Tuesday, December 25, 2012

How to Implement Reverse Proxy With Mod Security



This post is related to the project that i did with Mod_Security & Reverse Proxy , you can refer to this post that i already describe the details of "How To Install Mod_Security On Apache(Ubuntu 12.10) Step By Step Tutorial For Beginners".
In this post i will give the example configuration for the "reverse proxy" of the same project that i mention above:

First you need to run following command to install and enable the Reverse Proxy.
sudo a2enmod proxy proxy_http

Now you have to go to the following path for changing the configuration of the reverse proxy.
/etc/apache2/sites-available.

Change the content of file with following lines:

<VirtualHost *:80>
        ServerAdmin administrator@myexample.net
        ServerAlias www.myexample.net
        ServerName myexample.net

        ErrorLog /var/log/apache2/example-error.log

        LogLevel info
        CustomLog /var/log/apache2/example-access.log combined
         
        ProxyPreserveHost On
        ProxyRequests off
        # Allow from everywhere
        <Proxy *>
                Order deny,allow
                Allow from all
        </Proxy>
       # Send all requests to port 1122
ProxyPass /audit !
        ProxyPass / http://10.10.150.4:80/
        ProxyPassReverse / http://10.10.150.4:80/
</VirtualHost>

This configuration will get any request on port 80 and forward them on http://10.10.150.4:80. And as  we had a php script inside this machine and we need to open that from this machine not the destination machine so we need to make a exception for that directory. "ProxyPass /audit !" will stop reverse proxy to forward requests related to /audit/ directory to the destination machine and will run it from the current machine!

Now by running the following command restart the Apache to changes take effect:
sudo service apache2 restart

And this is the video of this project that i describes the details about how this project works.
http://www.youtube.com/watch?v=o3-KDD7TSrA

Monday, December 10, 2012

An Easy Way To Learn AES Cryptography Algorithm


Today I want to write about AES cryptography algorithm also known as "Rijndael". AES stands for Advanced Encryption Standard and its developed by U.S. National Institute of Standards (NIST) in 2001
The first following video will clearly shows how AES algorithm works, 

video

In my point of view the hardest part is the Mix Column part, here i will give you more detailed information to how to solve this part.

For example if you have this two table (on the left and center) and want to calculate the result (on the right):

63
C0
FE
9C
.



 *

02
03
01
01
01
02
03
01
01
01
02
03
03
01
01
02



 =

FF
7D
FB
B8
S’0,c = ({02}.63) ({03}.C0) FE 9C
S’1,c = 63
({02}.C0) ({03}.FE) 9C 
S’2,c = 63 C0 ({02}.FE) ({03}.9C) 
S’3,c = ({03}.63) C0 FE ({02}.9C)

so basically for calculation of S'0,c we need to do four multiplies :
  1. one multiply by 2
  2. one multiply by 1
  3. one multiply by 1
  4. one multiply by 3
before starting describing the details i suggest you to use windows calculator for your calculation, after running the calculator go to "View" menu and choose "Programmer". It will help you to get hexadecimal or binary or calculating the xor and left shift!


  • For those that are multiply by 1 you just need to leave them alone! (for example in S'0,c calculation you just leave FE  or  9C )
  • For calculating those that are multiplied by 2 you need to do the following (example ({02}.63)):
  1. convert it to binarey (for example   63 = 1100011 ) 
  2. in case the result is less than 8bits like above example add 0 bits on the left side until it become 8bits 01100011.
  3. now do one left shif on 01100011 so the result will be 11000110 ( all the times a zero will come in from right side)
  4. If in previous stage you lost a "zero" from left just skip this stage but if you lose a "one" from left side you have to xor the result from stage3 to 00011011 (this is a fixed number! and not related to this example . So again if you lost a 1 on left shift you have to XOR the result of left shift with 00011011 
        *** as we miss a zero in left shift in our example so we don't need to perform the last stage and the result of above example is  11000110


  •  For calculating those that are multiplied by 3 you need to do the following (example  ({03}.C0) ):
  1. its the same as calculation for multiply by two but has a small stage at the end  and that stage is you have to XOR the result with the original value binary.
    example: ({03}.C0)
    C0=11000000   (original value in bin)
    11000000 <<   =  1000 0000   ( we do a left shift  and we lost a 1 from left side)

    10000000 ⊕ 00011011 = 10011011   (now we will xor with fix number of 00011011 because in previous stage it lost a 1 on the left)
    10011011 ⊕ 1100 0000 =  01011011  ( now we xor the result with the original value that we had at the first)
    so final result is  01011011


now we need to XOR the result of multiplications...

FE= 11111110
9C= 10011100
1100 0110 ⊕ 0101 1011 ⊕ 1111 1110 ⊕ 1001 1100 = 1111 1111 = FF

and below is another example:



And later if you want to double check you results you can check the AES algorithm results in any round by following tool(round 1, round2 , ... round10), This program will ask for a state of key and state of plain text and in result it will calculate the result in all rounds and show in the charts.
Click here to Download the tool

Social Networks Sharing