1 / 28

KaaShiv InfoTech

KaaShiv InfoTech. Ethical Hacking. For Inplant Training / Internship , please download the " Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to kaashiv.info@gmail.com. Introduction. Ethical Hacking Knowledge is Power

gidgetl
Download Presentation

KaaShiv InfoTech

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. KaaShiv InfoTech Ethical Hacking For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to kaashiv.info@gmail.com www.kaashivinfotech.com

  2. Introduction • Ethical Hacking • Knowledge is Power • To Teach is to Defend • Hacking is frowned upon For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to kaashiv.info@gmail.com www.kaashivinfotech.com

  3. About Me • I have been interested in computer security for around six years. • First encounter in the wild with viruses was the IRC .vbs auto-scripts. • Went to Defcon 14 during the Summer 2006 to learn and enjoy, came back with some new knowledge. For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to kaashiv.info@gmail.com www.kaashivinfotech.com

  4. Presentation Overview • Presentation #1 will be an introduction to tools and tricks used by “script-kiddies”, or those new to the hacker community. • Many people may have seen or used the following tools and tricks, but most moderate to advanced users frown upon them. For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to kaashiv.info@gmail.com www.kaashivinfotech.com

  5. Presentation Overview • NetBios Hacking – Connect, view, share • IP Scanning – Angry IP Scanner • Cain – Excellent script-kiddie tool • Sub7/Netbus – Remote Admin Tools • PuTTy/Token2 – Tools of the trade For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to kaashiv.info@gmail.com www.kaashivinfotech.com

  6. Windows NetBios Hacking • This is one of the most basic file access tricks known to Windows. • Not necessarily hacking, but beginners call it such. • Can be used with a samba brute-force password guesser. For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to kaashiv.info@gmail.com www.kaashivinfotech.com

  7. Connect, View… • First we must acknowledge file sharing has been enabled. We do so by opening our Command-Prompt, and running nbtstat. • C:>nbtstat.exe –a 192.168.1.101 NetBIOS Remote Machine Name Table Name Type Status --------------------------------------------- SOMBA <00> UNIQUE Registered CALIMINE <00> GROUP Registered SOMBA <20> UNIQUE Registered CALIMINE <1E> GROUP Registered MAC Address = C0-FF-33-0B-33-50 • We find the <20> we’re looking for which indicates file sharing has indeed been enabled. For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to kaashiv.info@gmail.com www.kaashivinfotech.com

  8. Connect, View… • Now let us view what directories are actually being shared. • C:>net view \\192.168.1.101 Shared resources at \\192.168.1.101 Base Station Share name Type Used as Comment ------------------------------------------------------------------------------- C$ Disk IPC$ The command completed successfully. • Bingo, C:\ was shared to the world through the file sharing. We now have our target. For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to kaashiv.info@gmail.com www.kaashivinfotech.com

  9. … Share! • Finally we are going to map a network drive to our newly found net share. • C:>net use x: \\192.168.1.101\C$ • The command completed successfully. • Now check My Computer> and you will see the newly acquired remote C: Drive. For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to kaashiv.info@gmail.com www.kaashivinfotech.com

  10. NetBios Hacking Protection • Disable file sharing! • Use a firewall such as ZoneAlarm when you are not sharing files. • Password protect your shares. • Use a hardware firewall such as a router with built-in firewall. • This is an old hack, but it still can compromise an entire system. For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to kaashiv.info@gmail.com www.kaashivinfotech.com

  11. IP Scanning • Finding vulnerable targets in the wild. • Angry IP Scanner – http://www.angryziber.com/ipscan/ • Viruses and bots use IP sweepers, so ISPs will flag this activity. • IP Scanning is very common among exploit seeking viruses. For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to kaashiv.info@gmail.com www.kaashivinfotech.com

  12. Finding Appropriate IP Range • First we must find a range to search. This could be any combination of IP ranges such as 192.168.*.* • Next we must determine what we are searching for. • Finally, we decide what tools to use. For now, we will stick to Angry IP Scanner. For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to kaashiv.info@gmail.com www.kaashivinfotech.com

  13. Searching for HTTP • Lets find some HTTP servers! • In Angry IP Scanner, set IP range and change Ports to [x] Scan Port: port 80 • Begin scan…. • After scan has completed, to only sort out which IPs have port 80 open, go to Utils>Delete From List>Closed Ports • Our list is complete. For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to kaashiv.info@gmail.com www.kaashivinfotech.com

  14. What We Often Find • Generally we will find routers and modems. Often if they are default, they also have default passwords (for another day) • Sometimes we stumble upon websites, personal projects, etc. • This is VERY dangerous as you could be scanning a computer which is illegal to access… For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to kaashiv.info@gmail.com www.kaashivinfotech.com

  15. Prevention from IP scans? • If you’re on the internet, you have an IP. IP scanners will give an ALIVE message. • Firewalls are VITAL if you are directly connected to the internet (ZoneAlarm, etc.) • HTTP access to routers should be turned off unless absolutely necessary. If enabled, ensure passwords are hard to guess/break. For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to kaashiv.info@gmail.com www.kaashivinfotech.com

  16. Cain & Abel :-D • Cain is a very, very evil script-kiddie tool. • We can spoof, crack, trace, inject, sniff, poison, and a few other things. • This program is dangerous in the wrong hands because it works verywell. For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to kaashiv.info@gmail.com www.kaashivinfotech.com

  17. Arp Poisoning • Cain currently only arp poisons through ethernet cards. • Broad overview of how to get it to run. • First, enable the sniffer and retrieve list of potential victim IPs. • Next, click the IP you want to add and press the + sign. • At this point, you should have two IPs in a network, the source and the destination IPs. Click the source IP on the left, and the destination IP on the left, in this case 192.168.0.2 and 192.168.0.1. • Watch the packets come in, and capture EVERYTHING the IP is sending and receiving via ARP poisoning. For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to kaashiv.info@gmail.com www.kaashivinfotech.com

  18. Creative & Powerful Tool • Cain is creative, powerful, and has a huge damage potential in the wrong hands. • Keep those firewalls up! ARP Poisoning can be prevented by firewalling your connection. • Be aware of malicious users on your network, watching for that little Cain program to pop up on their screen. For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to kaashiv.info@gmail.com www.kaashivinfotech.com

  19. Sub7/NetBus • Remote Admin Tools, or RAT for short are essentially total control over a computer. • RAT tools are servers designed to take complete control without the user’s notice. • Sub7 is a well known black-hat RAT used to take over computers without the need for a “server” broadcast. • NetBus is also well known, but is a bit noisier and often leaves more traces. • Many other RATs out there. For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to kaashiv.info@gmail.com www.kaashivinfotech.com

  20. Sub7 Configure • First, the hacker configures Sub7 with a configuration exe. This produces a new server with the desired options. • Options can include IRC control, broadcast of infection, methods of install, ways to stick server, etc. • Sub7 can also be password protected to prevent other hackers access to the victim. For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to kaashiv.info@gmail.com www.kaashivinfotech.com

  21. Our Sub7 Server • For now we know the victim will be able to broadcast via port 4000 (radmin port) • We want to ensure server sticks. • We want a password to prevent other uninvited guests. • Only install the minimum, IRC, ICQ, AIM is extra so disable it. For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to kaashiv.info@gmail.com www.kaashivinfotech.com

  22. Send Our Victim The Exe • This part is difficult to pull off, hackers have many ways to social engineer victims to do this part. • User must execute server.exe • Once executed, server is automatically launched and we are ready to take control. For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to kaashiv.info@gmail.com www.kaashivinfotech.com

  23. Client Side RAT Control • We now have total control of our victim machine, so lets view their hard drive. • Eject their cd-rom. • Ok, enough of this, lets let them know we have taken over with a friendly error. • Finally, using Sub7’s fun little Matrix mode, let us remind them that reality is a mere fictional state of mind. For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to kaashiv.info@gmail.com www.kaashivinfotech.com

  24. Prevention of RATs • Do not execute anything you do not trust! • Always enable show file extensions to be turned on (Windows defaults them off?!?) • Be aware of strange activity. RATs do not need to broadcast to take over, they can use other methods such as AIM messages, IRC bot commands, and other various client messages. • Advanced RATs will be covered in a later presentation. For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to kaashiv.info@gmail.com www.kaashivinfotech.com

  25. PuTTy/Token 2 • Excellent text basedssh/telnet/ftp/raw TTY clients. • Learn how to use these as they become vital later in a hackers life. • Token 2 has excellent proxy abilities, so read up on how to use Socks-5 and SSH. • Begin learning about potential tunneling via SSH and PuTTy. For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to kaashiv.info@gmail.com www.kaashivinfotech.com

  26. Conclusion • Keep safe! Just because I teach this does not mean it is legit stuff. Play around on test boxes, use VMWare, give your roomie a scare but not your college professor! • I would like to continue this as long as I have an audience. I learn as everyone else learns. • Ideas include advanced scanning and penetration, wireless hacking, root kit exploration, shell/exploit writing, web defacing/hacking, virus exploration/writing, maybe some old school hardware hacks (red/blue/beige boxes, credit card readers), and whatever else people want to hear about. For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to kaashiv.info@gmail.com www.kaashivinfotech.com

  27. Contact Number Venkat - 766 766 2428 Email – kaashiv.info@gmail.com Priyanka - 72994 88034

  28. Thank you For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to kaashiv.info@gmail.com www.kaashivinfotech.com

More Related