Understanding Hacker Tools and Techniques: A live Demonstration

1,381 views

Published on

Presented by: Monta Elkins, FoxGuard Solutions

Abstract: Learn what the hackers know. See the tools used by hackers to scan your networks, guess your passwords, and break into your un-patched Windows® XP systems to take full control in this live demonstration. Use the knowledge you gain to better prepare yourself and your systems against attacks.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,381
On SlideShare
0
From Embeds
0
Number of Embeds
209
Actions
Shares
0
Downloads
29
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Understanding Hacker Tools and Techniques: A live Demonstration

  1. 1. FoxGuard Solutions Cyber Security for Critical Control Systems
  2. 2. FoxGuard Solutions Hacking Tools Demo Monta Elkins, Security Architect
  3. 3. ➲ Security Research ➲ New Attacks ➲ Training Classes ➲ Conference Talks ➲ New Product Creation ➲ Industry Requirements
  4. 4. 4 Cyber Threats ● If you don't think you are under attack, its likely because your security logging is inadequate
  5. 5. 5 My Target ● Stark Industries Arc Reactor ● Smallest Generator in the known universe ● Fits on a tabletop ● 1.21 GigaWatts power output! ● Simple HMI control
  6. 6. 6 Site Recon ● Can disclose useful site information ● Locations, names, equipment used
  7. 7. 7 Silent Recon ● Open sources like Wikipedia ● Archive.org ● Can be used for password guessing without ever contacting the site
  8. 8. 8 Gaining Initial Access ● Cell Phone ● Thumb Drive ● Email Attachments ● Updates or Documentation ● Web pages ● Social Engineering ● Pivoting from Corporate etc.
  9. 9. 9 Begin Live Demo ● Start of live execution of hacker tools and techniques
  10. 10. 10 Network Scanning ● Selected 192.168.1.0/24 ● Devices found ● Ports open ● Opportunities
  11. 11. 11 Device with Web page ● Interesting Device
  12. 12. 12 Password Guess Selection ● Chose the 50 most common words on the web page ● Add the digits 1 through 9 to the end of each ● Try each password on each account Stark Industries Layton Stane David Fujikawa Obadiah Staff February Enterprises Ultimate Rhodes Howard death Security Pepper James Happy ...
  13. 13. 13 Xhydra Selection ● Select a target ● ip`s ● Service ● Select Accounts ● Select Password
  14. 14. 14 xHydra ● Select a target ● Password guessing attempts ● Login found
  15. 15. 15 Telnet Using Credentials Found ● Telnet 192.168.1.5 ● Username: tstark ● Password: Pepper1 ● Successful Login
  16. 16. 16 Choosing a Secure Password
  17. 17. 17 Password Sniffed ● Even complex passwords are no protection against sniffing ● grep password=
  18. 18. 18 HMI Interface
  19. 19. 19 Armitage for Metasploit ● Scan and attack devices on the network ● Selection a scan range ● 192.168.1.0/24 in this case
  20. 20. 20 Armitage Scanning ● Scan a device ● Launch an appropriate attack
  21. 21. 21 Armitage Successful Attack ● Attack Successful ● Window XP with out-of- date patches ● Exploits a stack buffer overflow in the RPCSS service ● This module can exploit the English versions of Windows NT 4.0 SP3- 6a, Windows 2000, Windows XP, and Windows 2003
  22. 22. 22 VNC Control ● Attack allows VNC control of HMI (similar to Remote Desktop) ● Shutdown the generator ● Or drop the oil pressure and let it run- attacker's choice
  23. 23. 23 Prevention ● Firewalling ● Security Information and Event Logging and alerts (SIEM ) ● Patching & Anti-Virus ● Shutdown of unneeded ports and services
  24. 24. 24 Questions FoxGuard Solutions Monta Elkins, Security Architect melkins@foxguardsolutions.com

×