cyper security & ethical hacking
TRANSCRIPT
Cyper Security & Ethical Hacking
Penetrate Testing
Password Security
Vulnerability is some flaw in our environment that a malicious attacker could use to cause damage in your organization. Vulnerabilities could exist in numerous areas in our environments, including our system design, business operations, installed softwares, and network configurations.
•Input validation errors, such as: • Format string attacks• SQL injection• E-mail injection• Directory traversal• Cross-site scripting in web applications
•Race conditions, such as: • Time-of-check-to-time-of-use bugs• Sym link races
•Privilege-confusion bugs, such as: • Cross-site request forgery in web applications• Click jacking• FTP bounce attack
In 1988 a "worm program" written by a college student shut down about 10 percent of computers connected to the Internet. This was the beginning of the era of cyber attacks.
Today we have about 10,000 incidents of cyber attacks which are reported and the number grows.
Computer Crime – The Beginning
In February, Kevin Mitnick is arrested for a second time. He is charged with stealing 20,000 credit card numbers. He eventually spends four years in jail and on his release his parole conditions demand that he avoid contact with computers and mobile phones.
On November 15, Christopher Pile becomes the first person to be jailed for writing and distributing a computer virus. Mr Pile, who called himself the Black Baron, was sentenced to 18 months in jail.
The US General Accounting Office reveals that US Defense Department computers sustained 250,000 attacks in 1995.
Computer Crime - 1995
Some of the sites which have been compromised
U.S. Department of Commerce
NASA
CIA
Greenpeace
Motorola
UNICEF
Church of Christ …
Some sites which have been rendered ineffective
Yahoo
Microsoft
Amazon …
Why Security?
HackersWhite hat :
Black hat
Grey hat
A white hat hackers breaks security for non-malicious reasons, perhaps to test their own security system or while working for a security company which makes security software. The term "white hat" in Internet slang refers to an ethical hacker.
A "black hat" hacker is a hacker who "violates computer security for little reason beyond maliciousness or for personal gain"
A grey hat hacker is a combination of a black hat and a white hat hacker.
Scanning
Gaining Access
Maintaining Access
Covering Tracks
Clearing Logs
Placing Backdoor
Hackers Steps
Types of hacking
Normal
data transfer
Interruption Interception
Modification Fabrication
How to translate the hackers’ language (2)
Ex)
1 d1d n0t h4ck th1s p4g3, 1t w4s l1k3 th1s wh3n 1 h4ck3d 1n
I did not hack this page, it was like this when I hacked in
Reverse Engineering
Integrated Circuit’s
Binary Software’s
Source Code
Reverse engineering, also called back engineering, is the process of extracting knowledge or design information from anything man-made
An exploit (using something to one’s own knowledge) is a piece of software, a chunk of data, or a sequence of commands that takes advantage of a bug, glitch or vulnerability in order to cause unintended or unanticipated behavior to occur on computer software, hardware, or something electronic
What is Exploit :
Exploit Writing
dSploit is a penetration testing suite developed for the Android operating system
Password hashed and stored
Salt added to randomize password & stored on system
Password attacks launched to crack encrypted password
Password Security
Hash
Function
Hashed
Password
Salt
Compare
Password
Client
Password
Server
Stored Password
Hashed
Password
Allow/Deny Access
Spam
Phishing
Virus
Key Loggers(Hardware , Software)
Password
I. Mail.Anonymizer.nameII. FakEmailer.netIII. FakEmailer.infoIV. Deadfake.com
Email Servers
Example PHP Coding For Mail Phishing
SQL Injection
SQL injection takes advantage of the syntax of SQL to inject commands that can read or modify a database, or compromise the meaning of the original query.
SELECT UserList.Username FROM UserList WHERE UserList.Username = 'Username' AND UserList.Password = 'Password'
SELECT UserList.Username FROM UserList WHERE UserList.Username = 'Username' AND UserList.Password = 'Password' AND ‘1’ = ‘1’
Example SQL Code:
Injected Code:
Wireless Hacking
Wireless hacking is made by the Getting the control the Wireless Networks.Wireless Hacking is made by the Password attacks,Modem dialing via proxy servers
• Wired Equivalent Privacy (WEP)• Wi-Fi Protected Access (WPA/WPA2)
Wireless Security Standards
• Netstumbler• inSSIDer• Kismet• Wireshark• Analysers of AirMagnet• Airopeek• KisMac
Wireless Hacking Softwares
Definition:
Attacker spoofs the address of another machine and inserts itself between the attacked machine and the spoofed machine to intercept replies
IP Spoofing – Source Routing
Replies sent back to 10.10.20.30
Spoofed Address10.10.20.30
Attacker10.10.50.50
John10.10.5.5
From Address: 10.10.20.30To Address: 10.10.5.5
• The path a packet may change can vary over time
• To ensure that he stays in the loop the attacker uses source routing to ensure that the packet passes through certain nodes on the network
Attacker intercepts packetsas they go to 10.10.20.30
Server Hacking
Definition:
Attack through which a person can render a system unusable or
significantly slow down the system for legitimate users by
overloading the system so that no one else can use it.
Types:
1. Crashing the system or network
– Send the victim data or packets which will cause system to crash or
reboot.
2. Exhausting the resources by flooding the system or network with
information
– Since all resources are exhausted others are denied access to the
resources
3. Distributed DOS attacks are coordinated denial of service attacks
involving several people and/or machines to launch attacks
Denial of Service (DOS)
Attack
Types:
1. Ping of Death
2. SSPing
3. Land
4. Smurf
5. SYN Flood
6. CPU Hog
7. Win Nuke
8. RPC Locator
9. Jolt2
10. Bubonic
11. Microsoft Incomplete TCP/IP Packet Vulnerability
12. HP Openview Node Manager SNMP DOS Vulneability
13. Netscreen Firewall DOS Vulnerability
14. Checkpoint Firewall DOS Vulnerability
Denial of Service (DOS)
Attack
Threats
A threat is an agent that may want to or definitely can result in harm to the target organization. Threats include organized crime, spyware, malware, adware companies, and disgruntled internal employees who start attacking their employer. Worms and viruses also characterize a threat as they could possibly cause harm in your organization even without a human directing them to do so by infecting machines and causing damage automatically. Threats are usually referred to as “attackers” or “bad guys”.
Virus
Worms
So big
Autorun.inf
Photos.exe
ILOVEYOU
Bootstrap.com
Windows.exe
•Netbus Advance System Care(by Carl-Fredrik Neikter)•Subseven or Sub7(by Mobman)•Back Orifice (Sir Dystic)•Beast•Zeus•Flashback Trojan (Trojan BackDoor.Flashback)•ZeroAccess•Koobface•Vundo
Trojans
• Chat• Email
Attachments• Website
Downloads• Physical Drives• Network Shares
Trojan Attacks
Attacker can
monitor the session
periodically inject commands into session
launch passive and active attacks from the session
Session Hijacking
Bob telnets to Server
Bob authenticates to Server
Bob
Attacker
Server
Die! Hi! I am Bob
Cryptography
Bob AliceEncryptionDecryption
Firewall & Honey bots
Steganography
Penetrate Testing