Home
Search results “Cryptoapi certificate store in windows”
mimikatz :: crypto :: export non exportable certificates & RSA keys
 
01:48
How to use mimikatz and its crypto module to export non exportable certificates & RSA keys. Support CryptoAPI and CNG (CNG patch requires admin rights, not for the export) Downloads : http://blog.gentilkiwi.com/mimikatz
Views: 17100 Benjamin Delpy
SSL Certificate Error Fix
 
03:01
This is a tutorial on how to fix the ssl error or 107 error,in google applications.
Views: 647603 Ilya Novickij
How To Fix Invalid SSL Certificate In Steam
 
03:03
Hi Guys, I Wanna Show You "How To Fix Invalid SSL Certificate In Steam" Please Share, Like, And Subscribe Me If This Video Helped You. Thx. ====================================================== Add Me At Steam: http://steamcommunity.com/id/legendaryarthur/ ENTER ARTHURMASS ON CSGOWHEEL.COM TO GET 100C
Views: 28791 decoyout
How to create, list, or destroy virtual smart cards on Windows
 
05:45
Recommended: turn on CC (closed captioning) in this video! If your computer has a Trusted Platform Module (TPM) chip, and if it is enabled in the BIOS, then you can leverage some of the benefits of smart card security by creating a PIN-protected virtual smart card, which lives on the TPM in a protected memory space, similar to an expensive Hardware Security Module (HSM). You can use your enabled TPM to securely store a virtual smart card which can safely contain sensitive information, such as private keys from an RSA key pair. This video explains how to create, list, or destroy a virtual smart card (VSC) on Windows 10. IMPORTANT: Administrator privileges are required. Note #1: The "Admin Key" must be a 48-character hex-encoded value. Do NOT copy the admin key in this video; there's nothing magic or special about it. Just do a Google search for "convert plain text to hex". Type in any 24-character string of your choice in plain text, convert those 24-characters from plain text into hex, and then remove any spaces in the converted text. You should now have 48 characters of hexidecimal text, which you can use for the admin key. Note #2: The PIN Unlock Key (PUK) is useful whenever the virtual smart card is locked due to a user inputting an incorrect PIN too many times. If there is a lock, it is temporary, but you can input the PUK at that time to release the lock. Note #3: One practical application of this technology is to enable SSH to connect to a server. The public key would need to be already on the server in the "authorized_keys" file. The private key, in this case, would be safely protected in the TPM and unavailable for reading or copying or brute-forcing. The way you can access the private key in order to SSH to the server is to use software that leverages the Windows crypto API. Instead of using a program like PuTTY (which requires the path to a private key on the hard drive), use a patched version of PuTTY known as PuTTYWinCrypt (which can use Windows crypto APIs to access the private key on a specified virtual smart card). Below is the text that is used in the video. Replace the placeholder X's with your own values: ================================ NAME OF VIRTUAL SMART CARD: XXXXXXXXXXXXXXXX PIN: XXXXXXXXXXXXXXXX ADMIN KEY (must be a 48-character hex-encoded value): XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX PUK: XXXXXXXXXXXXXXXX COMMAND TO CREATE A VSC (using name of the virtual smart card above): tpmvscmgr.exe create /name "XXXXXXXXXXXXXXXX" /pin PROMPT /pinpolicy minlen 10 uppercase REQUIRED lowercase REQUIRED digits REQUIRED specialchars REQUIRED /AdminKey PROMPT /puk PROMPT /attestation AIK_AND_CERT /generate LIST ALL VSC's: wmic path win32_PnPEntity where "DeviceID like '%smartcardreader%'" get DeviceID,Name,Status COMMAND TO DESTROY A VSC (using a specific DeviceID): Tpmvscmgr destroy /instance "XXXXXXXXXXXXXXXXXXXXXXXXX" ================================
Views: 1411 Jason McNeill
3.3 Set permissions Domain Computers Web Server certificate template IIS Enrollment Sub CA
 
03:31
https://marvel-it.icu/iiamwad-implementing-identity-and-access-management-in-windows-server-active-directory/set-permissions-domain-computers-web-server-certificate-template-iis-enrollment-sub-enterprise-ca Certificate Templates play the major role in the PKI, with very first episodes of Configuring Active Directory Certificate Services Certificates series; we know how to create, duplicate, as well as to supersede the local user template by using a new template that includes Smart Card Logon. And again, in this part, we will use a CT to serve for another kind of the CA issuance, as well as to fortify our AD CS PKI system. That's "Implement TLS/SSL for the Web Enrollment app." Basically, Web Enrollment is designed to provide an enrollment mechanism for organizations that need to issue and renew certificates for users and computers that are not joined to the domain or not connected directly to the network, and for users of non-Microsoft operating systems. Instead of relying on the auto-enrollment mechanism of a certification authority (CA) or using the Certificate Request Wizard, the Web enrollment support provided by a Windows-based CA allow these users to request and obtain new and renewed certificates over an Internet or intranet connection. It is one of 4 alternatives in the certificate deployment. - Auto-enrollment, in which many types of certificates can be distributed without the client even being aware that enrollment is taking place. - Another method is enrollment through the Automatically Enroll and Retrieve Certificates from the certmgr.msc console. - CNG Application Programming Interface (API) in Windows Server 2008/R2/2012, and CryptoAPI in previous versions of Windows Server. -Then there quote s Web Enrollment, which I quote ll specifically present about in this video. [00:19] "Certification Authority Web Enrollment Guidance" - technet.microsoft.com http://bit.ly/CA-Web-Enroll-guide-TN By utilizing a web app in a secure system, we must ensure it is reliable too; there are no excuses to let a single component ruin this complex PKI collapse. It's also a spirit of the HTTPS which leverages advantages of TLS/SSL technologies; a web app must be protected, encrypted in all of its pieces. So that we must configure the IIS service on the server which is designated to provide Web Enrollment app to end users, to deploy SSL in conjunction with HTTP servicing, that is HTTPS. That's one of the best practices in the PKI architect because MITM attacks are popular, silently under-the-hood, and the consequences are worst. [00:31] Moreover, since Windows Server 2008 R2, this is a mandatory process: "In order to complete certificate enrollment, the Web site for the CA must be configured to use HTTPS authentication." As always, let's configure the Certificate Template, Web Server in this case on the Enterprise Subordinate CA so that Web Enrollment server (the Sub CA itself in this virtual lab) can request a certificate which contains the Server Authentication object identifier (OID): 1.3.6.1.5.5.7.3.1. [00:31] Active Directory Certificate Services (AD CS): Error: "In order to complete certificate enrollment, the Web site for the CA must be configured to use HTTPS authentication" - social.technet.microsoft.com http://bit.ly/ADCS-error-complete-Web-HTTPS-TN Open up Certificate Authority certsrv console from the Subordinate Enterprise CA Windows Server 2008 then Certificate Templates Console by select Manage on the right click menu of the Certificate Templates section. [00:39] "Enabling HTTPS on Windows Server 2008/2012 Certificate Authority for Web Enrollment" - petri.com http://bit.ly/enable-HTTPS-CA-Web-Enroll [00:40] In this case, we will utilize the default template Web Server directly instead of a duplicate to get another one as we did in previous examples. Because I want to remark that default templates may have only basic options/features/security policies for their specific functions that advanced demonstrations need more on: extra Application Policies, AD DS-integrated information, etc. Secondly, by design, this Web Server template requires further user's inputs so that custom SAN can be implemented. TechNet: "because user input can be abused by persons with malicious intent, precautions should be taken to mitigate the risks associated with the use of user-defined SANs and protect the integrity of your public key infrastructure (PKI)." That's why held certificates and administrative reviewing procedures are two of the best practices in implementing these kinds of certificate issuances. [00:53] "How to Request a Certificate With a Custom Subject Alternative Name" - technet.microsoft.com http://bit.ly/how-to-request-cert-SAN-custom-TN By using the default template, almost options are greyed out in that Web Server Properties dialog, General tab. Template display name... http://marvel-it.icu Do not forget to LIKE, SHARE, SUBSCRIBE and feel free to ask me questions or discuss with everyone :]
Views: 4 Marvel Thang
Network Security - Use Crypto API to Encrypt and Decrypt
 
14:37
Fundamentals of Computer Network Security This specialization in intended for IT professionals, computer programmers, managers, IT security professionals who like to move up ladder, who are seeking to develop network system security skills. Through four courses, we will cover the Design and Analyze Secure Networked Systems, Develop Secure Programs with Basic Cryptography and Crypto API, Hacking and Patching Web Applications, Perform Penetration Testing, and Secure Networked Systems with Firewall and IDS, which will prepare you to perform tasks as Cyber Security Engineer, IT Security Analyst, and Cyber Security Analyst. course 2 Basic Cryptography and Programming with Crypto API: About this course: In this MOOC, we will learn the basic concepts and principles of cryptography, apply basic cryptoanalysis to decrypt messages encrypted with mono-alphabetic substitution cipher, and discuss the strongest encryption technique of the one-time-pad and related quantum key distribution systems. We will also learn the efficient symmetric key cryptography algorithms for encrypting data, discuss the DES and AES standards, study the criteria for selecting AES standard, present the block cipher operating modes and discuss how they can prevent and detect the block swapping attacks, and examine how to defend against replay attacks. We will learn the Diffie-Hellman Symmetric Key Exchange Protocol to generate a symmetric key for two parties to communicate over insecure channel. We will learn the modular arithmetic and the Euler Totient Theorem to appreciate the RSA Asymmetric Crypto Algorithm, and use OpenSSL utility to realize the basic operations of RSA Crypto Algorithm. Armed with these knowledge, we learn how to use PHP Crypto API to write secure programs for encrypting and decrypting documents and for signing and verify documents. We then apply these techniques to enhance the registration process of a web site which ensures the account created is actually requested by the owner of the email account. Develop Secure Programs with Crypto API In this module, we learn how to use Crypto API to write secure programs for encrypting and decrypting documents, and for signing and verify documents. We then apply the techniques to enhance the registration process of a web site which ensures the account created is actually belonging to the owner of the email account the request profile. Learning Objectives • Develop secure programs with Crypto API for encryption, authentication, and integrity checking • Enhance the registration process of the web site by using the crypto api • Create and utilize the Crypto API to sign and verify documents Subscribe at: https://www.coursera.org
Views: 218 intrigano
Hacks Weekly #22: CQURE’s Discovery in Data Protection API
 
08:33
In this episode of CQURE Hacks Weekly we’re sharing our important discovery within Data Protection API NG (New Generation). If you want to learn how to decrypt a password from PFX files and more... watch the tutorial! https://cqureacademy.com/blog/windows-internals/data-protection-api
Views: 1224 CQURE Academy
C# encrypting and decrypting using AES CBC, safe storing the encrypted data
 
18:24
In this tutorial i'm going to show you how to encrypt, decrypt data using AES(Advanced Encryption Standard), and storing the encrypted data in safe place. Source code: https://drive.google.com/file/d/0BxW01l6w6JYfd1pTZVBjaWxhWEU/view?usp=sharing
Views: 59013 Dawisko1
Cunning With CNG: Soliciting Secrets From Schannel
 
46:38
by Jake Kambic Secure Channel (Schannel) is Microsoft's standard SSL/TLS Library underpinning services like RDP, Outlook, Internet Explorer, Windows Update, SQL Server, LDAPS, Skype and many third party applications. Schannel has been the subject of scrutiny in the past several years from an external perspective due to reported vulnerabilities, including an RCE. What about the internals? How does Schannel guard its secrets? This talk looks at how Schannel leverages Microsoft's CryptoAPI-NG (CNG) to cache the master keys, session keys, private and ephemeral keys, and session tickets used in TLS/SSL connections. It discusses the underlying data structures, and how to extract both the keys and other useful information that provides forensic context about connection. This information is then leveraged to decrypt a session that uses ephemeral key exchanges. Information in the cache lives for at least 10 hours by default on modern configurations, storing up to 20,000 entries for client and server each. This makes it forensically relevant in cases where other evidence of the connection may have dissipated.
Views: 399 Black Hat
Windows 10 Universal Apps - Cryptographic App
 
12:59
Website : http://www.edmtdev.com Guide to Writing an encryption application based on the coding system is provided by .NET Link Project : http://ouo.io/stFxJM Windows 10 development, Windows 10 development for absolute beginners, Windows 10 development tutorial, Windows 10 app development tutorial, Windows phone 10 development, Windows 10 application development, Windows 10 mobile development, Windows 10 game development, Windows 10 iot development
Views: 456 EDMT Dev
Java prog#129. How to encrypt and decrypt data in Java Part 1
 
10:17
------------------Online Courses to learn---------------------------- Java - https://bit.ly/2H6wqXk C++ - https://bit.ly/2q8VWl1 AngularJS - https://bit.ly/2qebsLu Python - https://bit.ly/2Eq0VSt C- https://bit.ly/2HfZ6L8 Android - https://bit.ly/2qaRSAS Linux - https://bit.ly/2IwOuqz AWS Certified Solutions Architect - https://bit.ly/2JrGoAF Modern React with Redux - https://bit.ly/2H6wDtA MySQL - https://bit.ly/2qcF63Z ----------------------Follow--------------------------------------------- My Website - http://www.codebind.com My Blog - https://goo.gl/Nd2pFn My Facebook Page - https://goo.gl/eLp2cQ Google+ - https://goo.gl/lvC5FX Twitter - https://twitter.com/ProgrammingKnow Pinterest - https://goo.gl/kCInUp Text Case Converter - https://goo.gl/pVpcwL -------------------------Stuff I use to make videos ------------------- Stuff I use to make videos Windows notebook – http://amzn.to/2zcXPyF Apple MacBook Pro – http://amzn.to/2BTJBZ7 Ubuntu notebook - https://amzn.to/2GE4giY Desktop - http://amzn.to/2zct252 Microphone – http://amzn.to/2zcYbW1 notebook mouse – http://amzn.to/2BVs4Q3 ------------------Facebook Links ---------------------------------------- http://fb.me/ProgrammingKnowledgeLearning/ http://fb.me/AndroidTutorialsForBeginners http://fb.me/Programmingknowledge http://fb.me/CppProgrammingLanguage http://fb.me/JavaTutorialsAndCode http://fb.me/SQLiteTutorial http://fb.me/UbuntuLinuxTutorials http://fb.me/EasyOnlineConverter Password Encryption.java JAVA ENCRYPTION/DECRYPTION PROGRAM HELP Encrypting and Decrypting Java Cryptography using Java in Netbeans IDE Cryptography using Java in Netbeans IDE Java Cryptography APIs Cryptography Encrypting and Decrypting a text file in java
Views: 105197 ProgrammingKnowledge
Features new to Windows XP
 
01:57:56
Windows XP introduced many features not found in previous versions of Windows. This video is targeted to blind users. Attribution: Article text available under CC-BY-SA Creative Commons image source in video
Views: 669 Audiopedia
DEF CON 24 - Jake Kambic - Cunning with CNG: Soliciting Secrets from Schannel
 
41:17
Secure Channel (Schannel) is Microsoft's standard SSL/TLS Library underpinning services like RDP, Outlook, Internet Explorer, Windows Update, SQL Server, LDAPS, Skype and many third party applications. Schannel has been the subject of scrutiny in the past several years from an external perspective due to reported vulnerabilities, including a RCE. What about the internals? How does Schannel guard its secrets? This talk looks at how Schannel leverages Microsoft's CryptoAPI-NG (CNG) to cache the master keys, session keys, private and ephemeral keys, and session tickets used in TLS/SSL connections. It discusses the underlying data structures, and how to extract both the keys and other useful information that provides forensic context about connection. This information is then leveraged to decrypt session that use ephemeral cipher suites, which don't rely on the private key for decryption. Information in the cache lives for at least 10 hours by default on modern configurations, storing up to 20,000 entries for client and server each. This makes it forensically relevant in cases where other evidence of connection may have dissipated. Bio: Jake Kambic is a DFIR researcher and network penetration tester
Views: 1351 DEFCONConference
Encryption and Decryption of Data in C#.net Visual Studio 2013
 
20:04
In this tutorial I will show you how you can use cryptostream and Rijandial Algorithm for encryption and decryption of data in C#.net programming. If you have any questions feel free to leave a comment. Thanks for watching :) -~-~~-~~~-~~-~- Please watch: "How to use android glide library to efficiently load images in your android application" https://www.youtube.com/watch?v=FOYdcq86NpU -~-~~-~~~-~~-~- keywords: md5 encryption c#.net sha1 encryption c#.net encryption using c#.net aes encryption c#.net url encryption c#.net blowfish encryption c#.net encryption c# asp.net encryption decryption c#.net encryption algorithms in c#.net encryption code in c#.net encryption c#.net md5 encryption c# asp.net c# net encryption and decryption c# .net aes encryption example c# net aes encryption c# .net asymmetric encryption c# .net des encryption c# .net data encryption c# .net encryption example c# .net file encryption encryption in c#.net encryption decryption in c#.net encryption method in c#.net encryption string in c#.net encryption class in c#.net encryption in asp.net c# pgp encryption in c#.net md5 encryption in c#.net symmetric key encryption c# .net asp net c# md5 encryption encryption of password in c#.net c# .net password encryption c# .net pgp encryption c# .net rsa encryption c# .net rijndael encryption rc4 encryption in c#.net asp.net c# rsa encryption c# .net simple encryption c# .net string encryption .net c# symmetric encryption xor encryption in c#.net aes 256 encryption c#.net c# aes encryption .net 2.0 c# .net 3des encryption c# .net 4.5 encryption encryption and decryption in c#.net decryption in c#.net decrypt md5 c#.net password encryption and decryption in c#.net aes encryption and decryption in c#.net md5 encryption and decryption in c#.net simple encryption and decryption in c#.net image encryption and decryption in c#.net file encryption and decryption in c#.net string encryption and decryption in c#.net encryption and decryption in c#.net decryption in c#.net decrypt md5 c#.net password encryption and decryption in c#.net aes encryption and decryption in c#.net md5 encryption and decryption in c#.net simple encryption and decryption in c#.net image encryption and decryption in c#.net file encryption and decryption in c#.net string encryption and decryption in c#.net encryption and decryption in c#.net decryption in c#.net decrypt md5 c#.net password encryption and decryption in c#.net aes encryption and decryption in c#.net md5 encryption and decryption in c#.net simple encryption and decryption in c#.net image encryption and decryption in c#.net file encryption and decryption in c#.net string encryption and decryption in c#.net encryption and decryption in c# asp.net encryption and decryption in c#.net aes encryption and decryption in c#.net md5 encryption and decryption in c#.net simple encryption and decryption in c#.net image encryption and decryption in c#.net file encryption and decryption in c#.net string encryption and decryption in c#.net data encryption and decryption in c#.net rsa encryption and decryption in c#.net data encryption and decryption in c#.net encryption and decryption in c#.net password encryption and decryption in c#.net aes encryption and decryption in c#.net md5 encryption and decryption in c#.net simple encryption and decryption in c#.net image encryption and decryption in c#.net file encryption and decryption in c#.net string encryption and decryption in c#.net data encryption and decryption in c#.net rsa encryption and decryption in c#.net decrypt aes - c# .net from openssl file encryption and decryption in c#.net xml file encryption and decryption in c#.net encryption and decryption in c#.net decryption in c#.net password encryption and decryption in c#.net aes encryption and decryption in c#.net md5 encryption and decryption in c#.net simple encryption and decryption in c#.net image encryption and decryption in c#.net file encryption and decryption in c#.net string encryption and decryption in c#.net data encryption and decryption in c#.net md5 encryption and decryption in c#.net md5 decryption in c#.net c# .net pgp decryption password encryption and decryption in c#.net rsa encryption and decryption in c#.net rc4 decryption in c#.net simple encryption and decryption in c#.net string encryption and decryption in c#.net xml file encryption and decryption in c#.net
Views: 22146 Software Dev
Encrypt/Decrypt Files in C#
 
08:04
Source Code Project http://microify.com/1Tgn
Views: 13592 Melardev
DEF CON 21 - Neil Sikka - EMET 4 0 PKI Mitigation
 
38:58
EMET 4.0 PKI Mitigation NEIL SIKKA SOFTWARE SECURITY ENGINEER, MICROSOFT Microsoft EMET is a free Mitigation tool. In addition to its memory corruption exploit mitigations, a newly introduced feature is the PKI mitigation. This mitigation implements x509 certificate pinning to prevent usage of forged certificates in HTTPS sessions in the web browser. This talk is technical as it demos EMET in action and explains how the PKI mitigation works. Neil Sikka (@neilsikka) is a computer security enthusiast and researcher. He works at Microsoft on MSRC (Microsoft Security Response Center) as a Software Security Engineer where he analyzes 0day exploits and other security vulnerabilities in any Microsoft software, and develops security tools such as EMET. In addition to his security research at work, he also likes to do security research on his free time at home on nights and weekends. He has a technical blog where he posts his security research (http://neilscomputerblog.blogspot.com/). facebook.com/neilsikka Materials: https://www.defcon.org/images/defcon-21/dc-21-presentations/Sikka/DEFCON-21-Sikka-EMET-4.0-PKI-Mitigation-Updated.pdf
Views: 814 DEFCONConference
DEF CON 24 - Jake Kambic - Cunning with CNG: Soliciting Secrets from Schannel
 
41:17
Secure Channel (Schannel) is Microsoft's standard SSL/TLS Library underpinning services like RDP, Outlook, Internet Explorer, Windows Update, SQL Server, LDAPS, Skype and many third party applications. Schannel has been the subject of scrutiny in the past several years from an external perspective due to reported vulnerabilities, including a RCE. What about the internals? How does Schannel guard its secrets? This talk looks at how Schannel leverages Microsoft's CryptoAPI-NG (CNG) to cache the master keys, session keys, private and ephemeral keys, and session tickets used in TLS/SSL connections. It discusses the underlying data structures, and how to extract both the keys and other useful information that provides forensic context about connection. This information is then leveraged to decrypt session that use ephemeral cipher suites, which don't rely on the private key for decryption. Information in the cache lives for at least 10 hours by default on modern configurations, storing up to 20,000 entries for client and server each. This makes it forensically relevant in cases where other evidence of connection may have dissipated. Bio: Jake Kambic is a DFIR researcher and network penetration tester
Views: 31 Security Hub