MIS Week 9 Site:
In the news Last Presentations WebGoat Issues Ettercap Next Week 2MIS
3
Submitted exposes-all-employee-w-2s/ exposes-all-employee-w-2s/ unencrypted-devices-a-sitting-target-cybersecurity- experts-say/ unencrypted-devices-a-sitting-target-cybersecurity- experts-say/ operating-system.html operating-system.html (Chips under skin) ights_FBI_s_iPhone_demand_as__oppressive_.html ights_FBI_s_iPhone_demand_as__oppressive_.html (GCHQ on Apple) MIS
Submitted 4-vulnerability-found-in-in-twofactor- authentication?page=0,1 4-vulnerability-found-in-in-twofactor- authentication?page=0,1 creates-cyber-security-game-to-let-board-members-play- as-hackers gn713x creates-cyber-security-game-to-let-board-members-play- as-hackers gn713x disables-fire-os-5-encryption-update-promises-reverse/ disables-fire-os-5-encryption-update-promises-reverse/ ransomware.html ransomware.html down-the-first-fully-functional-mac-os-x-ransomware/ down-the-first-fully-functional-mac-os-x-ransomware/ MIS
What I noted fi-tn-snapchat-phishing-attack story.html fi-tn-snapchat-phishing-attack story.html america-apple-users-targeted-in-first-known-mac- ransomware-campaign.html america-apple-users-targeted-in-first-known-mac- ransomware-campaign.html /mits-new-5-atom-quantum-computer-could- transform-encryption.html#tk.rss_all /mits-new-5-atom-quantum-computer-could- transform-encryption.html#tk.rss_all ex.html (Pin Guessing) ex.html MIS
7
Access Control Flaws Stage 1 Stage 3 Authentication Flaws Cross-Site Scripting Phishing Stage 1 Stage 5 Reflected XSS Attacks Improper Error Handling Fail Open Authentication Scheme MIS
Injection Flaws: Command Injection: " & netstat -ant & ifconfig“ Numerical SQL Injection: or 1=1 Log Spoofing XPATH Injection String SQL Injection Modifying Data with SQL Injection Adding Data with SQL Injection Blind Numeric SQL Injection Blind String SQL Injection MIS
10 Intercepting traffic Source: man-in-the-middle-attack.html
Ettercap supports active and passive dissection of many protocols (including ciphered ones). Ettercap offers four modes of operation: IP-based: packets are filtered based on IP source and destination. MAC-based: packets are filtered based on MAC address, useful for sniffing connections through a gateway. ARP-based: uses ARP poisoning to sniff on a switched LAN between two hosts (full-duplex). PublicARP-based: uses ARP poisoning to sniff on a switched LAN from a victim host to all other hosts (half- duplex). MIS
Other Features: Character injection SSH1 support: the sniffing of a username and password HTTPS support: the sniffing of HTTP SSL secured data—even Remote traffic through a GRE tunnel Plug-in support Password collectors for: TELNET, FTP, POP, IMAP, rlogin, SSH1, ICQ, SMB, MySQL, HTTP, NNTP, X11, Napster, IRC, RIP, BGP, SOCKS 5, IMAP 4, VNC, LDAP, NFS, SNMP, Half- Life, Quake 3, MSN, YMSG Packet filtering/dropping OS fingerprinting Kill a connection Passive scanning of the LAN Hijacking of DNS requests MIS
A tool for performing man in the middle attacks Pre-installed in Kali MIS
After Launch: MIS
Click “Unified Sniffing” MIS
Select Your Network Connection (May not be same) MIS
Now we will see who is out there: MIS
Available Hosts, I’m going after the last one! MIS
Setup to ARP Poison MIS
Doesn’t Work in a VM You will need real machines on a switch to get this fully functioning A good walkthrough is tutorial/ tutorial/ MIS
In the news Intro to Wireless MIS
? MIS