Your SlideShare is downloading. ×
HACK THE HACKERS      2012
About New Horizons World’s largest IT training company since 2002 (IDC) Recognized among the worlds Top 20 IT training com...
Partners
Customers
EC-Council Training              November 12th, 2012              November 19th, 2012   2 of you will win a CEH voucher TO...
Special thanks to:
Sean Hanna             SEAN HANNA               LPT, ECSA, CEH, CHFI, CISSP, CISM, CISA,               GSEC, GCIA, GCIH   ...
Client Side Hacking –              Targeting the UserSean HannaEC-Council Security Instructor of the Year   June 7th, 2012
EC-Council
EC-CouncilHACK!   Client Side The Next Target  Sean Hanna
Be scared, very scared…BOOMERANGS
EC-Council
EC-Council
Research is where it all starts…   EC-Council
Vulnerabilities   EC-Council
Weapons R&D                                       EC-Council  Finding the next Vulnerability is highly technical  Greatest...
For Example…                                    EC-Council  Wi-Fi Protected Setup is designed to ease the  task of setting...
EC-Council
EC-CouncilExploits
Exploits   EC-Council
The Exploits                  EC-Council                    “Delivery Method”  Stack Overflow  Heap Corruption  Format Str...
For Example…                             EC-Council  Remote Code Buffer Overflows occurs when  data written to a buffer, d...
EC-Council
EC-Council
Payloads   EC-Council
The Payloads                      EC-Council  Shells               “Dangerous Weapon”  Reverse Shells  HTTP  Reverse HTTP ...
For Example…                            EC-Council  A botnet is a collection of compromised  computers, each of which is k...
DemoSHARK BOTNET
EC-Council
Frameworks   EC-Council
Every attack requires coding   EC-Council  Assembly Language  C+ or C++  Perl  Ruby  Visual Basic  Java  .NET Framework  S...
Exploit Lifecycle   EC-Council
The Frameworks           EC-Council There are various frameworks   Underground   Commercial These are the engines of hacking
Frameworks   EC-Council
What would Dr Strangelove do                               EC-Councilnext….
if you’ve got it then you might as                                   EC-Councilwell …
For Example…                            EC-Council  Metasploit a well-known Framework, a tool for  developing and executin...
EC-Council
EC-CouncilTHE END
EC-CouncilOR IS IT…
Random Demos?                            EC-Council  Were these just 3 random demos, or was there  something more behind t...
EC-Council
The Arms Race                   EC-Council  The term arms race in its  original usage describes a  competition between two...
EC-Council
The Ingredients Of An Arms Race EC-Council  A new technology that might have a use a  weapon   Existing research in non-we...
The Dawn of a New Era                     EC-Council  We have just entered the dawn of new era  Cyber Warfare is not the s...
WHY SHOULD THIS CONCERNME?
This Time Its Different               EC-Council  The human race has always been careful to  control the availability of w...
Cyber Weaponry                        EC-Council  When a solider leaves the army    You can take his gun of him  When a sa...
CYBER WEAPONRY ISKNOWLEDGE
RISK                                        EC-Council  Your job is managing Information RISK  The risk profile id constan...
What Is About To Come Next..   EC-Council
Journey                                 EC-Council  Let me take you on journey through hacking  From the start though the ...
FROM THE BEGINNING…
DEMOSET ON METASPLOIT
THE FOUR PHASES OFHACKING
Evolution                                 EC-Council  Hacking is continuing to evolve  If we understand how it has evolved...
Timeline   EC-Council
PHASE1
Hobbyist Hackers                        EC-Council          C0mrade            hacked into NASA            downloaded the ...
Hobbyist Hackers              EC-Council  Started the whole process  Limited success  Limited resources  Limited skills
PHASE2
Security Research Companies                    EC-Council  HP Fortify    Largest commercial research organization in the  ...
PHASE3
Criminal Gangs                             EC-Council  431 million adults worldwide were victims of  cyber crime last year...
EC-Council
Criminal Gangs                                 EC-Council  Russian cybercriminals (Mafia Today)    raked in over $4 billio...
Criminal Gangs                          EC-Council  Cyber crime costs the UK economy £27bn a  year, the government has sai...
Criminal Gangs                              EC-Council  Took the process to second stage  Invested money to make money  Pr...
Crimeware                              EC-Council  Crimeware is a class of malware designed  specifically to automate cybe...
Crimeware Part 1                        EC-Council  Advancement 1:    Form-grabbing (spyware)  Advancement 2:     Anti-det...
Crimeware Part 2                            EC-Council  Advancement 5:    Source Code Availability/Release  Advancement 6:...
PHASE4
Cyber Warfare                               EC-Council  “actions by a nation-state to penetrate another  nations computers...
Cyber Warfare - History                                                      EC-Council  March 1999: Hackers in Serbia att...
US First Cyber Warfare General                      EC-Council  The US military appointed its first senior general to dire...
EC-Council9ec4c12949a4f31474f299058ce2b22a
Cyber Warfare                           EC-Council  A cyber attack by one state on another could be  considered an "act of...
White House warns of Cyber Warfareboomerangs                                   EC-Council  Unlike a bullet or missile fire...
Germany prepares special unit to          EC-Counciltackle cyber attack   BERLIN: Germany has prepared a special   cyber w...
The Government Wants You                EC-Council  Agencies need to hack clients  Al Qaeda operatives for example  Millio...
PHASE 5   EC-Council
PHASE 5   EC-Council
Questions and Answers New Horizons Bulgaria 36 Dragan Tsankov blvd. Interpred, block A, floor 6 Phone : +359 2 421 0040 Em...
Upcoming SlideShare
Loading in...5
×

Hack the Hackers 2012: Client Side Hacking – Targeting the User

1,634

Published on


Live Hacking demos by Sean Hanna - CISSP, CISM, GCIA, GCIH, CEH, CHFI, ECSA, LPT, EC-Council Security Instructor of the Year



Hack the Hackers is organized by New Horizons Bulgaria - the only EC-Council Accredited Training Center in Bulgaria.

More info: www.newhorizons.bg
www.newhorizons.bg/blog

Published in: Technology, Sports
0 Comments
4 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,634
On Slideshare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
0
Comments
0
Likes
4
Embeds 0
No embeds

No notes for slide
  • Licensed Penetration Tester (LPT),EC-Council Certified Security Analyst (ECSA), Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), GIAC Certified Intrusion Analyst (GCIA), Certified Incident Handler (GCIH); Director at Nemstar- Offering IT Security, Consultancy & Training services in Ireland, the UK and Europe
  • Transcript of "Hack the Hackers 2012: Client Side Hacking – Targeting the User"

    1. 1. HACK THE HACKERS 2012
    2. 2. About New Horizons World’s largest IT training company since 2002 (IDC) Recognized among the worlds Top 20 IT training companies four out of four years (Trainingindustry.com) Deliver a full range of technical, application, and business skills training solutions Advanced technical solutions (Microsoft, IBM, CompTIA, Adobe, ITIL, and various Information Security offerings); Desktop applications (Microsoft Project, Excel, Access, PowerPoint; Adobe Photoshop, Illustrator, InDesign); Business skills (project management, practical selling skills, time management, effective presentations, etc.) Offer more courses, at more times, and in more locations than any other computer and business training company
    3. 3. Partners
    4. 4. Customers
    5. 5. EC-Council Training November 12th, 2012 November 19th, 2012 2 of you will win a CEH voucher TODAY!
    6. 6. Special thanks to:
    7. 7. Sean Hanna SEAN HANNA LPT, ECSA, CEH, CHFI, CISSP, CISM, CISA, GSEC, GCIA, GCIH EC-Council Instructor of the year 2007, 2008, 2010, 2011
    8. 8. Client Side Hacking – Targeting the UserSean HannaEC-Council Security Instructor of the Year June 7th, 2012
    9. 9. EC-Council
    10. 10. EC-CouncilHACK! Client Side The Next Target Sean Hanna
    11. 11. Be scared, very scared…BOOMERANGS
    12. 12. EC-Council
    13. 13. EC-Council
    14. 14. Research is where it all starts… EC-Council
    15. 15. Vulnerabilities EC-Council
    16. 16. Weapons R&D EC-Council Finding the next Vulnerability is highly technical Greatest challenge for coders Years of experience required Reverse Engineering Zero Day Attacks
    17. 17. For Example… EC-Council Wi-Fi Protected Setup is designed to ease the task of setting up and configuring security on wireless local area networks It has many weaknesses External Registrar option does not require any kind of authentication apart from providing the PIN, it is potentially vulnerable to brute force attacks.
    18. 18. EC-Council
    19. 19. EC-CouncilExploits
    20. 20. Exploits EC-Council
    21. 21. The Exploits EC-Council “Delivery Method” Stack Overflow Heap Corruption Format String Integer Bugs Race Conditions Brute Forcing SQL Coding Unicode
    22. 22. For Example… EC-Council Remote Code Buffer Overflows occurs when data written to a buffer, due to insufficient bounds checking, corrupts data values in memory addresses adjacent to the allocated buffer and may allow remote code to be run Microsoft DNS RPC Service extractQuotedChar() Overflow (TCP) MS07-029
    23. 23. EC-Council
    24. 24. EC-Council
    25. 25. Payloads EC-Council
    26. 26. The Payloads EC-Council Shells “Dangerous Weapon” Reverse Shells HTTP Reverse HTTP VNC Password Collector Visa Collector Bombs
    27. 27. For Example… EC-Council A botnet is a collection of compromised computers, each of which is known as a bot, connected to the Internet. Shark Botnet Payload Botnet C&C Server
    28. 28. DemoSHARK BOTNET
    29. 29. EC-Council
    30. 30. Frameworks EC-Council
    31. 31. Every attack requires coding EC-Council Assembly Language C+ or C++ Perl Ruby Visual Basic Java .NET Framework So its NOT easy !!!!
    32. 32. Exploit Lifecycle EC-Council
    33. 33. The Frameworks EC-Council There are various frameworks Underground Commercial These are the engines of hacking
    34. 34. Frameworks EC-Council
    35. 35. What would Dr Strangelove do EC-Councilnext….
    36. 36. if you’ve got it then you might as EC-Councilwell …
    37. 37. For Example… EC-Council Metasploit a well-known Framework, a tool for developing and executing exploit code against a remote target machine Contains many plug-ins SET
    38. 38. EC-Council
    39. 39. EC-CouncilTHE END
    40. 40. EC-CouncilOR IS IT…
    41. 41. Random Demos? EC-Council Were these just 3 random demos, or was there something more behind them? Each of the demos targeted a client system This is only the start of our story…
    42. 42. EC-Council
    43. 43. The Arms Race EC-Council The term arms race in its original usage describes a competition between two or more parties for military supremacy. Each party competes to produce larger numbers of weapons, greater armies, or superior military technology in a technological escalation Source: Wiki
    44. 44. EC-Council
    45. 45. The Ingredients Of An Arms Race EC-Council A new technology that might have a use a weapon Existing research in non-weapon areas An accidental or deliberate demonstration of its potential One government to use it against another Big business to see the chance of massive profits
    46. 46. The Dawn of a New Era EC-Council We have just entered the dawn of new era Cyber Warfare is not the stuff of science fiction Militaries around the world deploy Cyber Warfare Weaponry on an hourly bases The technologies is in use in live operational theatres around the world
    47. 47. WHY SHOULD THIS CONCERNME?
    48. 48. This Time Its Different EC-Council The human race has always been careful to control the availability of weapons This time we can’t
    49. 49. Cyber Weaponry EC-Council When a solider leaves the army You can take his gun of him When a sailor leaves the navy You can take his ship of him When a pilot leaves the air force You can take his plane of him
    50. 50. CYBER WEAPONRY ISKNOWLEDGE
    51. 51. RISK EC-Council Your job is managing Information RISK The risk profile id constantly changing New threats are constantly emerging Everything is a state of constant flux
    52. 52. What Is About To Come Next.. EC-Council
    53. 53. Journey EC-Council Let me take you on journey through hacking From the start though the years to today Then on towards the future Let me share why things are about to change FOREVER.
    54. 54. FROM THE BEGINNING…
    55. 55. DEMOSET ON METASPLOIT
    56. 56. THE FOUR PHASES OFHACKING
    57. 57. Evolution EC-Council Hacking is continuing to evolve If we understand how it has evolved.. We might see how it will evolve in the future
    58. 58. Timeline EC-Council
    59. 59. PHASE1
    60. 60. Hobbyist Hackers EC-Council C0mrade hacked into NASA downloaded the source code of the International Space Station $1.7 million Kevin Mitnick most wanted computer criminal in U.S. history breached the national defence system
    61. 61. Hobbyist Hackers EC-Council Started the whole process Limited success Limited resources Limited skills
    62. 62. PHASE2
    63. 63. Security Research Companies EC-Council HP Fortify Largest commercial research organization in the world Identified over 430 vulnerability categories across 18 programming languages Discovered two entirely new categories of vulnerabilities (JavaScript Hijacking and Cross-Build Injection)
    64. 64. PHASE3
    65. 65. Criminal Gangs EC-Council 431 million adults worldwide were victims of cyber crime last year (Norton Cyber Crime Report 2011) $388 billion is lost globally each year to cyber crime (Norton Cyber Crime Report 2011)
    66. 66. EC-Council
    67. 67. Criminal Gangs EC-Council Russian cybercriminals (Mafia Today) raked in over $4 billion in 2011 consolidated their efforts; organized crime groups are clamoring for a piece of the action most lucrative form of Russian cybercrime last year was online fraud “The cybercrime market originating from Russia costs the global economy billions of dollars every year,” Ilya Sachkov, Group-IB’s CEO
    68. 68. Criminal Gangs EC-Council Cyber crime costs the UK economy £27bn a year, the government has said. £21bn of costs to businesses £2.2bn to government £3.1bn to citizens Security minister Baroness Neville-Jones said the government was determined to work with industry to tackle cyber crime.
    69. 69. Criminal Gangs EC-Council Took the process to second stage Invested money to make money Professional career hackers Large budgets Large multi-skills teams Results in the production of commercial quality hacks: Crimeware is born
    70. 70. Crimeware EC-Council Crimeware is a class of malware designed specifically to automate cybercrime The term was coined by Peter Cassidy, Secretary General of the Anti-Phishing Working Group Crimeware is said to started around 2003 Crimeware has made rapid advancements in the last 9 years
    71. 71. Crimeware Part 1 EC-Council Advancement 1: Form-grabbing (spyware) Advancement 2: Anti-detection (stealth) Advancement 3: Web-injects (man-in-the-browser) Advancement 4: Expanded Target Support
    72. 72. Crimeware Part 2 EC-Council Advancement 5: Source Code Availability/Release Advancement 6: Mobile Device Support (man-in-the-mobile) Advancement 7: Anti-removal (persistence) Advancement 8: Commercialisation (market)
    73. 73. PHASE4
    74. 74. Cyber Warfare EC-Council “actions by a nation-state to penetrate another nations computers or networks for the purposes of causing damage or disruption” “the fifth domain of warfare” “as critical to military operations as land, sea, air, and space”
    75. 75. Cyber Warfare - History EC-Council March 1999: Hackers in Serbia attack NATO systems in retaliation for NATO’s military intervention in Kosovo. May 1999: NATO accidentally bombs the Chinese embassy in Belgrade, spawning a wave of cyberattacks from China against U.S. government Web sites. 2003: Hackers begin a series of assaults on U.S. government computer systems that lasts for years. The government code names the attacks Titan Rain and eventually traces them to China. April-May 2007: Hackers believed to be linked to the Russian government bring down the Web sites of Estonia’s parliament, banks, ministries, newspapers and broadcasters. June-July 2008: Hundreds of government and corporate Web sites in Lithuania are hacked, and some are covered in digital Soviet-era graffiti, implicating Russian nationalist hackers. August 2008: Cyber attackers hijack government and commercial Web sites in Georgia during a military conflict with Russia. January 2009: Attacks shut down at least two of Kyrgyzstan’s four Internet service providers during political squabbling among Russia, the ruling Kyrgyzstan party and an opposition party. April 2009: An attack on neighboring Kazakhstan shuts down a popular news Web site.
    76. 76. US First Cyber Warfare General EC-Council The US military appointed its first senior general to direct cyber warfare – despite fears that the move marks another stage in the militarisation of cyberspace. The creation of Cyber Command is in response to increasing anxiety over the vulnerability of the USs military and other networks to a cyber attack The US air force discloses that some 30,000 of its troops had been re-assigned from technical support "to the frontlines of cyber warfare". May 2010 – The Guardian Newspaper UK
    77. 77. EC-Council9ec4c12949a4f31474f299058ce2b22a
    78. 78. Cyber Warfare EC-Council A cyber attack by one state on another could be considered an "act of war", former top national security adviser (BBC News) William Hague: UK is under cyber-attack (BBC News)
    79. 79. White House warns of Cyber Warfareboomerangs EC-Council Unlike a bullet or missile fired at an enemy, a Cyber Weapon that spreads across the Internet may circle back accidentally to infect computers it was never supposed to target. The Homeland Security Department’s warning about the new virus, known as “Flame,” 3 Days ago – The White House
    80. 80. Germany prepares special unit to EC-Counciltackle cyber attack BERLIN: Germany has prepared a special cyber warfare unit of its military to conduct offensive operations against computer hackers, who attack key installations or engage in espionage activities, defence ministry has said. 36 Hours ago – Economic Times
    81. 81. The Government Wants You EC-Council Agencies need to hack clients Al Qaeda operatives for example Millions have been spent in developing the next generation of client side hacking tools
    82. 82. PHASE 5 EC-Council
    83. 83. PHASE 5 EC-Council
    84. 84. Questions and Answers New Horizons Bulgaria 36 Dragan Tsankov blvd. Interpred, block A, floor 6 Phone : +359 2 421 0040 Email: office@newhorizons.bg Web: www.newhorizons.bg Blog: newhorizons.bg/blog

    ×