Welcome to The Forum

Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to

existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile

and so much more. This message will be removed once you have signed in.

Active Hackers

The best community of active hackers. This community has been working in hacking for more than 10 years.

 

Hacker Forum

Hacker from all countries join this community to share their knowledge and their hacking tools

    Hacking Tools

    You can find thousands of tools shared by hackers. RAT's, Bot's, Crypters FUD, Stealers, Binders, Ransomware, Mallware, Virus, Cracked Accounts, Configs, Guides, Videos and many other things.

      PRIV8

      Become a Priv8 user and access all parts of the forum without restrictions and without limit of download. It only costs 100 dollars, and it will last you for a lifetime.

      Read Rules

      In this community we follow and respect rules, and they are the same for everyone, regardless of the user's rank. Read the rules well not to be prohibited.

      Sign in to follow this  
      Followers 0
      dEEpEst

      "Dream Formula" Second Generation | The First Office 0day Vulnerability (CVE-2018-0802) Analysis Revoked by Microsoft in (data Exploit 2018-01-10)

      By dEEpEst, in Bugs & Exploits

      Recommended Posts

      dEEpEst    34,352

      dEEpEst
      Staff
      Posted

      Introduction

      The Microsoft Security Patch of January 2018 fixes the Office 0day vulnerability (CVE-2018-0802) captured by the 360 Core Security Advanced Threat Response Team. This vulnerability affects almost all versions of Office that Microsoft currently supports.This is the second outbreak of high-level threats using zero-day loopholes since 360's first global interception of the Office 0day vulnerability (CVE-2017-11826).The 360 core security team has been actively communicating with Microsoft and working together to promote the repair of the 0day loophole so that the vulnerability can be properly resolved before disclosure of vulnerability information.The technical principle of the vulnerability is similar to the 17-year-old "Dream Formula" loophole (CVE-2017-11882). It is a re-initiated attack by the hacker using the EQNEDT32.EXE embedded in the office's embedded equation editor. We call it "Nightmare". Formula II (CVE-2018-0802).

      Attack process analysis

      We captured several in-field attacks of "Dream Formula II". The on-the-spot samples were embedded with two formulae objects using Nday and 0day loopholes. At the same time, Nday loopholes can attack unpatched systems, and 0day loopholes attack all patches. The system bypasses the ASLR (Address Randomization) security measures of the CVE-2017-11882 patch, and the attack will eventually implant a malicious remote control program on the user's computer.

      Hidden Content

        Give reaction to this post to see the hidden content.

       

      Figure: "Dream Formula II" in the wild sample attack process

      Vulnerability analysis

      "Dream Formula II" is a patch bypass vulnerability of CVE-2017-11882. The type is stack overflow. The root cause is Microsoft's stack overflow in the "Dream Formula Generation" patch that does not fix the copy of the font FaceName.This vulnerability will only cause a crash on an unpatched version, but it can be perfectly utilized on a patched version.Below we analyze the CVE-2018-0802 vulnerability by poc samples.

      Static analysis

      As with CVE-2017-11882, the trigger data for this vulnerability is within the "Equation Native" stream of the extracted OLE object.The red coiled portion in Figure 1 is core data with a total of 0x99 = 153 bytes.0×08 represents the font tag, followed by 00 01 respectively represents the typeface and style of the font, and the area from 33 to 25 00 is the name of the Font, which is the data copied when the stack overflows.This part of the data contains shellcode, bypass ASLR tricks, process command lines, and related data for padding. We will analyze them later.

       

      Hidden Content

        Give reaction to this post to see the hidden content.

      figure 1

      Equation Native data structure

      According to information published online, the entire "EquationNative" data structure is:

      EquationNative Stream Data = EQNOLEFILEHDR + MTEFData

      MTEFData = MTEF header + MTEF Byte Stream.

      The structure of QNOLEFILEHDR is shown in Figure 2:

      Hidden Content

        Give reaction to this post to see the hidden content.

       

      figure 2

      The structure of the MTEF header is shown in Table 1. Regarding this structure, there are differences between the actual data and the format specifications that we observed. The following table shows the actual observations:

      Offset Instructions value
      0 MTEF version number 0×03
      1 The data generation platform 0x00 is generated on Macintosh platform, 0x01 is generated on Windows platform
      2 Generated product of this data 0×00 is generated by MathType, 0×01 is generated by Equation Editor
      3 Product major version number 0×03
      4 Product minor version number 0x0A

      Table 1 

      In the attack sample, the MTEF ByteStream structure is shown in Table 2:

      Initial SIZE record
      FONT records
      FONT content
      Remaining data

      Table 2

      The FONT record and FONT content structure are shown in Table 3:

      member Instructions Note
      Tag 0×08 1 byte
      Tface Typeface number 1 byte
      Style Font style 1 byte
      Name Font name NULL-terminated ASCII string

      table 3

      Patch bypass analysis

      CVE-2018-0802 vulnerability trigger point is located in sub_21E39 (module address is set to 0 in the IDA), as shown in Figure 3, it can be seen that the function of the function is to initialize a LOGFONT structure according to the font data in the formula :

      Hidden Content

        Give reaction to this post to see the hidden content.

       

      image 3 

      Let's take a look at Microsoft's description of the LOGFONT structure (Figure 4).You can see that the last member of this structure is lfFaceName,

       

      Hidden Content

        Give reaction to this post to see the hidden content.

      Figure 4: LOGFONT Structure

      Let's take another look at Microsoft's description of the lfFaceName member (Figure 5).You can see that lfFaceName represents the typeface name of the font. On the version being analyzed, it is a null-terminated char string with a maximum length of 32, which contains the terminator NULL.

       

      Hidden Content

        Give reaction to this post to see the hidden content.

      Figure 5 

      The problem is obvious: the code in the red box in Figure 3 does not limit the copy length when copying the font FaceName, and the source data for the copy is the user-supplied font name, and the destination address is a LOGFONT structure body address passed in from the parent function.We look back to the parent function of sub_21E39 (Figure 6), you can see this address is located on the stack opened by the parent function, is a local variable of the parent function.The attacker constructs malicious data, overwrites the last two bytes of the return address of the parent function (sub_21774), and then directs the control flow to the shellcode on the stack.

       

      Hidden Content

        Give reaction to this post to see the hidden content.

      Figure 6

      During the analysis, we found a place of suspected recursion. Figure 7 shows the disassembly code of sub_21774. We can see that sub_21774 first calls the vulnerability function sub_21E39 to initialize a LOGFONT structure, and then calls the relevant API to pass in the structure. The system gets a font name saved to Name.Then, it compares the obtained Name with the user-supplied lpLogFont. If it is inconsistent (and the sub_115A7 function needs to return False), it will continue to call or not call itself according to the condition specified by a3, while a3 is the third of sub_21E39 function. Parameters.

       

      Hidden Content

        Give reaction to this post to see the hidden content.

      Figure 7

      Let's take a look at the third parameters of the parameters, otherwise there may be multiple recursive, can not effectively use this overflow.According to the previous CVE-2017-11882 debugging results (Figure 8), we can see that when parsing the user-supplied font data, the function calling sub_21774 is sub_214C6.Let's look back at sub_214C6 (Figure 9). Sub_214C6 calls sub_21774 to pass a value of 1 to the third parameter, so if(a3) in Figure 7 is true.Let's look at Figure 7, when sub_21774 recursively calls itself, the value passed to the 3rd parameter is 0, which means that sub_21774 will not call itself again, and the recursion level will only have 1 level.Analyzed here, recursive doubts have been solved.

      Hidden Content

        Give reaction to this post to see the hidden content.

       

      Figure 8: CVE-2017-11882 Triggered Execution Flow

       

      Hidden Content

        Give reaction to this post to see the hidden content.

       

      Figure 9 

      One problem that has been analyzed here is that if _strcmpi(lpLogfont, &Name) is not true (if the font data is forged by the user, it certainly does not hold here), sub_115A7 will be called, which means that it will go to CVE-2017. -11882 overflow point.In the version without the November patch, if you want to successfully use CVE-2017-11882, CVE-2018-0802 points will not overflow because the former needs to have a much smaller overflow size than the latter, and the copy last has a NULL truncation (we know that the controllable eip that overflows to CVE-2017-11882 requires only 0x2C bytes, and through the analysis below (Figure 11) we can see that the controllable eip overflowing to CVE-2018-0802 requires 0x 94 bytes).On the other hand, if you want to trigger CVE-2018-0802 on a version that does not have an November patch, CVE-2017-11882 will be triggered first.In short, CVE-2018-0802 is not available on the pre-11 patch.

      However, as can be seen from Figure 10, in the November patch, before the copy of CVE-2017-11882 overflow point, Microsoft performed a length limit of 0x20 on the copy length, and after the copy was completed, it was manually copied at the end of the copy. A NULL was added to invalidate CVE-2017-11882.This directly leads to CVE-2018-0802 being unusable before patching!Now, as long as sub_115A7 returns False, the exploit can be perfectly exploited, and actual debugging finds that sub_115A7 returns False.

       

      Hidden Content

        Give reaction to this post to see the hidden content.

      Figure 10

      Dynamic Analysis

      Spillover data copy

      With the above analysis, dynamic analysis becomes very simple.Since this overflow point will copy the data, let's monitor the source string and the corresponding stack traceback for each copy. We first enter the OLE data-related Load function (sub_6881), and then break the point before copying the data and proceed. Output, the result is shown in the code:

      Hidden Content

        Give reaction to this post to see the hidden content.

      Hidden Content

        Give reaction to this post to see the hidden content.

      Hidden Content

        Give reaction to this post to see the hidden content.

      Hidden Content

        Give reaction to this post to see the hidden content.

      Hidden Content

        Give reaction to this post to see the hidden content.
       

      It can be seen from the log that there are two copies, and we can know from the stack trace back that these two copies are the two calls to sub_21174 in the static analysis.The first time is the sub_214c6 call to sub_21174, and the second is the sub_21174 call to itself.It can be seen that the stack overflow obviously occurs on the first copy.Here to mention a little bit, cb ce cc e5 stands for Songs.

      Let us calculate in detail how much length we need to overflow to control the return address of the parent function (sub_21174). (The conclusion of this question has been mentioned in the “Patch bypass analysis” section). From Figure 11 we can see from lfFaceName(-0× 90) Overflow to ret_addr (+0x4), a total of 0x94 bytes are required. Exceeding the 0x94 portion of the byte will cover the return address one by one from the low address.

      Hidden Content

        Give reaction to this post to see the hidden content.

       

      Figure 11

      We look at the data in the POC. As shown in Figure 12, the blue part is the first 0x94 bytes of the overflow, the 2500 is the last two bytes of the overflow, and 00 is the terminator. When the copy encounters 00 Stop.According to the little end address layout, when the poc is running, the EIP will only cover the lower 2 bytes.Why did you do this?The answer is to bypass ASLR.

      Hidden Content

        Give reaction to this post to see the hidden content.

       

      Figure 12

      Bypass ASLR

      Let's take a look at why two bytes of a district can bypass ASLR.

      First of all, we must be clear that the patch file is opened ASLR, as shown in Figure 13.As a result, the base address for loading EQNEDT32.EXE is random each time, so the first problem to be considered when overflowing is how to bypass ASLR.(As for DEP, you can see from Figure 14 that DEQ is not enabled in EQNEDT32.EXE in the patch file, so it is not necessary to consider DEP under normal circumstances)

      Unfortunately, attackers clearly understand the Windows system mechanisms and defenses.Because on the Windows platform, the ASLR of a 32-bit process only randomizes the upper 2 bytes of the address each time, while the lower 2 bytes remain unchanged.If a ret instruction can be found in the same low 0xFFFF space of the covered address, and the address is 0xABCD00XY (where ABCD and XY are 6 arbitrary hexadecimal numbers, the second to last byte in the address Must be 0x00, because after the copy needs to be accurately truncated, you can directly use this ret to jump to the stack.Since there is no need to bypass DEP, shellcode can be executed directly on the stack.

      Hidden Content

        Give reaction to this post to see the hidden content.

       

      Figure 13: ASLR Status of EQNEDT32.EXE is Enabled and DEP is Non-Permanent DEP

       

      Hidden Content

        Give reaction to this post to see the hidden content.

       

      Figure 14: DEP Status of EQNEDT32.EXE is Disabled

      More unfortunately, within the EQNEDT32.EXE module, Microsoft really gave and gave only one such address (Figure 15). There are only one address that satisfies the condition, namely, 20025, two bytes that are covered in the eip. 25 00 is unique, there is no second ret that satisfies the condition.

      Hidden Content

        Give reaction to this post to see the hidden content.

       

      Figure 15

      Let's consider what the original return address of sub_21174 is.Of course, sub_214C6 calls the address of the next instruction of sub_21174. It can be seen from Fig. 16 that the offset of this address is 214E2. According to the overlay of Fig. 12, the offset after the overlay becomes 20025, which consists of the above analysis and Fig. 17 As you can see, this address is a ret instruction.This instruction will pop up sub_214C6 to the first parameter of sub_21174 and switch the control flow to this value to execute.To make matters worse, this first parameter happens to be lpLogFont, which is the FontName provided by the user.So after ret is executed, the control flow will be transferred to the stack and it will just start executing the first byte of the user-supplied FontName.

      Hidden Content

        Give reaction to this post to see the hidden content.

       

      Figure 16

       

      Hidden Content

        Give reaction to this post to see the hidden content.

       

      Figure 17

      Sample A Shellcode Analysis

      In poc for sample A transformation, control flow hijacking and execution of the shellcode section are shown in Figure 18:

      Hidden Content

        Give reaction to this post to see the hidden content.

       

      Figure 18: Due to the existence of recursion, we need to return twice from the sub_21774 function, which explains the first two rets

               Immediately after the jmpeax instruction, WinExec is called, and the command line parameter happens to be calc.exe, as shown in Figure 19:

      Hidden Content

        Give reaction to this post to see the hidden content.

       

      Figure 19

      Sample B Shellcode Analysis

      Sample B bypasses ASLR in the same way as Sample A, but the shellcode portion is not the same as Sample A.Sample B's shellcode finds the kernel32.dll export table (Figures 20 and 21) through the PEB, and then searches through the export table for a hash of the desired function through a specific hash algorithm (Figure 21). The hash value is given in shellcode.The shellcode then saves the searched function address to where the hash value was previously stored (Figure 22).

      Hidden Content

        Give reaction to this post to see the hidden content.

       

      Figure 20: Hash value and copy path name given in sample B's shellcode

       

      Hidden Content

        Give reaction to this post to see the hidden content.

       

      Figure 21: Finding the required function in the export table of kernel32.dll with the hash value

      Hidden Content

        Give reaction to this post to see the hidden content.
       

       

      Figure 22: Comparison of data on the stack before and after finding the function address

       After successfully finding the function and saving the address on the stack, first call the ExpandEnvironmentStringsA function to expand the short path (the short path is saved in the shellcode), and then call CopyFileA to copy the payload to the word plugin directory so that the payload will follow the word next time. Start automatically loaded into memory.Finally call ExitProcess to exit the Equation Editor process (Figure 23).The entire process does not affect the normal opening of the document.

      Hidden Content

        Give reaction to this post to see the hidden content.

       

      Figure 23: Expand the short path, copy the file, and exit the process

      to sum up

      The 0day vulnerabilities used by "CVE-2018-0802" are called CVE-2017-11882's twin vulnerabilities. One vulnerability in the attack sample is for unpatched systems, and the other is for vulnerabilities. The system uses two OLEs to attack at the same time. The hackers' well-constructed attacks are perfectly compatible with the different circumstances of the system vulnerability patch environment.The use of this loophole and the Bypass ASLR approach have a certain degree of coincidence, if there is no ret instruction in the EQNEDT32.EXE module can be used to bypass the ASLR, if lpLogFont is not the first parameter of sub_21774, if CVE - 2017-11882 patch repair method forced DEP protection, "Dream Formula II" will not have the opportunity.

      The latest 360 security products have been able to detect and prevent this zero-day vulnerability, and we recommend that users update the Microsoft Security Patch for January 2018.

      reference

      Hidden Content

        Give reaction to this post to see the hidden content.

      Code .py

      Hidden Content

        Give reaction to this post to see the hidden content.
       

      Share this post

      Link to post
      Share on other sites

      zhanghuhu    0

      zhanghuhu
      Posted

      hello subject looks great let see if its really works 

      Share this post

      Link to post
      Share on other sites
      Guest
      This topic is now closed to further replies.
      Sign in to follow this  
      Followers 0
      Go To Topic Listing

      • Similar Content

        • itsMe
          Name-That-Hash v1.1.6 - The Modern Hash Identification System
          By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. Name-That-Hash
          What is this?
          Have you ever come across a hash such as 5f4dcc3b5aa765d61d8327deb882cf99 and wondered what type of hash that is? 🤔
          Name-that-hash will name that hash type!
          🔥 Features
              📺 Popularity Ratings – Name that hash will show you the most popular hashes first. In older systems, it would prioritise Skype Hash the same as Active Directory’s NTLM! Which makes as much sense as saying that my GitHub is as popular as VSCode 📈
              ✍ Hash Summaries – no more wondering whether it’s MD5 or NTLM. It will summarise the main usage of each hash, allowing you to make an informed & decisive choice ⚡
              🌈 Colour Output – Don’t worry, the colours were hand-selected with a designer to be 100% accessible and gnarly 😎
              🤖 JSON output && API – Want to use it in your project? We are API first, CLI second. Use JSON output or import us as a Python module! 💾
              👵 Updated! – HashID was last updated in 2015. Hash-Identifier in 2011! It is a 2021 project 🦧
              ♿ Accessible – We are 100% committed to making this an accessible hacking tool 🙏
              🎫 Extensible – Add new hashes as quickly as you can edit this README. No, seriously — it’s that easy! 🎱
          Changelog v1.1.6
          What’s Changed
              Fix typo in help dialogue (#47) @jgmoss
              Fixed bug that printed “hello” in non grep mode.

          Hidden Content
          Give reaction to this post to see the hidden content.
        • itsMe
          Wprecon v1.6.2 alpha - vulnerability recognition tool in CMS WordPress
          By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. WPrecon (WordPress Recon)
          Wprecon (WordPress Recon), is a vulnerability recognition tool in CMS WordPress, 100% developed in Go.
          Features
               Detection WAF
               Fuzzing Backup Files
               Fuzzing Passwords
              Random User-Agent
               Plugin(s) Enumerator
               Theme(s) Enumerator
               Scripts
               Tor Proxy
               User(s) Enumerator
               Vulnerability Version Checking (Beta)
          Changelog v1.6.2 alpha
              bug fix

          Hidden Content
          Give reaction to this post to see the hidden content.
        • itsMe
          Grawler: automates the task of using google dorks
          By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. Grawler is the best tool ever, made for automating google dorks it’s a tool written in PHP which comes with a web interface that automates the task of using google dorks, scrapes the results, and stores them in a file, version 1.0 is the more powerful than ever supporting multiple proxies. ( Read in features )
          Grawler aims to automate the task of using google dorks with a web interface, the main idea is to provide a simple yet powerful tool that can be used by anyone, the thing that makes Grawler different in its category is its features.
          Features
              The biggest issue faced by tools that automate google dorks is CAPTCHA, but with Grawler, CAPTCHA is not an issue anymore, Grawler comes with a proxy feature that supports three different proxies.
                  Supported Proxies ( The mentioned proxies need you to signup and get the API key, without any credit card information and give you around one thousand free API calls each )
                      ScraperAPI
                      Scrapingdog
                      Zenscrape
              Grawler now supports two different modes.
                  Automatic Mode: Automatic mode now comes with many different dork files and supports multiple proxies to deliver a smooth experience.
                  Manual Mode: The manual mode has become more powerful with the Depth feature, now you can select the number of pages you want to scrape results from, proxy feature is also supported by manual mode.
              Dorks are now categorized in the following categories:
                  Error Messages
                  Extension
                  Java
                  JavaScript
                  Login Panels
                  .Net
                  PHP
                  SQL Injection (7 different files with different dorks)
                  My_dorks file for users to add their own dorks.
              API keys for proxies are first validated and added to the file.
              Manual mode allows users to go up to depth 4, but I’d recommend using depth 2 or 3 because the best results are usually on the initial pages.
              Grawler comes with its own guide to learn google dorks.
              The results are stored in a file ( filename needs to be specified with txt extension ).
              URL scraping is better than ever with no garbage URL’s at all.
              Grawler supports three different search engines are supported (Bing, Google, Yahoo), so if one blocks you another one is available.
              Multiple proxies with multiple search engines deliver the best experience ever.

          Hidden Content
          Give reaction to this post to see the hidden content.
        • itsMe
          The Ultimate Anonymity Online While Hacking!
          By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. What you'll learn
              What is anonymity?
              Importance of become anonymous online.
              Which operating system you should use for anonymity.
              Which operating system we should use for hacking.
              Setup anonymous hackers operating systems.
              Hiding location & identity
              Sharing files & messages anonymously
              Spoofing IP & MAC address
          This course includes:
              44 mins on-demand video
              Full lifetime access
              Access on mobile and TV
              Certificate of completion
          Requirements
              Basic Computer & IT Skills.
              No Linux, No programming or hacking knowledge required.
              Operating System: Windows / OS X / Linux.
              Computer with a minimum of 4GB RAM
          Description
          Welcome to Our Course name Staying Anonymous Online While Hacking! I’m Mehedi Shakeel and I’m a freelance ethical hacker. In this course, I will teach you the ultimate way to become anonymous online while hacking. I recommend this course to everyone who wants to become an ethical hacker or anyone who wants to protect their security & privacy online.
          If you are not wanting to be a hacker but you do such things online, like online purchasing, using social media, and entertainment then also you need to become anonymous online to protect yourself, form hackers
          If you don’t have any knowledge about hacking or anonymity then don’t worry, I design this course in such a way so that anyone can understand every lecture of this course who has a basic knowledge about computers.
          I promise you from this course you will learn something very important that will help you very much to become an ethical hacker or hiding online.
          Anonymity: anonymity is a concept of hiding on the internet while you are doing any kind of activity online. Some small mistakes web can be used against yourself to extract your information. So, maintaining every step and procedure to hide yourself and your activity from an online website, systems, webservers, and users it’s call anonymous online.
          With online anonymity, you wouldn’t have to worry about your personal safety being compromised as a result of whatever it is that they may be doing online. For example, you can do whatever you want without others finding out where you live.
          So, what are you waiting for? Take this course and start learning now. I’m waiting for you in the course lectures.
          Notes:
          This course is created for educational purposes only.
          This course is totally a product of Md Mehedi Hasan & SSTec Academy and no other organization is associated with it or a certification exam.
          Although, you will receive a course completion certification from Udemy, apart from that NO OTHER ORGANISATION IS INVOLVED.
          Who this course is for:
              Everyone who interested in improving their privacy and anonymity.
              Everyone who want to start their carrer in cyber security & ethical hacking.
              Everyone who working in the field of IT & Network Security
              Everyone who want to become an ethical hacker.
          Hidden Content
          Give reaction to this post to see the hidden content.

          Hidden Content
          Give reaction to this post to see the hidden content.
        • itsMe
          Crypto and Blockchain for Beginners: The Ultimate Guide
          By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. What you'll learn
              Introduction to Blockchain
              Decentralization
              Immutability
              Anonymity
              Cryptography
              Benefits of Blockchain
              Disadvantages of Blockchain
              General Data Protection Regulation (GDPR)
              Transactions on the Blockchain
              Electronic Cash
              Smart Contracts
              Blockchain 2.0
              e-Estonia
              Banking the Unbanked
              Cryptocurrencies
              Public and Private Keys
              Cryptocurrency Wallets
              Creation of Personal Token/Coin
              Main Cryptocurrencies
              Bitcoin (BTC), Ethereum (ETH) and others
              Ethereum Blockchain
              SegWit
              Smart Contracts
              Symmetrical Cryptography
              Asymmetrical Cryptography
              Hashing
              Multisig- Multi Signature Cryptography
              Hybrid Cryptography
              What are ITOs/ICOs
              Phishing and Fake ICOs
              Transactions, Hash Function and Hash Value
              Merkle Tree
              Mining Bitcoin
              Proof of Work (PoW)
              Proof of Stake (PoS)
              Delegated Proof of Stake (DPoS)
              Proof of Authority (PoA)
              Proof of Burn (PoB)
              Directed Acyclic Graph
              Byzantine Fault Tolerance
              Proof of Space/Capacity
              Proof of Activity
              Proof of Elapsed Time
          This course includes:
              3.5 hours on-demand video
              3 downloadable resources
              Full lifetime access
              Access on mobile and TV
              Certificate of completion
          Requirements
              Though having some previous knowledge is advantage, this course made for absolute beginners
          Description
          Blockchain is the word on everyone’s lips these days.
          Of course, blockchain is best known as the engine, or software, behind digital currency - otherwise known as cryptocurrency.  Blockchain technology is used by millions of people daily for the use of payments, transfers and transactions.
          But blockchain isn’t only about sending and receiving money! Far from it. It is important to understand about the use of blockchain as you will ultimately become the beneficiary of all its benefits, and if you were not aware of all those benefits, now is the time to start learning.
          This online course will cover the basics of blockchain and cryptocurrencies:
          Everything about what blockchain means, how was it created, why it matters, what it consists of, what makes it unique and useful, and why you should care. It also explains everything about cryptocurrencies, how they work, and why are they so volatile using some of the most popular ones in the market such as Bitcoin, Ethereum, Ripple and many others.
          Furthermore, this course explores implications of different blockchains such as smart contracts, how they function, what are the advantages, and cryptography which makes them so secure.
          After getting grounding on cryptocurrency and blockchain, the next time there is a conversation about these topics, you can actively participate in them. You should fully understand what cryptocurrencies and smart contracts are, the meaning of the words “miner” and “FIAT”, and you will not be dragged into scams.
          Who this course is for:
              Everyone with interest in cryptocurrencies, blockchain, implications and how does it all work providing endless possibilities.
          Hidden Content
          Give reaction to this post to see the hidden content.

          Hidden Content
          Give reaction to this post to see the hidden content.