Hacker’s Strategies Revealed WEST CHESTER UNIVERSITY Computer Science Department Yuchen Zhou March 22, 2002.

Slides:



Advertisements
Similar presentations
Backdoors, Trojans and Rootkits CIS 413 This presentation is an amalgam of presentations by Mark Michael, Randy Marchany and Ed Skoudis. I have edited.
Advertisements

Botnets ECE 4112 Lab 10 Group 19.
Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.
Hacker, Cracker?! Are they the same? No!!! Hacker programmers intensely interested in the arcane and recondite workings of any computer operating system.
Exploits Dalia Solomon. Categories Trojan Horse Attacks Trojan Horse Attacks Smurf Attack Smurf Attack Port Scan Port Scan Buffer Overflow Buffer Overflow.
Trojan Horse Program Presented by : Lori Agrawal.
1 Eastern Michigan University Asad Khailany, Eastern Michigan University Dmitri Bagatelia, Eastern Michigan University Wafa Khorsheed, Eastern Michigan.
How do Networks work – Really The purposes of set of slides is to show networks really work. Most people (including technical people) don’t know Many people.
Internet Applications: Telnet, Ping and Traceroute.
Network Printing. Printer sharing Saves money by only needing one printer Increases efficiency of managing resources.
Using FileZilla to FTP CS10001 – Computer Literacy Kent State University.
(NHA) The Laboratory of Computer Communication and Networking Network Host Analyzer.
S EC (4.5): S ECURITY 1. F ORMS OF ATTACK There are numerous way that a computer system and its contents can be attacked via network connections. Many.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
Module 6 Windows 2000 Professional 6.1 Installation 6.2 Administration/User Interface 6.3 User Accounts 6.4 Managing the File System 6.5 Services.
Activating Pilot Account ( first time users ) Web-based Activation Browse to 1. Click on the link on the lower right that says.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Internet Relay Chat Chandrea Dungy Derek Garrett #29.
Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.
1 Mapping a Drive on the USF IIS Server. 2 Mapping a Drive To map a drive to a network file directory in Windows you must be on a Microsoft local area.
Lecture 18 HACKING (CONTINUED). WHY DO PEOPLE HACK ?  JUST FOR FUN.  SHOW OF THEIR KNOWLEDGE.  HACK OTHER SYSTEM SECRETLY.  DESTROY ENEMY’S COMPUTER.
Trojan Horse Implementation and Prevention By Pallavi Dharmadhikari Sirisha Bollineni VijayaLakshmi Jothiram Vasanthi Madala.
Checking Network/Port Connectivity using Kaseya Agent Procedures Developed By: Emmanuel Giboyeaux Advisor : Dr. S. Masoud Sadjadi School of Computing and.
Lab How to Use WANem Last Update Copyright 2011 Kenneth M. Chipps Ph.D. 1.
Simple Mail Transfer Protocol (SMTP)
Chapter 8 The Internet: A Resource for All of Us.
File Recovery and Forensics
CIS 460 – Network Design Seminar Network Security Scanner Tool GFI LANguard.
ECE4112 Lab 7: Honeypots and Network Monitoring and Forensics Group 13 + Group 14 Allen Brewer Jiayue (Simon) Chen Daniel Chu Chinmay Patel.
Chapter 1: The Internet and the WWW CIS 275—Web Application Development for Business I.
1 Version 3.0 Module 11 TCP Application and Transport.
TEAM Basic TotalElectrostatic ManagementAwareness&
INSTALLATION HANDS-ON. Page 2 About the Hands-On This hands-on section is structured in a way, that it allows you to work independently, but still giving.
Chapter 13 Users, Groups Profiles and Policies. Learning Objectives Understand Windows XP Professional user accounts Understand the different types of.
Client – Server Application Can you create a client server application: The server will be running as a service: does not have a GUI The server will run.
Linux Networking and Security
Internet Business Foundations © 2004 ProsoftTraining All rights reserved.
Application Layer Khondaker Abdullah-Al-Mamun Lecturer, CSE Instructor, CNAP AUST.
Computer Networking From LANs to WANs: Hardware, Software, and Security Chapter 13 FTP and Telnet.
CHAPTER 9 Sniffing.
Networking in Linux. ♦ Introduction A computer network is defined as a number of systems that are connected to each other and exchange information across.
Hacking Windows 9X/ME. Hacking framework Initial access physical access brute force trojans Privilege escalation Administrator, root privileges Consolidation.
CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Backdoors and Rootkits.
Core 3: Communication Systems. Network software includes the Network Operating Software (NOS) and also network based applications such as those running.
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network, Enhanced Chapter 3: TCP/IP Architecture.
Networking Material taken mainly from HowStuffWorks.com.
Chapter 12: How Private are Web Interactions?. Why we care? How much of your personal info was released to the Internet each time you view a Web page?
How to use WS_FTP A Step by Step Guide to File Transfer.
17 Establishing Dial-up Connection to the Internet Using Windows 9x 1.Install and configure the modem 2.Configure Dial-Up Adapter 3.Configure Dial-Up Networking.
Firewalls. Intro to Firewalls Basically a firewall is a barrier to keep destructive forces away from your computer network.
Remote Access Usages. Remote Desktop Remote desktop technology makes it possible to view another computer's desktop on your computer. This means you can.
File Transfer Protocol (FTP) CIS 130. File Transfer Protocol (FTP) Copy files from one internet host (server) to your account on another host –Need domain.
Myrtle Entertainment System Scanner How to work your way to installing a program via Myrtle Entertainment System Scanner.
Integrity Check As You Well Know, It Is A Violation Of Academic Integrity To Fake The Results On Any.
Mac OS X backdoor Trojan, now in beta? 報告人:劉旭哲. Introduction It targets users of Mac OS X As even the malware itself admits, it is not yet finished. It.
INTERNET APPLICATIONS CPIT405 Install a web server and analyze packets.
Steven Geisel Gabe Owens.  Angry IP Scanner is an open-source and cross-platform network scanner  Features include IP Address scanning, port scanning,
Chapter 7: Using Network Clients The Complete Guide To Linux System Administration.
Fall  Computer Crimes  Operating System Identification  Firewalking 2.
Understanding FTP File Transfer Protocol. Learning Objectives By the end of this lecture, you should be able to: – Describe the purpose of FTP – Install.
Networks Fall 2009.
Enumeration.
Backdoor Attacks.
ETL Job Scheduler Job Database Server User Interface Scheduler
Topic 5: Communication and the Internet
A Distributed DoS in Action
Radoslaw Jedynak, PhD Poland, Technical University of Radom
Crisis and Aftermath Morris worm.
Computer Networks Protocols
File Transfer Protocol
Presentation transcript:

Hacker’s Strategies Revealed WEST CHESTER UNIVERSITY Computer Science Department Yuchen Zhou March 22, 2002

Requirements: Hardware: -Two computers -One hub -Internet access Software: - Windows 98/2000 -Trojan horse (Glacier 6.0) -Sniffer ( password monitor) -Port scanner (Fluxay IV)

Case 1: Trojan Horse: Suppose a Trojan horse (server.exe) was installed on computer A already. One can execute a control program(client.exe) on computer B to control computer A.

Planting a Trojan Horse Direct execution of a Trojan horse Sent as an attachment Link an icon (as a “bait”) to a Trojan Horse Guess password of a user and then use remote execution

Hacking Remotely Run a client program to control the compromised system remotely

Searching... port delay time domain begin from to Victim found

All folders and files in computer A. We can copy, rename, run or delete them remotely. All folders and files in computer A. We can copy, rename, run or delete them remotely.

Computer A’s basic information System information of computer A. System information of computer A. Password related commands Control related commands Network related commands

All the passwords in computer A's cache. Password in cache

Monitoring computer A’s screen

Controlling Computer A’s screen

Other operations you can use to control computer A Find/copy/delete files from computer A Share a directory Kill a process Change the registry Record the keyboard Shut/restart the computer

All commands we can use

Case 2: Sniff a Password If computer A transmits some data frames to a server machine D via an Ethernet, every computer will receive a copy. Only computer D should accept it; others should discard the data frames. However, a sniffer running on machine B or C receives it and analyzes it even B or C is not the destination.

The URL computer A visiting user name password Computer A’s IP address log on time monitoring NIC When the password was detected, it will display here. When the password was detected, it will display here.

This file’s name is “webfilter.txt”, “pwmonitor” need this file to identify the URLs. That is to say, only when the URL computer A visiting is in this filter file can the passwords be sniffed. Because this sniffer is created in China, most of the URLs located in China, but we can find yahoo.com here. This file’s name is “webfilter.txt”, “pwmonitor” need this file to identify the URLs. That is to say, only when the URL computer A visiting is in this filter file can the passwords be sniffed. Because this sniffer is created in China, most of the URLs located in China, but we can find yahoo.com here.

Case 3: Hack a Server Computer A is a server, B is a client Scans the ports of computer A Guesses the password of admin. After the computer is compromised, a hacker can plant some backdoor software to the server and execute it remotely.

Hosts’ type usernamepasswordhosts Flaxuy is the most popular ports scanner used in China these days. It scans all services (ports) of the servers provide, once it finds a certain service (FTP, telnet...), it will try to find the users and guess the passwords... Flaxuy is the most popular ports scanner used in China these days. It scans all services (ports) of the servers provide, once it finds a certain service (FTP, telnet...), it will try to find the users and guess the passwords...

Scan from to Host type Guess password Display password if get

Scanning...

Now we get the password.

Computer ’s Administrator is “TopTooler”, the password is “toptooler”, we can establish a IPC connection. Computer ’s Administrator is “TopTooler”, the password is “toptooler”, we can establish a IPC connection. password

Using this command, we can log on to the server as an administrator. Using this command, we can log on to the server as an administrator. Then copy a Trojan horse to a server Then copy a Trojan horse to a server

The Trojan horse will be started automatically at 13:50p.m. on the server. The Trojan horse will be started automatically at 13:50p.m. on the server.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.