I welcome back to the course. So we just wrapped up our module on cryptography so much of 17
but on our digital forensics hat, and then we're gonna analyze a couple of photos to see visual differences. Now, we're gonna use a return also has calculator.
And the main requirement for this lab is you need a Windows environments whether you do that through the cyber lab environment or if you have a Windows machine of you have a virtual windows machine set up, and that's the preference either one of those is gonna work for You just need a window's environment for these particular tools.
So a quick pre assessment,
we're gonna go ahead and just get that knocked out of the way, and then we'll get on with our lab.
So question number one water hashes. So, which which one of these are They are the two way are the four way Are they one way? Are they eight ways?
If you guessed? Answer. See, You're correct. Hashes are one way functions.
So question number two passes could be used to do what?
All right. If you guessed a you're absolutely correct. Hashes could be used to verify file integrity, and that's kind of the main reason behind. So, for example, when you download a file, if you can pull a hash of the the websites giving you a hash saying yes, this is what the original file's hash is, and then you compare it to the download you got and those match up. You're good to go
if they don't match up than that usually means something's been altered, whether it's nefarious or not. But something's been altered in it.
So again, a hash is just unique numerical string that's created by hashing algorithm and it's used verified data integrity.
So in part, one of this lab wanna download a couple of tools that we're gonna use in the lab and part two, we're gonna get everything set up as faras photos. And then again in Part three, we're gonna actually analyze the photos. So let's go ahead and get started.
So you're a pardonable one winter installs tool. So we've logged into our Windows machine, and we're gonna open a Web browser already have Google Chrome opened here, and you can use whichever Web browser you want to.
So next we're gonna search for hashtag first, that'll be the first tool we go get. So let's go and do that. We're gonna type in hash Coke altogether,
then just hit the enter key.
So it's gonna be this top one or somewhere near the top. Here is gonna be Slava soft. That's gonna be the link you want and you'll see in the lab document here. I have that length for you. So you can also just click on that if you want to. If you're working on your local machine
so we're gonna go ahead and click on that website,
gonna pull out up for us here, and we're gonna click on the downloads link right at the top here. So let's go ahead and do that.
So the next step of her lab after we click on downloads, we want to screw on the page until we actually get to the free software download section, and then we're going to see the hash Coke that we want. So let's go and do that. So we're just gonna scroll down and we actually want to scroll too far. It's right here.
Once we find it, we're just gonna cook the download link there and it's going to start down there to get for us.
You see a download since it filed for us.
So all we're gonna do once the downloads as it file, we're gonna select the show and folder option that we're just gonna right click on that
particular file and extract the files.
So let's go ahead and do that. We're just gonna click in here and then Chauhan folder
Next, we're going to right click on it and extract the files.
You see, I've got the wind, Ross. I've got a little different option than you. If you just got regular windows running and you, you'll just right click extracted files and it'll show you the path and everything and extracting for you. So I'm gonna say okay to that There.
So now you see that it's extracted the hash scalp folder for me.
So I'm just gonna double click on that and then I'll see a setup file in there. So we're right here in our lab. So we see the hash out folder and now we're double clicked on it. And now we see set up Don t x c.
So we're gonna go ahead and double click on that.
And we're going to see the user account control pop up. We're just going to say yes to that. So let's go and do that Now. We're just gonna double click on that.
We see the USC, we're just gonna click Yes to that.
And now it's gonna launch a task Elk installation wizard for us.
So here we are, right here. So now we're gonna click next and then accept the license agreement, and then basically, we're gonna leave all the default settings and click next all the way through until we get to the install button. So let's go and do that. So next
except the license agreement. You're welcome to read that if you want to,
they were just gonna click on next and again. We're just keeping all these defaults all the way through. You see, it defaults to create a desktop icon. That's fine with us.
We're gonna say next and then we'll hear were installed. So let's click on install, and it's gonna go ahead, install the tool for us.
Step 19 here. We want to actually unchecked. Both of you read me file and the launch Haskell check boxes because we need to go get our other tools. Well,
so let's unchecked those. And then we're gonna select finish,
you'll see on my desktop screening arrive hash talc there. I already had it installed. So doesn't create a new shortcut or anything. So I already have hash coke there
so we can go ahead and closer downloads window. We'll come back for a Web browser. So now let us go back to our search box here, and we'll grab our other tool.
So we're gonna search for R h X D hex editor. That's what we want. And it's gonna be this link here,
ex editor. That should pull it up for us. You'll see here. It's a top option there, so I'm just gonna actually x out here to clear out the hash Coke one.
So his top option Just click on that.
It's gonna open up that Web page for us, and then we're basically just gonna scroll on the page until we come to the latest version release of this particular tool and for Microsoft windows. So this scroll down here
school just a little bit further and you'll see here we have the latest version for our version of Windows, which I'm running Windows 10 and basically the later versions. And we see that this is version 2.1, and it was released just a week or two ago from the filming of this video, actually, two weeks ago.
And so once we find that, we're just gonna click on this download page link right here.
I was gonna redirect us to the downloads page.
Okay, so now we want to click on where says download per https for the English version.
All right, so we're gonna go ahead. Download that now What? You notice years, it's got the shot. One hash for us. We're gonna check that in just a little bit,
so just download it.
It's gonna download the zip file for us. Might take a moment or so. Let's move on to the next step of our lab. So again, I mentioned we see the shot. One hash calculation. We're gonna check that for the downloadable file just to make sure it matches up.
So this if I was gonna download and then what we're gonna do after we download that we're in a double click on hash Coke the tool we just downloaded and installed. And then we're gonna open that up and we're to compare the hash of the ZIP file we just downloaded with the one that's provided for us on the website.
downloaded that. We're gonna leave that alone for right now. We're gonna come over here to our hash Falcon. Just double click on that.
Take a moment, so it's gonna open it up for us. Now, don't get don't worry about too much what we're doing here, all we're gonna we're gonna go over this a lot more in detail when we actually do our photos. But go ahead and click these three little dots Here you have your boss's shows find file. Go and click on that,
and it's gonna give us the downloads link. We want to click on the H X D. Set up. That is it. That's the one. We just download it and then just click on open there.
And then once we do that, that basically loads the file. We're gonna click on Calculate. So we want to look at this show one right here. And just compare that to what we see on the website here for the English version. So we're gonna compare this one
to the one we have in our hash calculation. So let's take a look at that. Uncheck that there.
So see, seven to be eight sees me a 64
so see seven to be a 64 that matches up so far. So then we have e d 219
e d 219 That matches up
e b 80 BC Then we have f 44040 We have f 440 for zero that we have e f 6514
He f 6514 that we have B 79 a
be 798 and then we have 1 98 119 d A one So we see the hashes match up. So we know that nothing's happened to this file since has been posted on the Web site so we can go ahead and close our hashtag right now. Now we're gonna go back to H X D, and we're just gonna click on it and say showing folder.
Okay. So again, we compared our hash is. And we found that Yes, they do match. So what is putting? Yes, there.
So now we're a step 32. So we with clothes, hash, coke. And then now we've opened the downloads folder where the HX tea set up file is
So we're gonna do the same thing we're going to right? Click and extract it.
No, I'm actually gonna extract this to the desktop,
so I'm gonna right click, and then I'm gonna extract mine. When I do extract files, I'm gonna just navigate to the desktop
so I already got the installer on there, but I'm just going to say yes to go and replace it just so we can walk through that process.
All right, so let's move on with her lab.
So now we're gonna double click on the installer for HX D and get that installed. Now it's gonna give us the same USC prompt again. We'll just say yes to that.
Okay, so just double click on it wherever you have it at,
and it's gonna give us a USC user account control pop up. We're just going to say yes to that. They're just gonna take us to the installer, so it's gonna give us a pop up asking what language we want first.
So we're gonna go ahead and choose English. So you see, right here it's Step 37.
We're gonna choose English, and then just select, okay?
And it'll actually launched the installer.
So now we're gonna click on next and then accept license agreement, and then we're gonna basically use the default options all the way through and click next until we get to the select additional task window
in that one. No, we're just gonna check the box that created that stop short cut. So next
except the agreement. You're welcome to read through that. If you want to just say next
next, all the way through here.
So at this window here, we want to make sure which use created desktop shortcut. Sometimes it'll be checked. Sometimes it won't. So go ahead. Just click next now
and then just cook the install button that'll start installing it for us.
All right, So we clicked. Install. Now we want we want to do a similar things we did with hashtag. We want uncheck the view re meet dot text file and also the launch attacks Editor file.
Let's go ahead and check those,
and then we're just gonna click on finish. So now we've got it installed. Here we see a shortcut on her desktop.
All right, so we can close our browser window now. We can also close it. Downloads window if you have that open.
All right. So you see here, we've got the tools we need to move on to step two of the lap. So again, in this video, we just went over installing the tools we need it. And the next video, we're gonna actually set up the photos that you need for the lab and then send us part three word and go ahead and actually analyze those photos.