 
Each question will provide an image for you to download and insert into your steganographic decoder of your choice ('''See below section "Cipher Decoding"''') that will produce a string beginning in either CAHSI or TORO. You will have 3 attempts, and strings are case sensitive.

== Use Bash Terminal? ==

#Basic Bash Commands

#Interacting with files and directories 
#pwd- print working directory
# [[File:Linux2PWD.png|1200px]]
#ls- to list all directories
# [[File:Linux1.png|1000px]]
#cd- change directory 
# [[File:Linux3.png|1000px]]

#cat- print/concatenate
# [[File:Linux4viewingfiles.png|1200px]]
#-h or - - help, bring up in end of every command.
# [[File:Linux6ix.png|1000px]]

#If interested more about commands and info about them, please use link below
# https://dev.to/awwsmm/101-bash-commands-and-tips-for-beginners-to-experts-30je

== Solve Steganography Questions? ==
[Possible Websites to Decode Steganogprahy Questions.]
 Installing steghide (Using Linux):

#Open your Linux Command Line
#On the command line type “sudo apt install steghide”
#Then type “man steghide”
#Dialogue/message should come out out indicating successful installation
#Type “clear” to leave and continue


To extract embedded data from .jpg:

#Get the file/image name you want to extract (EX. stg.jpg)
#If you need to add a directory, here is an example 
# [[File:steginfo1.jpg|500px]]
#Then type “steghide extract -sf stg.jpg” to extract
# [[File:steginfo2.jpg|550px]]
#If a password/passphrase is asked just press enter unless you have a password for it
#A flag message should appear/reveal like this “TORO-AAAAA-#####”
# [[File:steginfo3.jpg|600px]]


Extracting information using Futureboy

#Visit the link: https://futureboy.us/stegano/encinput.html
#Navigate to the near bottom, offering a link to “decode a file”.
#Click the link.
#Download and input the corresponding file you want decoded.
#The following flag/message should come out as: “TORO-AAAAA-#####”.
#Copy said decoded message, and input into the prompt.
 
Extracting image information using SourceForge:
#Visit the link: http://steghide.sourceforge.net/
#Download the most recent release. 
#Extract the file.
[[File:SForge1.PNG|1100px]]
#Place the steghide folder in C:\Program Files.
#Search “edit environment variables.”
#Go to advanced, click Environment Variables
[[File:SForge2.PNG|1100px]]
#Head to System Variables, Click Path, hit edit.
#Click Edit, go to Add, add the following file path where steghide is located. 
#Go to Command Prompt
#Type “cd” to change directory to wherever you stored your image. 
#Type steghide -sf “IMAGENAME.jpg”
#You should receive a text file with the decoded flag.
[[File:SForge3.PNG|1100px]]
#Copy and paste decoded flag into the prompt.

== Solve Password Cracking Questions? ==
Password Cracking can be accomplished by comparing stored passwords to a word list or by using techniques to generate credentials. Passwords are most likely encrypted before being saved as hashes.

Hash functions are mathematical functions that convert random-length inputs into encrypted fixed-length of outputs.
Brute-force and dictionary attacks are the two most used techniques to determine valid passwords but are not limited to other methods like Rainbow attack, Malware, Phishing, Guessing, etc.

The tool that we are going to use for password cracking is "John the Ripper", which uses a dictionary list (wordlist) approach. [For more info https://www.openwall.com/john/]

John the Ripper is already loaded with its default wordlist and can be found on this location /usr/share/john/password.lst

Also, rockyou.txt is another big wordlist collection, that can be downloaded and is pre-loaded in Kali Linux on this location /usr/share/wordlists as rockyou.txt.gz which will be on a compressed file.

To extract use this command:
 sudo gunzip rockyou.txt.gz
[[File:pcrack_2.jpg]]


Once we got the password hashes, first of all, we have to save it as a hash file on our Linux machine using a text editor (I prefer nano) or even use the GUI interface for that.

[[File:GUI_hash.jpg]]


Let’s say we made a password hash file as "hashlist.txt" and then we use our wordlist(s) and application “john” to crack the hash file.


The method we are going to use:

john hashlist.txt --wordlist = [wordlist path]

john hashlist.txt -- wordlist = [wordlist path] --format = [different encryption formats]


Step1: To install: 
       sudo apt install john
[[File:pcrack_1.jpg]]


Step2: 
      john hashlist.txt --wordlist=/usr/share/john/password.lst
[[File:pcrack_3.jpg]]

or,
      john hashlist.txt --wordlist=/usr/share/john/password.lst --format=sha512crypt
[[File:pcrack_5.jpg]]


Step3: To see the cracked password: john -- show [hash filename]
      john --show hashlist.txt
[[File:pcrack_6.jpg]]


===Cipher Decoding===

Cipher is another way of encoding / decoding messages. A cipher uses an algorithm to convert plaintext to ciphertext. While it modifies and hides the plaintext, it has no sense on its own. 

For example, I was given an encoded message XZHSR-HLCRA-17491.

To decode this message, 
go to this site: http://rumkin.com/tools/cipher/

You can see a list of tools/methods to use on the left-hand side.

[[File:cipher01.jpg]]

Then keep using one of these above-mentioned methods to find the correct answer. 

[[File:cipher00.jpg]]

Here I have used a Tool called “Atbash Cipher” and decoded the correct answer as CASHI-SOXIZ-17491

== Detect Other Devices On My Network? ==
[INSERT INSTRUCTIONS HERE]

There are many ways on detecting devices on a network, here are two simple ways on finding them efficiently. 

====Nmap or Network Mapper====

'''Installation'''

First, you have to install nmap if you haven’t installed it. If you’re not logged in as root, type <pre>sudo apt-get install nmap</pre>[[file:nmap1.png|500px]]

'''Find IP Address'''

To detect the device on a network, the first task is to figure out what is the IP address on your device. Type <pre>ip address</pre>
The address can be found in the position of the highlighted block. 

[[file:nmap2.png|500px]]

'''Using Nmap'''

By using nmap to scan the ports on each device and figure out which ones are open, type <pre>nmap 192.168.199.138/24</pre>
You may have a list looks similar to the picture below.
 
[[file:nmap3.png|500px]]

Then you’ll find all the open port on this network by typing <pre>nmap 192.168.199.140 -p 1-65535</pre>  
[[file:nmap4.png|500px]]

'''Further Using of Nmap'''

If you want to find further details of using nmap, type <pre>nmap --help</pre> This command will give you a long list with description of all extension you can use.
[[file:nmap5.png|500px]]

====Zenmap====

'''Installation'''

First, heading to download the Zenmap package from the website: https://nmap.org/download.html

Scroll down to find Optional Zenmap GUI (all platforms) and save the .rpm file. 

[[File:WeChat Image_20220408001943.png|500px]]

Go back to terminal, to get everything up to date type <pre>sudo apt-get update</pre> 

Install Alien to help us install Zenmap by typing <pre>sudo apt install alien</pre>  
[[File:WeChat Image_20220408002007.png|500px]]

Use Alien to deal with the .rpm file by type <pre>sudo alien zenmap-7.92-1.noarch.rpm</pre> then you can receive a .deb file in your Downloads.
[[File:WeChat Screenshot_20220407192840.png|500px]]

Type all following command for additional package: 

<pre>wget http://archive.ubuntu.com/ubuntu/pool/universe/p/pygtk/python-gtk2_2.24.0-5.1ubuntu2_amd64.deb</pre>

<pre>wget http://azure.archive.ubuntu.com/ubuntu/pool/universe/p/pygobject-2/python-gobject-2_2.28.6-14ubuntu1_amd64.deb</pre>

<pre>wget http://security.ubuntu.com/ubuntu/pool/universe/p/pycairo/python-cairo_1.16.2-2ubuntu2_amd64.deb</pre>

Then install all aditional packages in this order: 

<pre>sudo dpkg -i python-cairo_1.16.2-2ubuntu2_amd64.deb</pre>

<pre>sudo dpkg -i python-gobject-2_2.28.6-14ubuntu1_amd64.deb</pre>

<pre>sudo dpkg -i python-gtk2_2.24.0-5.1ubuntu2_amd64.deb</pre>
[[File:WeChat Screenshot_20220407200427.png|500px]]

[[File:WeChat Screenshot_20220407201125.png|500px]]

To finally install Zenmap, type <pre>sudo dpkg -i zenmap_7.92-2_all.deb</pre>and then you can find Zenmap in your system. 
[[File:WeChat Screenshot_20220407193131.png|500px]]

'''Using Zenmap'''

First, find out the ip address in the terminal by typing <pre>ip address</pre>

To open Zenmap by typing <pre>sudo zenmap</pre> Put your IP address in the Target box, on Profile box, you can choose different type of scan, such as quick scan or ping scan after you click the Scan button. You can find the results on the Ports/Hosts tab.
[[File:WeChat Screenshot_20220407202554.png|500px]]

[[File:WeChat Screenshot_20220407202827.png|500px]]

==Install a Linux Virtual Machine on Windows?==
There are many different software's for Virtual Machines to emulate different OS's for computers. We will be downloading Oracle's VirtualBox on Windows machines and running Ubuntu Linux. 

1. The first step is to click the link https://www.virtualbox.org/wiki/Downloads and click on Windows hosts under VirtualBox 6.1.32 platform packages. The .exe file should begin downloading.

[[File:Screenshot 2022-03-24 142804.png|500px]]

File:Screenshot2022-03-241428.04.png

2. After the .exe file is finished downloading the next step is to click on the .exe file and run the set up wizard to install VirtualBox on your machine. 

3. Once you have VirtualBox installed you must download the Ubuntu .iso file from the link https://ubuntu.com/download/desktop This file may take a few minutes to download. 

[[File:ubuntu1.png|600px]]

4. After the .iso file is downloaded open VirtualBox and click on New to set up a new Virtual Machine. 

5. You can name the machine anything you want but for this purpose name it ubuntuLinux. Select Linux as the type and Ubuntu (64-bit) or (32-bit), depending on your system, and click next.

6. The next step is to choose the memory size. Change this to the recommended settings.

7. For the hard disk setting select "create a virtual hard disk now" and click create.

8. Then select VDI(virtual disk image) and click next. 

9. Then select Dynamically allocated for the storage on physical hard disk option.

10. Set the file location and size to your preference then select create.

11. After creating the ubuntuLinux VM, highlight it and select the settings button.

12. Select storage and click empty under Controller: IDE and upload the Ubuntu .iso file you downloaded to the blue disk icon next to Optical Drive.

[[File:ubuntu2.png|500px]]

13. After this step is done you can start the ubuntuLinux VM in VirtualBox. After starting the ubuntuLinux VM click on INSTALL Ubuntu and run the setup wizard. Set up your account and the VM is ready to use!

==Install a Linux Virtual Machine on Mac?==

VirtualBox is a type of freeware to download virtual machines and for this instance, it will be for any Mac OS. We will be using VirtualBox and Ubuntu Desktop.

===VirtualBox Installation===

1.	Follow the VirtualBox link and download: [https://www.virtualbox.org/ VirtualBox Download] 

 
[[File:1.jpg|500px]] 


2.	After opening the file and following the pop-up windows open VirtualBox

 
[[File:2.jpg|500px]]


3.	Click on <big>'''''NEW'''''</big>,  which is a blue button 
 

[[File:3.jpg|500px]]


4.	In <big>'''''Name and Operating System'''''</big>, choose <big>'''''Linux'''''</big> for type of installation



5.	Select the version of Linux you would like to use and then hit continue 
 

[[File:4.jpg|500px]]


6.	In <big>'''''Memory Size'''''</big>, choose the suggested minimum memory size and then hit continue 

 
[[File:5.jpg|500px]]


7.	In <big>'''''Hard Disk'''''</big>, choose <big>'''''Create a virtual hard disk now'''''</big> option and click create 

 
[[File:6.jpg|500px]]


8.	Hard <big>'''''Disk File Type section'''''</big> you must choose <big>'''''VDI (VirtualBox Disk Image)'''''</big> and hit continue 

 
[[File:7.jpg|500px]]


9.	In <big>'''''Storage on Physical Hard Disk'''''</big>,  choose <big>'''''Dynamically Allocated'''''</big> 

 
[[File:8.jpg|500px]]


10.	Select a <big>'''''file size and location'''''</big> and hit create. 

 
[[File:9.jpg|500px]]	



[[File:10.jpg|500px]]	 


These steps are only for the VirtualBox Installation.

===Ubuntu Installation and Use===




1.	Follow the Ubuntu link and download: [https://ubuntu.com/download/desktop Ubuntu Download] 


[[File:11.jpg|500px]]

 
2.	In <big>'''''settings, under Security & Privacy'''''</big>, choose <big>'''''General'''''</big>, unlock the <big>'''''“make changes” padlock'''''</big> and put your password in. At the bottom of the 
pop-up window it will say <big>'''''“System Software from Developer ‘Oracle America, Inc.’”'''''</big>  Click allow, lock the <big>'''''“make changes”'''''</big> padlock and 
proceed back to VirtualBox'''''</big> 

 
[[File:12.jpg|500px]]


3.	Select the <big>'''''Virtual Box Manager'''''</big>, and choose start 

 
[[File:13.jpg|500px]]


4.	Click on the yellow File Icon and it will prompt a new window 



5.	In the new window select <big>'''''Add'''''</big> at the top left



6.	Search for your <big>'''''Ubuntu Download'''''</big> and open the file 



7.	Choose the Ubuntu Download and press <big>'''''Start'''''</big> 

 
[[File:14.jpg|500px]]


8.	Select the <big>'''''language'''''</big> and click continue  


[[File:15.jpg|500px]] 


9.	Choose the <big>'''''keyboard layout'''''</big> 


[[File:16.jpg|500px]] 


10.	The next window allows you to <big>'''''select between normal and minimal installation'''''</big>. In general if you are using the regular applications select 
<big>'''''Minimal'''''</big>, if you are preloaded games, media players, and utilities go for the <big>'''''Normal'''''</big>.  


[[File:17.jpg|500px]] 


11.	It recommendable to select in the installation type <big>'''''“Erase disk and install Ubuntu”'''''</big> if you are a beginner and <big>'''''Click on Install Now'''''</big> button 
prompts the permission to create an automatic partition table 

 
[[File:18.jpg|500px]]


12.	 Make the selection on the <big>'''''time zone'''''</big>

 
[[File:19.jpg|500px]]


13.	Pick a <big>'''''name and password'''</big> and click in <big>'''''continue'''''</big> and the installation will start 

 
[[File:20.jpg|500px]]


14.	The files will begin to copied in the computer 

 
[[File:21.jpg|500px]]


15.	When the application is completed, a pop up of confirmation will appear asking <big>'''''restart the computer'''''</big> 

 
[[File:22.jpg|500px]]


16.	 After restarting the computer, you will see the <big>'''''Ubuntu desktop'''''</big> 

 
[[File:23.jpg|500px]]





<big>'''Settings adjustment'''''</big> 


1.	In the VirtualBox application choose your virtual machine and choose settings. 



2.	Adjust your display however you please and click <big>'''''“ok”'''''</big> to save into your virtual machine. 




<big>'''''Set-up in VM'''''</big>



1.	The Linux Virtual Machine will prompt you to make a username and password.



2.	After creating your username and password you will be able to use the Linux VM freely.

[https://kt.limaderan.co.ua/%eb%82%a8%ec%9e%90-%ec%b9%b4%ed%86%a1-%ed%94%84%ec%82%ac-%ec%9c%a0%ed%98%95-/ 이다 지 미드 누나 슬로우모션 Gif]