We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byCole Yellott
Modified about 1 year ago
Computer Security Fundamentals by Chuck Easttom Chapter 6 Techniques Used by Hackers
© 2012 Pearson, Inc. Chapter 6 Techniques Used by Hackers 2 Chapter 6 Objectives Understand the basic methodology used by hackers Be familiar with some of the basic tools Understand the hacking mentality
© 2012 Pearson, Inc. Chapter 6 Techniques Used by Hackers 3 Introduction Basic Terminology Reconnaissance Passive Scanning
Netcraft.com © 2012 Pearson, Inc. Chapter 6 Techniques Used by Hackers 4
Archive.org © 2012 Pearson, Inc. Chapter 6 Techniques Used by Hackers 5
6 Port Scanning NMap
NMAP Flags -O detects operating system -sP is a ping scan -sT TCP connect scan -sS SYN scan -sF FIN scan -sX XMAS Tree scan -sN NULL scan -sU UDP scan -sO Protocol scan -sA ACK Scan -sW Windows scan -sR RPC scan -sL List/DNS scan -sI Idle scan -Po Don’t ping -PT TCP ping -PS SYN ping -PI ICMP ping -PB TCP and ICMP ping -PM ICMP netmask -oN Normal output -oX XML output -oG Greppable output -oA all output -T timing -T0 paranoid -T 1 Sneaking -T 2 Polite -T 3 Normal -T 4 Aggressive -T 5 Insane © 2012 Pearson, Inc. Chapter 6 Techniques Used by Hackers 7
Ping Scan The ping scan sends a single ICMP echo request from the source to the destination device. A response from an active device returns an ICMP echo reply, unless the IP address is not available on the network or the ICMP protocol is filtered. © 2012 Pearson, Inc. Chapter 6 Techniques Used by Hackers 8
Connect Scan Fully connect to the target ip address and port. Does a complete TCP handshake. This is the most reliable but will absolutely be detected. © 2012 Pearson, Inc. Chapter 6 Techniques Used by Hackers 9
Syn Scan Sends syn (synchronize) requests to the target to gather information about open ports without completing the TCP handshake process. When an open port is identified, the TCP handshake is reset before it can be completed. This technique is sometimes called to as "half open" scanning. © 2012 Pearson, Inc. Chapter 6 Techniques Used by Hackers 10
Fin Scan Sends a FIN (or finish) packet to target. If that port is not listening, no response. If it is listening an error response is received. © 2012 Pearson, Inc. Chapter 6 Techniques Used by Hackers 11
Enumeration Sid2User Cheops (Linux only) UserInfo UserDump DumpSec Netcat NBTDump © 2012 Pearson, Inc. Chapter 6 Techniques Used by Hackers 12
Cain and Abel © 2012 Pearson, Inc. Chapter 6 Techniques Used by Hackers 13
SQL Injection One of the most common attacks Depends on knowledge of SQL Basics are easy Versatile and can do a lot more than many realize © 2012 Pearson, Inc. Chapter 6 Techniques Used by Hackers 14
What Is SQL? A relational database contains one or more tables identified each by a name. Tables contain records (rows) with data. For example, the following table is called "users" and contains data distributed in rows and columns: SQL (Structured Query Language) uses commands like such as SELECT, UPDATE, DELETE, INSERT, WHERE, and others. Example: SELECT * FROM tblUsers WHERE USERNAME = ‘admin’ © 2012 Pearson, Inc. Chapter 6 Techniques Used by Hackers 15
More on SQL Web sites are written in some programming language such as PHP, ASP, JSP, ASP.net. Those programming languages have their own syntax (NOT SQL). So programmers put the SQL into their code in strings. So lets say you type your username into a text field called txtUsername and your password into a text field called txtPassword. The code in their program has to put SQL statements into a string and append whatever you entered in those two text fields. It will look something like this: string sSQLstatement; sSQLstatement = “SELECT * FROM tblUSERS WHERE UserName = ‘ “ + txtUsername.Text +’” + “ AND Password = ‘” + txtPassword.Text +”’”; so the string will contain ‘SELECT * FROM tblUSERS WHERE UserName =‘admin’ AND Password = ‘password’’; However whatever you type in, gets put into the text field. © 2012 Pearson, Inc. Chapter 6 Techniques Used by Hackers 16
SQL Script Injection Single quote added to password: Add the following to the username box and the password: ' or ‘1' =‘1 OR ' or 'a' ='a Also try password’ or (1=1) Or people try anything' OR 'x'='x or people try password:’1=1- - Try using double quote (") if single quote (') is not working © 2012 Pearson, Inc. Chapter 6 Techniques Used by Hackers 17
What Does This Cause? Well you would have had ‘SELECT * FROM tblUSERS WHERE UserName =‘admin’ AND Password = ‘password’’; Instead you have ‘SELECT * FROM tblUSERS WHERE UserName =‘' or ‘1' =‘1 ’ AND Password = ‘' or ‘1' =‘1 ’’; So now it says to get all entries from table = tblUsers if the username is ‘’ (blank) OR IF 1 =1. And if password = ‘’ (blank) OR IF 1=1! © 2012 Pearson, Inc. Chapter 6 Techniques Used by Hackers 18
OphCrack- How It Works Download OphCrack and burn the image to a CD. Put the CD in the target computer and boot through CD. It boots as Linux, grabs the Windows password file, and then uses cracking tools to crack that file and produces a text file with username and passwords. You cannot even consider yourself a hacker without this tool in your toolkit. © 2012 Pearson, Inc. Chapter 6 Techniques Used by Hackers 20
Contents Client-data script It refers to class of computer programs on the web that are executed client-side, by the user`s web browser, instead of server.
Scanning This presentation is an amalgam of presentations by Mark Michael, Randy Marchany and Ed Skoudis. I have edited and added material. Dr. Stephen.
Web Security Never, ever, trust user inputs Supankar.
Copyright © 2007 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Slide STARTING OUT WITH Visual Basic 2008 FOURTH EDITION Tony Gaddis.
LIS651 lecture 0 Gathering and showing data Thomas Krichel
Chapter 10, Slide 1Starting Out with Visual Basic 3 rd Edition Chapter 11 Developing Web Applications.
23-Aug-14 HTML/XHTML Forms. 2 What are forms? is just another kind of XHTML/HTML tag Forms are used to create (rather primitive) GUIs on Web pages Usually.
PHP II Interacting with Database Data. The whole idea of a database-driven website is to enable the content of the site to reside in a database, and to.
Ethical Hacking Module XIX Evading IDS, Firewalls and Honey pots.
Compiled by : S. Agarwal Lecturer & Systems Incharge St. Xaviers Computer Centre St. Xaviers College, Kolkata. INTERNET PROTOCOLS.
Version 4.1 CCNA Discovery 2– Chapter 7. Contents 7.1: ISP Services : TCP / IP Protocols 7.2: 7.3: DNS 7.3: 7.4: Application Layer Protocols 7.4.
The Honeypot Project By Itzik Jislin Yiftach Benjamini Supervisor: Ben Bershtein.
Business Objects Web Intelligence Business Objects Web Intelligence.
Ethical Hacking Module XII Web Application Vulnerabilities.
1 OSI Transport Layer IT305: Computer Networks – Chapter 4.
Database Connections with ASP.Net A large number of computer applicationsboth desktop and web applicationsare data-driven. These applications are largely.
Testing Relational Database. Overview Once the design of a database system has been completed, the developers are ready to move into the implementation.
The world wide web Chapter 4. Learning outcomes Explain in general terms how web documents are transferred across the Internet and What processes are.
Microsoft ® Access ® 2010 Training Create queries for a new database.
JQuery MessageBoard. Lets use jQuery and AJAX in combination with a database to update and retrieve information without refreshing the page. Here we will.
ARP Spoofing. Introduction A computer connected to an IP/Ethernet has two addresses –Address of network card (MAC address) Globally unique and unchangeable.
Using NIMAC 2.0: The Accessible Media Producer Portal NIMAC 2.0 for AMPs.
Mozilla Thunderbird Management. Topic 1: Changing How is Organized Topic 2: Creating and Using Folders Topic 3: Attachments Topic 4: Organizing.
TCP/IP Internal TCP/IP. Learning outcome Application layer – HTTP, FTP, TELNET, POP3, SMTP, IMAP, DNS protocols Transport layer – TCP and UDP – TCP and.
PHP I. PHP, or PHP Hypertext Preprocessor is a server-side scripting language. Originally created in 1994 by Rasmus Lerdorf, to track users at his web.
The Windows File System and Windows Explorer To move around the file system and examine your files or get to one you want (say, to modify, delete or copy.
1 Introduction to ASP.NET. 2 Static and Dynamic Web Applications HTML is used to create static content Browser software interprets HTML tags and formats.
© 2016 SlidePlayer.com Inc. All rights reserved.