cracking techniques
Download
Skip this Video
Download Presentation
Cracking Techniques

Loading in 2 Seconds...

play fullscreen
1 / 29

Cracking Techniques - PowerPoint PPT Presentation


  • 271 Views
  • Uploaded on

Cracking Techniques. Onno W. Purbo [email protected] Referensi. http://www.rootshell.com Front-line Information Security Team, “Techniques Adopted By 'System Crackers' When Attempting To Break Into Corporate or Sensitive Private Networks,” [email protected] & http://www.ns2.co.uk. Referensi.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Cracking Techniques' - KeelyKia


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
referensi
Referensi
  • http://www.rootshell.com
  • Front-line Information Security Team, “Techniques Adopted By 'System Crackers' When Attempting To Break Into Corporate or Sensitive Private Networks,” [email protected] & http://www.ns2.co.uk
referensi3
Referensi
  • http://www.antionline.com/archives/documents/advanced/
  • http://www.rootshell.com/beta/documentation.html
  • http://seclab.cs.ucdavis.edu/papers.html
  • http://rhino9.ml.org/textware/
just who is vulnerable anyway
Just who is vulnerable anyway?
  • Financial institutions and banks
  • Internet service providers
  • Pharmaceutical companies
  • Government and defense agencies
  • Contractors to various goverment agencies
  • Multinational corporations
profile of a typical system cracker
Profile of a typical 'system cracker'
  • Usually male, aged 16-25.
  • To improve their cracking skills, or to use network resources for their own purposes.
  • Most are opportunists
  • Run scanners for system vulnerabilities.
  • Usually gain root access; then install a backdoor and patch the host from common remote vulnerabilities.
internet s purposes
Internet’s purposes ..
  • The hosting of corporate webservers
  • E-mail and other global communications via. the internet
  • To give employees internet access
network separation
Network separation
  • Firewall
  • Application Proxies
understanding vulnerabilities
Understanding vulnerabilities
  • External mailserver must have access to mailservers on the corporate network.
  • agressive-SNMP scanners & community string brute-force programs, turn router into bridge.
techniques used to cloak the attackers location
Techniques used to 'cloak' the attackers location
  • Bouncing through previously compromised hosts via. telnet or rsh.
  • Bouncing through windows hosts via. Wingates.
  • Bouncing through hosts using misconfigured proxies.
network probing and information gathering
Network probing and information gathering
  • Using nslookup to perform 'ls ' requests.
  • View the HTML on your webservers to identify any other hosts.
  • View the documents on your FTP servers.
  • Connect to your mailservers and perform 'expn ' requests.
  • Finger users on your external hosts.
identifying trusted network components
Identifying trusted network components
  • a trusted network component is usually an administrators machine, or a server that is regarded as secure.
  • start out by checking the NFS export & access to critical directory /usr/bin, /etc and /home.
  • Exploit a machine using a CGI vulnerability, gain access to /etc/hosts.allow
identifying vulnerable network components
Identifying vulnerable network components
  • Use Linux programs such as ADMhack, mscan, nmap and many smaller scanners.
  • binaries such as 'ps' and 'netstat' are trojaned to hide scanning processes.
  • If routers are present that are SNMP capable, the more advanced crackers will adopt agressive-SNMP scanning techniques to try and 'brute force‘ the public and private community strings of such devices.
perform types of checks
Perform types of checks
  • A TCP portscan of a host.
  • A dump RPC services via. portmapper.
  • A listing of exports present via. nfsd.
  • A listing of shares via. samba / netbios.
  • Multiple finger to identify default accounts.
  • CGI vulnerability scanning.
  • Identification of vulnerable versions of server daemons, including Sendmail, IMAP, POP3, RPC status & RPC mountd.
taking advantage of vulnerable components
Taking advantage of vulnerable components
  • Identify vulnerable network components  compromise the hosts.
  • Upon executing such a program remotely to exploit a vulnerable server daemon
  • Gain root access to your host.
upon gain access to vulnerable components
Upon gain access to vulnerable components
  • 'clean-up‘ operation of doctoring your hosts logs
  • 'backdooring' service binaries.
  • place an .rhosts file in the /usr/bin to allow remote bin access to the host via rsh & csh
downloading sensitive information
Downloading sensitive information
  • 'bridge' between the internet - corporate network.
  • Abusing the trust with the external host.
cracking other trusted hosts and networks
Cracking other trusted hosts and networks
  • Install trojans & backdoors + remove logs.
  • Install sniffers on your hosts.
installing sniffers
Installing sniffers
  • Use 'ethernet sniffer' programs.
  • To 'sniff' data flowing across the internal network  a remote root compromise of an internal host.
  • To detect promiscuous network interfaces  the 'cpm' http://www.cert.org/ftp/tools/cpm/
taking down networks
Taking down networks
  • rm -rf / &
  • 'mission critical' routers & servers are always patched and secure.
ad