Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
EVIL DATA MINING FOR FUN AND PROFIT!
Contents● Web Scraping● Quick and Dirty SQL Injections● iPhones, WiFi and Evil Twins● Hacking Neighbours● Port scanning on...
Introduction●   Fredrik Nordberg Almroth (@Almroot)    Head application engineer and co-founder @ detectify.com    IT-secu...
What is Detectify?Detectify is an automated vulnerability scanner.
●   You sign up using beta code.
●   You press start!●   Detectify emulates a hacking attack.
●   You get a report regarding your vulnerabilities.
●   Detectify is currently in closed beta!●   You may try it for free using the beta code: HyperMine●   http://detectify.c...
What is data mining?●   Data mining is mostly associated with statistics and machine learning.●   ...or discovery of patte...
Web scraping● Grab content from websites● Host somewhere else● Study the data● Sell the data
Web scraping● Manual copy-paste
Web scraping
Web scraping● Googlebot
Web scraping● Bad scrapers  ○ Downloadable or online tools  ○ Homemade scripts  ○ HTTP rewriters
Web scraping● Homemade scripts  ○   Made for one site/purpose  ○   No hacking  ○   May be against ToS  ○   Probably legal
Web scraping● Sosseblaskan.se  ○   Copy of aftonbladet (rewrite)  ○   A joke  ○   Not ads for aftonbladet  ○   Not phishin...
SQL● Structured Query Language● Used to talk with databases. MySQL, PostgreSQL, etc...
How its used● Websites use databases to maintain data.● The SQL queries often contain user-data.● You search on a website ...
What could possibly go wrong?● User supplied data may alter the SQL query.● Example:   SELECT title FROM blog WHERE title ...
SQL Injections
● Devastating attack.● Worst part. Its really common.● Remember Sony last year?
● Victims 2012.  ○   eHarmony  ○   last.fm  ○   Yahoo!  ○   Android Forums  ○   Billabong  ○   Formspring  ○   nVidia  ○  ...
● Thousands of sites attacked daily.● Incredibly easy to get going.● Loads of guides and tools on the internet.● Devastati...
LIVE DEMO!(This is the time well stand here and struggle with the equipment.)
Fun with WLAN● Create an evil twin● Jasager
Evil twin● You connect to eg. "espresso house free"● iPhone will save and remember that network● When you come back it wil...
Evil twin● Someone creates a network called  "espresso house free"● Your phone will automatically connect
What if the attacker dont know whichnetworks youve been connected to?
Jasager
Fun with WLAN● Works on everything  ○ Windows, linux, Mac, Android, iPhone etc● Can be monitored  ○ See which networks you...
Fun with WLANWiGLE.net
IT-Security @ Home● Devices on local networks.  ○   Routers  ○   Printers  ○   Heat Pumps  ○   Laptops  ○   PCs  ○   Table...
Telecom operator ComHem provide "Tre-hål-i-väggen"
● Routers may act as switches● IP Forwarding● You can see your neighbours devices
● Portscan!● A port scanner finds open services on IP-  addresses.● nmap
● Find vulnerability  or● Weak (default) password  or● No password!  Protip:  http://www.routerpasswords.com/
GAME OVER
ConclusionYou can with ease gain access to yourneighbours data.
Speaking of portscanning...● Spring 2010, the "spoon" project.● Got interested in packet crafting.● 3000 packets/second
● Sweden got 25.000.000 allocated IPv4-addresses.● ...Results in a timeframe of 2 hours and 20 min to scan.● Resolve all s...
● Early 2011, "spoon2".● 30000 packets/second. Ten times as fast!● From 2½ hour, to approximate 15 minutes.● Same result.
● Imagine a company. Like ACME Corp.● 10 servers running "spoon2".● Get a fresh map of Sweden every 90 second.● 100 server...
● ACME Corp got potential to become a global "pingdom".● Results in large scale data mining.● Would require loads of cleve...
shodanhq.com● The firm shodanhq already crawls countries for open  services.● Identified ~438.000 web servers in Sweden al...
● Eavesdrop your neighbour? No problem.● Why bother?● Can be applied to a whole country.
Summary● Web Scraping● Quick and Dirty SQL Injections● iPhones, WiFi and Evil Twins● Hacking Neighbours● Port scanning on ...
Q&A     Hack the planet!http://detectify.com/
References●   http://www.theta44.org/karma/aawns.pdf●   http://timtux.net/posts/10-Vad-delar-du-ut-IT-skerhet-i-hemmet●   ...
Hyper Island - 2012
Hyper Island - 2012
Hyper Island - 2012
Upcoming SlideShare
Loading in …5
×

Hyper Island - 2012

8,732 views

Published on

The slides presented at the Hyper Island - October 18, 2012 for the DDS13 class regarding malicious datamining.

Published in: Technology
  • I have done a couple of papers through ⇒⇒⇒WRITE-MY-PAPER.net ⇐⇐⇐ they have always been great! They are always in touch with you to let you know the status of paper and always meet the deadline!
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • These are one of the best companies for review articles. High quality with cheap rates. ⇒⇒⇒WRITE-MY-PAPER.net ⇐⇐⇐ I highly recommend it :)
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Jeb Andrews, PhD, CEO of Clinical Trials of America, sent me this touching handwritten letter after he won over $5,000 betting conservatively using my "Demolisher" Baseball Betting System: ▲▲▲ http://t.cn/A6zP24pL
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Sex in your area is here: ❶❶❶ http://bit.ly/2F4cEJi ❶❶❶
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Follow the link, new dating source: ❶❶❶ http://bit.ly/2F4cEJi ❶❶❶
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

Hyper Island - 2012

  1. 1. EVIL DATA MINING FOR FUN AND PROFIT!
  2. 2. Contents● Web Scraping● Quick and Dirty SQL Injections● iPhones, WiFi and Evil Twins● Hacking Neighbours● Port scanning on Steroids
  3. 3. Introduction● Fredrik Nordberg Almroth (@Almroot) Head application engineer and co-founder @ detectify.com IT-security guy Hacked Google. Twice.● Johan Edholm (@norrskal) Server administrator and co-founder @ detectify.com Worked with IT security analytics and anti-scraping Studied system and network management in Linux
  4. 4. What is Detectify?Detectify is an automated vulnerability scanner.
  5. 5. ● You sign up using beta code.
  6. 6. ● You press start!● Detectify emulates a hacking attack.
  7. 7. ● You get a report regarding your vulnerabilities.
  8. 8. ● Detectify is currently in closed beta!● You may try it for free using the beta code: HyperMine● http://detectify.com/● We love feedback! :)
  9. 9. What is data mining?● Data mining is mostly associated with statistics and machine learning.● ...or discovery of patterns (intelligence) in large datasets...● No fancy algorithms! Just real life examples.
  10. 10. Web scraping● Grab content from websites● Host somewhere else● Study the data● Sell the data
  11. 11. Web scraping● Manual copy-paste
  12. 12. Web scraping
  13. 13. Web scraping● Googlebot
  14. 14. Web scraping● Bad scrapers ○ Downloadable or online tools ○ Homemade scripts ○ HTTP rewriters
  15. 15. Web scraping● Homemade scripts ○ Made for one site/purpose ○ No hacking ○ May be against ToS ○ Probably legal
  16. 16. Web scraping● Sosseblaskan.se ○ Copy of aftonbladet (rewrite) ○ A joke ○ Not ads for aftonbladet ○ Not phishing ○ Illegal
  17. 17. SQL● Structured Query Language● Used to talk with databases. MySQL, PostgreSQL, etc...
  18. 18. How its used● Websites use databases to maintain data.● The SQL queries often contain user-data.● You search on a website for a few keywords.● The odds of it being done by some SQL dialect is huge.
  19. 19. What could possibly go wrong?● User supplied data may alter the SQL query.● Example: SELECT title FROM blog WHERE title = $search_keywords;● If the searched data contain a quote, the SQL query will break.● Attackers may gain other data than just the "blog title".● Usernames, passwords, emails, credit-cards...
  20. 20. SQL Injections
  21. 21. ● Devastating attack.● Worst part. Its really common.● Remember Sony last year?
  22. 22. ● Victims 2012. ○ eHarmony ○ last.fm ○ Yahoo! ○ Android Forums ○ Billabong ○ Formspring ○ nVidia ○ Gamigo ○ ...List goes on...
  23. 23. ● Thousands of sites attacked daily.● Incredibly easy to get going.● Loads of guides and tools on the internet.● Devastating for the vulnerable organizations.
  24. 24. LIVE DEMO!(This is the time well stand here and struggle with the equipment.)
  25. 25. Fun with WLAN● Create an evil twin● Jasager
  26. 26. Evil twin● You connect to eg. "espresso house free"● iPhone will save and remember that network● When you come back it will automatically connect
  27. 27. Evil twin● Someone creates a network called "espresso house free"● Your phone will automatically connect
  28. 28. What if the attacker dont know whichnetworks youve been connected to?
  29. 29. Jasager
  30. 30. Fun with WLAN● Works on everything ○ Windows, linux, Mac, Android, iPhone etc● Can be monitored ○ See which networks you are looking for and in which order
  31. 31. Fun with WLANWiGLE.net
  32. 32. IT-Security @ Home● Devices on local networks. ○ Routers ○ Printers ○ Heat Pumps ○ Laptops ○ PCs ○ Tablets ○ Cellphones ○ XBOXes ○ ...etc...
  33. 33. Telecom operator ComHem provide "Tre-hål-i-väggen"
  34. 34. ● Routers may act as switches● IP Forwarding● You can see your neighbours devices
  35. 35. ● Portscan!● A port scanner finds open services on IP- addresses.● nmap
  36. 36. ● Find vulnerability or● Weak (default) password or● No password! Protip: http://www.routerpasswords.com/
  37. 37. GAME OVER
  38. 38. ConclusionYou can with ease gain access to yourneighbours data.
  39. 39. Speaking of portscanning...● Spring 2010, the "spoon" project.● Got interested in packet crafting.● 3000 packets/second
  40. 40. ● Sweden got 25.000.000 allocated IPv4-addresses.● ...Results in a timeframe of 2 hours and 20 min to scan.● Resolve all servers on a given port in a Sweden.● Could of course be applied to any country.
  41. 41. ● Early 2011, "spoon2".● 30000 packets/second. Ten times as fast!● From 2½ hour, to approximate 15 minutes.● Same result.
  42. 42. ● Imagine a company. Like ACME Corp.● 10 servers running "spoon2".● Get a fresh map of Sweden every 90 second.● 100 servers, every 9th second second.
  43. 43. ● ACME Corp got potential to become a global "pingdom".● Results in large scale data mining.● Would require loads of clever algorithms and infrastructure to maintain it all though.
  44. 44. shodanhq.com● The firm shodanhq already crawls countries for open services.● Identified ~438.000 web servers in Sweden alone.● Mostly devices found on local networks. (routers / printers).● No security. Loads of vulnerable devices.
  45. 45. ● Eavesdrop your neighbour? No problem.● Why bother?● Can be applied to a whole country.
  46. 46. Summary● Web Scraping● Quick and Dirty SQL Injections● iPhones, WiFi and Evil Twins● Hacking Neighbours● Port scanning on Steroids
  47. 47. Q&A Hack the planet!http://detectify.com/
  48. 48. References● http://www.theta44.org/karma/aawns.pdf● http://timtux.net/posts/10-Vad-delar-du-ut-IT-skerhet-i-hemmet● http://krebsonsecurity.com/2010/06/wi-fi-street-smarts-iphone-edition/● http://nmap.org/6/● http://www.ietf.org/rfc/rfc793.txt● http://www.ietf.org/rfc/rfc791.txt● http://www.ietf.org/rfc/rfc1323.txt● http://www.zdnet.com/sql-injection-attacks-up-69-7000001742/

×