Cyper Security & Ethical Hacking

Penetrate Testing

Password Security

Vulnerability is some flaw in our environment that a malicious attacker could use to cause damage in your organization. Vulnerabilities could exist in numerous areas in our environments, including our system design, business operations, installed softwares, and network configurations.

•Input validation errors, such as: • Format string attacks• SQL injection• E-mail injection• Directory traversal• Cross-site scripting in web applications

•Race conditions, such as: • Time-of-check-to-time-of-use bugs• Sym link races

•Privilege-confusion bugs, such as: • Cross-site request forgery in web applications• Click jacking• FTP bounce attack

In 1988 a "worm program" written by a college student shut down about 10 percent of computers connected to the Internet. This was the beginning of the era of cyber attacks.

Today we have about 10,000 incidents of cyber attacks which are reported and the number grows.

Computer Crime – The Beginning

In February, Kevin Mitnick is arrested for a second time. He is charged with stealing 20,000 credit card numbers. He eventually spends four years in jail and on his release his parole conditions demand that he avoid contact with computers and mobile phones.

On November 15, Christopher Pile becomes the first person to be jailed for writing and distributing a computer virus. Mr Pile, who called himself the Black Baron, was sentenced to 18 months in jail.

The US General Accounting Office reveals that US Defense Department computers sustained 250,000 attacks in 1995.

Computer Crime - 1995

Some of the sites which have been compromised

U.S. Department of Commerce

NASA

CIA

Greenpeace

Motorola

UNICEF

Church of Christ …

Some sites which have been rendered ineffective

Yahoo

Microsoft

Amazon …

Why Security?

HackersWhite hat :

Black hat

Grey hat

A white hat hackers breaks security for non-malicious reasons, perhaps to test their own security system or while working for a security company which makes security software. The term "white hat" in Internet slang refers to an ethical hacker.

A "black hat" hacker is a hacker who "violates computer security for little reason beyond maliciousness or for personal gain"

A grey hat hacker is a combination of a black hat and a white hat hacker.

Scanning

Gaining Access

Maintaining Access

Covering Tracks

Clearing Logs

Placing Backdoor

Hackers Steps

Types of hacking

Normal

data transfer

Interruption Interception

Modification Fabrication

How to translate the hackers’ language (2)

Ex)

1 d1d n0t h4ck th1s p4g3, 1t w4s l1k3 th1s wh3n 1 h4ck3d 1n

I did not hack this page, it was like this when I hacked in

Reverse Engineering

Integrated Circuit’s

Binary Software’s

Source Code

Reverse engineering, also called back engineering, is the process of extracting knowledge or design information from anything man-made

An exploit (using something to one’s own knowledge) is a piece of software, a chunk of data, or a sequence of commands that takes advantage of a bug, glitch or vulnerability in order to cause unintended or unanticipated behavior to occur on computer software, hardware, or something electronic

What is Exploit :

Exploit Writing

dSploit is a penetration testing suite developed for the Android operating system

Password hashed and stored

Salt added to randomize password & stored on system

Password attacks launched to crack encrypted password

Password Security

Hash

Function

Hashed

Password

Salt

Compare

Password

Client

Password

Server

Stored Password

Hashed

Password

Allow/Deny Access

Spam

Phishing

Virus

Key Loggers(Hardware , Software)

Password

I. Mail.Anonymizer.nameII. FakEmailer.netIII. FakEmailer.infoIV. Deadfake.com

Email Servers

Example PHP Coding For Mail Phishing

SQL Injection

SQL injection takes advantage of the syntax of SQL to inject commands that can read or modify a database, or compromise the meaning of the original query.

SELECT UserList.Username FROM UserList WHERE UserList.Username = 'Username' AND UserList.Password = 'Password'

SELECT UserList.Username FROM UserList WHERE UserList.Username = 'Username' AND UserList.Password = 'Password' AND ‘1’ = ‘1’

Example SQL Code:

Injected Code:

Wireless Hacking

Wireless hacking is made by the Getting the control the Wireless Networks.Wireless Hacking is made by the Password attacks,Modem dialing via proxy servers

• Wired Equivalent Privacy (WEP)• Wi-Fi Protected Access (WPA/WPA2)

Wireless Security Standards

• Netstumbler• inSSIDer• Kismet• Wireshark• Analysers of AirMagnet• Airopeek• KisMac

Wireless Hacking Softwares

Definition:

Attacker spoofs the address of another machine and inserts itself between the attacked machine and the spoofed machine to intercept replies

IP Spoofing – Source Routing

Replies sent back to 10.10.20.30

Spoofed Address10.10.20.30

Attacker10.10.50.50

John10.10.5.5

From Address: 10.10.20.30To Address: 10.10.5.5

• The path a packet may change can vary over time

• To ensure that he stays in the loop the attacker uses source routing to ensure that the packet passes through certain nodes on the network

Attacker intercepts packetsas they go to 10.10.20.30

Server Hacking

Definition:

Attack through which a person can render a system unusable or

significantly slow down the system for legitimate users by

overloading the system so that no one else can use it.

Types:

1. Crashing the system or network

– Send the victim data or packets which will cause system to crash or

reboot.

2. Exhausting the resources by flooding the system or network with

information

– Since all resources are exhausted others are denied access to the

resources

3. Distributed DOS attacks are coordinated denial of service attacks

involving several people and/or machines to launch attacks

Denial of Service (DOS)

Attack

Types:

1. Ping of Death

2. SSPing

3. Land

4. Smurf

5. SYN Flood

6. CPU Hog

7. Win Nuke

8. RPC Locator

9. Jolt2

10. Bubonic

11. Microsoft Incomplete TCP/IP Packet Vulnerability

12. HP Openview Node Manager SNMP DOS Vulneability

13. Netscreen Firewall DOS Vulnerability

14. Checkpoint Firewall DOS Vulnerability

Denial of Service (DOS)

Attack

Threats

A threat is an agent that may want to or definitely can result in harm to the target organization. Threats include organized crime, spyware, malware, adware companies, and disgruntled internal employees who start attacking their employer. Worms and viruses also characterize a threat as they could possibly cause harm in your organization even without a human directing them to do so by infecting machines and causing damage automatically. Threats are usually referred to as “attackers” or “bad guys”.

Virus

Worms

So big

Autorun.inf

Photos.exe

ILOVEYOU

Bootstrap.com

Windows.exe

•Netbus Advance System Care(by Carl-Fredrik Neikter)•Subseven or Sub7(by Mobman)•Back Orifice (Sir Dystic)•Beast•Zeus•Flashback Trojan (Trojan BackDoor.Flashback)•ZeroAccess•Koobface•Vundo

Trojans

• Chat• Email

Attachments• Website

Downloads• Physical Drives• Network Shares

Trojan Attacks

Attacker can

monitor the session

periodically inject commands into session

launch passive and active attacks from the session

Session Hijacking

Bob telnets to Server

Bob authenticates to Server

Bob

Attacker

Server

Die! Hi! I am Bob

Cryptography

Bob AliceEncryptionDecryption

Firewall & Honey bots

Steganography

Penetrate Testing