0x4841434b45525a – H4x0r presentation for n00bs

1,125 views
969 views

Published on

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,125
On SlideShare
0
From Embeds
0
Number of Embeds
5
Actions
Shares
0
Downloads
5
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

0x4841434b45525a – H4x0r presentation for n00bs

  1. 1. All Your Base Are Belong To Us 0x48 0x41 0x43 0x4B 0x45 0x52 0x5A Or: so, you wanted to be a hacker By Gil Megidish (2004)
  2. 2. All Your Base Are Belong To Us You think you know hackers?
  3. 3. All Your Base Are Belong To Us Hacking, Cracking & Phreaking • Hacker n. (Jargon File) • One who programs enthusiastically and even obsessively. • A person who enjoys exploring the details of systems and such. • Cracker n. • One who breaks security on a system. • Phreaking • The pure art of telephony hacking (Captain Crunch)
  4. 4. All Your Base Are Belong To Us Cracking • All software can be cracked: If a program can be written with protection, it can surely exist without one. • Crackers brag their accomplishments. • Types of interesting cracking: – Cracking software – Cracking into servers – Denial of Service (DoS)
  5. 5. All Your Base Are Belong To Us Cracking Software • Software will let you know if you have no permission to continue • Starting there, it is possible to find the root cause of this limitation
  6. 6. All Your Base Are Belong To Us Always Use Protection Protection code Registry File System Network CPU Devices (plug) Since it is always possible to crack software, the coders have one thing in mind: make the cracker’s life a living hell Introducing: Doc Witness’ OpSecure
  7. 7. All Your Base Are Belong To Us Cracking Into Servers
  8. 8. All Your Base Are Belong To Us Database Hacking SELECT * FROM USERS_TABLE WHERE USER=$PARAM Inexperienced programmers sometimes make the mistake above. No matter how many firewalls are in the middle, you can delete the entire database, or even destroy the machine it is running on. What if $USER = “userName%01EXEC rm –rf /” Or $USER = “userName OR 1=1” ?
  9. 9. All Your Base Are Belong To Us Buffer Overflows void store(char *str) { char buffer[16]; strcpy(buffer, str); } What is wrong with this function??
  10. 10. All Your Base Are Belong To Us Call stack overview void function(char *str) { char buffer[16]; Low memory High memory buffer (16) oldsp (4) ret (4) *str (4)
  11. 11. All Your Base Are Belong To Us buffer (16) oldsp (4) ret (4) *str (4) So, if we call: store (“this is my name, what is your name ?”); What will happen? this is my name, what is your After the function completes, the processor jumps to the address stored in ‘ret’. Right now, this address contains garbage. The process will crash immediately upon function return. Now, why is this interesting?
  12. 12. All Your Base Are Belong To Us buffer (16) oldsp (4) ret (4) *str (4) Scary – if we get ‘ret’ to point to our buffer, we can send arbitrary code to be executed on the remote machine. MOST server hacking, are done using this mechanism. So, if everybody knows about it, why nobody fixes the problem once and for all? code
  13. 13. All Your Base Are Belong To Us pH34R
  14. 14. All Your Base Are Belong To Us pH34R
  15. 15. All Your Base Are Belong To Us Smurf Attack
  16. 16. All Your Base Are Belong To Us ICMP Smurf Evil sends an ICMP Echo Request to broadcast address on his network All servers reply to the request and send ICMP Echo Reply to the spoofed source 64 K 64 K 64 K 64 K 64 K
  17. 17. All Your Base Are Belong To Us One Last Slide: Root Kits! * Root Kits are the fastest, and easiest way to hide the presence of a cracker. • How do they work – • Replacing ps; so you won’t see them running • Replacing ls; so you won’t find the files • Replacing cat; so you won’t notice altered configurations • There are rootkits for Windows as well! • Open Source projects, such as ChkRoot, find these kits
  18. 18. All Your Base Are Belong To Us Links www.blackhat.com www.2600.com www.bugtraq.org www.securiteam.com
  19. 19. All Your Base Are Belong To Us

×