In this chapter, we have covered a lot of stuff to do with PyCrypto
, a couple of basic encoding methods, and a whole bunch of philosophical encryption musings. We have looked at the basic concepts of hashes, stream ciphers, substitution ciphers, and transposition ciphers. We have pointed out flaws in methods of encryption as well as flaws in implementation. I really enjoyed this chapter, it was a bit painful to write and required a reasonable amount of research, but I think it was fairly rewarding all round.
The next and final chapter deals with the creation of full-size deployments. We're going to go through how to set up a full assault course in two examples. One will be a chained example, where the aim is to compromise each box in turn in an attempt to get deeper into the network. The other exercise is representative of a standard penetration test, with multiple servers present on a network. The aim for the second exercise will be to identify all present vulnerabilities and report...