Your SlideShare is downloading. ×
Hack the Hackers 2012: Client Side Hacking – Targeting the User
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.

Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Hack the Hackers 2012: Client Side Hacking – Targeting the User


Published on

Live Hacking demos by Sean Hanna - CISSP, CISM, GCIA, GCIH, CEH, CHFI, ECSA, LPT, EC-Council Security Instructor of the Year

Hack the Hackers is organized by New Horizons Bulgaria - the only EC-Council Accredited Training Center in Bulgaria.

More info:

Published in: Technology, Sports
  • Be the first to comment

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide
  • Licensed Penetration Tester (LPT),EC-Council Certified Security Analyst (ECSA), Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), GIAC Certified Intrusion Analyst (GCIA), Certified Incident Handler (GCIH); Director at Nemstar- Offering IT Security, Consultancy & Training services in Ireland, the UK and Europe
  • Transcript

    • 1. HACK THE HACKERS 2012
    • 2. About New Horizons World’s largest IT training company since 2002 (IDC) Recognized among the worlds Top 20 IT training companies four out of four years ( Deliver a full range of technical, application, and business skills training solutions Advanced technical solutions (Microsoft, IBM, CompTIA, Adobe, ITIL, and various Information Security offerings); Desktop applications (Microsoft Project, Excel, Access, PowerPoint; Adobe Photoshop, Illustrator, InDesign); Business skills (project management, practical selling skills, time management, effective presentations, etc.) Offer more courses, at more times, and in more locations than any other computer and business training company
    • 3. Partners
    • 4. Customers
    • 5. EC-Council Training November 12th, 2012 November 19th, 2012 2 of you will win a CEH voucher TODAY!
    • 6. Special thanks to:
    • 7. Sean Hanna SEAN HANNA LPT, ECSA, CEH, CHFI, CISSP, CISM, CISA, GSEC, GCIA, GCIH EC-Council Instructor of the year 2007, 2008, 2010, 2011
    • 8. Client Side Hacking – Targeting the UserSean HannaEC-Council Security Instructor of the Year June 7th, 2012
    • 9. EC-Council
    • 10. EC-CouncilHACK! Client Side The Next Target Sean Hanna
    • 11. Be scared, very scared…BOOMERANGS
    • 12. EC-Council
    • 13. EC-Council
    • 14. Research is where it all starts… EC-Council
    • 15. Vulnerabilities EC-Council
    • 16. Weapons R&D EC-Council Finding the next Vulnerability is highly technical Greatest challenge for coders Years of experience required Reverse Engineering Zero Day Attacks
    • 17. For Example… EC-Council Wi-Fi Protected Setup is designed to ease the task of setting up and configuring security on wireless local area networks It has many weaknesses External Registrar option does not require any kind of authentication apart from providing the PIN, it is potentially vulnerable to brute force attacks.
    • 18. EC-Council
    • 19. EC-CouncilExploits
    • 20. Exploits EC-Council
    • 21. The Exploits EC-Council “Delivery Method” Stack Overflow Heap Corruption Format String Integer Bugs Race Conditions Brute Forcing SQL Coding Unicode
    • 22. For Example… EC-Council Remote Code Buffer Overflows occurs when data written to a buffer, due to insufficient bounds checking, corrupts data values in memory addresses adjacent to the allocated buffer and may allow remote code to be run Microsoft DNS RPC Service extractQuotedChar() Overflow (TCP) MS07-029
    • 23. EC-Council
    • 24. EC-Council
    • 25. Payloads EC-Council
    • 26. The Payloads EC-Council Shells “Dangerous Weapon” Reverse Shells HTTP Reverse HTTP VNC Password Collector Visa Collector Bombs
    • 27. For Example… EC-Council A botnet is a collection of compromised computers, each of which is known as a bot, connected to the Internet. Shark Botnet Payload Botnet C&C Server
    • 28. DemoSHARK BOTNET
    • 29. EC-Council
    • 30. Frameworks EC-Council
    • 31. Every attack requires coding EC-Council Assembly Language C+ or C++ Perl Ruby Visual Basic Java .NET Framework So its NOT easy !!!!
    • 32. Exploit Lifecycle EC-Council
    • 33. The Frameworks EC-Council There are various frameworks Underground Commercial These are the engines of hacking
    • 34. Frameworks EC-Council
    • 35. What would Dr Strangelove do EC-Councilnext….
    • 36. if you’ve got it then you might as EC-Councilwell …
    • 37. For Example… EC-Council Metasploit a well-known Framework, a tool for developing and executing exploit code against a remote target machine Contains many plug-ins SET
    • 38. EC-Council
    • 39. EC-CouncilTHE END
    • 40. EC-CouncilOR IS IT…
    • 41. Random Demos? EC-Council Were these just 3 random demos, or was there something more behind them? Each of the demos targeted a client system This is only the start of our story…
    • 42. EC-Council
    • 43. The Arms Race EC-Council The term arms race in its original usage describes a competition between two or more parties for military supremacy. Each party competes to produce larger numbers of weapons, greater armies, or superior military technology in a technological escalation Source: Wiki
    • 44. EC-Council
    • 45. The Ingredients Of An Arms Race EC-Council A new technology that might have a use a weapon Existing research in non-weapon areas An accidental or deliberate demonstration of its potential One government to use it against another Big business to see the chance of massive profits
    • 46. The Dawn of a New Era EC-Council We have just entered the dawn of new era Cyber Warfare is not the stuff of science fiction Militaries around the world deploy Cyber Warfare Weaponry on an hourly bases The technologies is in use in live operational theatres around the world
    • 48. This Time Its Different EC-Council The human race has always been careful to control the availability of weapons This time we can’t
    • 49. Cyber Weaponry EC-Council When a solider leaves the army You can take his gun of him When a sailor leaves the navy You can take his ship of him When a pilot leaves the air force You can take his plane of him
    • 51. RISK EC-Council Your job is managing Information RISK The risk profile id constantly changing New threats are constantly emerging Everything is a state of constant flux
    • 52. What Is About To Come Next.. EC-Council
    • 53. Journey EC-Council Let me take you on journey through hacking From the start though the years to today Then on towards the future Let me share why things are about to change FOREVER.
    • 57. Evolution EC-Council Hacking is continuing to evolve If we understand how it has evolved.. We might see how it will evolve in the future
    • 58. Timeline EC-Council
    • 59. PHASE1
    • 60. Hobbyist Hackers EC-Council C0mrade hacked into NASA downloaded the source code of the International Space Station $1.7 million Kevin Mitnick most wanted computer criminal in U.S. history breached the national defence system
    • 61. Hobbyist Hackers EC-Council Started the whole process Limited success Limited resources Limited skills
    • 62. PHASE2
    • 63. Security Research Companies EC-Council HP Fortify Largest commercial research organization in the world Identified over 430 vulnerability categories across 18 programming languages Discovered two entirely new categories of vulnerabilities (JavaScript Hijacking and Cross-Build Injection)
    • 64. PHASE3
    • 65. Criminal Gangs EC-Council 431 million adults worldwide were victims of cyber crime last year (Norton Cyber Crime Report 2011) $388 billion is lost globally each year to cyber crime (Norton Cyber Crime Report 2011)
    • 66. EC-Council
    • 67. Criminal Gangs EC-Council Russian cybercriminals (Mafia Today) raked in over $4 billion in 2011 consolidated their efforts; organized crime groups are clamoring for a piece of the action most lucrative form of Russian cybercrime last year was online fraud “The cybercrime market originating from Russia costs the global economy billions of dollars every year,” Ilya Sachkov, Group-IB’s CEO
    • 68. Criminal Gangs EC-Council Cyber crime costs the UK economy £27bn a year, the government has said. £21bn of costs to businesses £2.2bn to government £3.1bn to citizens Security minister Baroness Neville-Jones said the government was determined to work with industry to tackle cyber crime.
    • 69. Criminal Gangs EC-Council Took the process to second stage Invested money to make money Professional career hackers Large budgets Large multi-skills teams Results in the production of commercial quality hacks: Crimeware is born
    • 70. Crimeware EC-Council Crimeware is a class of malware designed specifically to automate cybercrime The term was coined by Peter Cassidy, Secretary General of the Anti-Phishing Working Group Crimeware is said to started around 2003 Crimeware has made rapid advancements in the last 9 years
    • 71. Crimeware Part 1 EC-Council Advancement 1: Form-grabbing (spyware) Advancement 2: Anti-detection (stealth) Advancement 3: Web-injects (man-in-the-browser) Advancement 4: Expanded Target Support
    • 72. Crimeware Part 2 EC-Council Advancement 5: Source Code Availability/Release Advancement 6: Mobile Device Support (man-in-the-mobile) Advancement 7: Anti-removal (persistence) Advancement 8: Commercialisation (market)
    • 73. PHASE4
    • 74. Cyber Warfare EC-Council “actions by a nation-state to penetrate another nations computers or networks for the purposes of causing damage or disruption” “the fifth domain of warfare” “as critical to military operations as land, sea, air, and space”
    • 75. Cyber Warfare - History EC-Council March 1999: Hackers in Serbia attack NATO systems in retaliation for NATO’s military intervention in Kosovo. May 1999: NATO accidentally bombs the Chinese embassy in Belgrade, spawning a wave of cyberattacks from China against U.S. government Web sites. 2003: Hackers begin a series of assaults on U.S. government computer systems that lasts for years. The government code names the attacks Titan Rain and eventually traces them to China. April-May 2007: Hackers believed to be linked to the Russian government bring down the Web sites of Estonia’s parliament, banks, ministries, newspapers and broadcasters. June-July 2008: Hundreds of government and corporate Web sites in Lithuania are hacked, and some are covered in digital Soviet-era graffiti, implicating Russian nationalist hackers. August 2008: Cyber attackers hijack government and commercial Web sites in Georgia during a military conflict with Russia. January 2009: Attacks shut down at least two of Kyrgyzstan’s four Internet service providers during political squabbling among Russia, the ruling Kyrgyzstan party and an opposition party. April 2009: An attack on neighboring Kazakhstan shuts down a popular news Web site.
    • 76. US First Cyber Warfare General EC-Council The US military appointed its first senior general to direct cyber warfare – despite fears that the move marks another stage in the militarisation of cyberspace. The creation of Cyber Command is in response to increasing anxiety over the vulnerability of the USs military and other networks to a cyber attack The US air force discloses that some 30,000 of its troops had been re-assigned from technical support "to the frontlines of cyber warfare". May 2010 – The Guardian Newspaper UK
    • 77. EC-Council9ec4c12949a4f31474f299058ce2b22a
    • 78. Cyber Warfare EC-Council A cyber attack by one state on another could be considered an "act of war", former top national security adviser (BBC News) William Hague: UK is under cyber-attack (BBC News)
    • 79. White House warns of Cyber Warfareboomerangs EC-Council Unlike a bullet or missile fired at an enemy, a Cyber Weapon that spreads across the Internet may circle back accidentally to infect computers it was never supposed to target. The Homeland Security Department’s warning about the new virus, known as “Flame,” 3 Days ago – The White House
    • 80. Germany prepares special unit to EC-Counciltackle cyber attack BERLIN: Germany has prepared a special cyber warfare unit of its military to conduct offensive operations against computer hackers, who attack key installations or engage in espionage activities, defence ministry has said. 36 Hours ago – Economic Times
    • 81. The Government Wants You EC-Council Agencies need to hack clients Al Qaeda operatives for example Millions have been spent in developing the next generation of client side hacking tools
    • 82. PHASE 5 EC-Council
    • 83. PHASE 5 EC-Council
    • 84. Questions and Answers New Horizons Bulgaria 36 Dragan Tsankov blvd. Interpred, block A, floor 6 Phone : +359 2 421 0040 Email: Web: Blog: