Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

The Dynamite of Next Generation (Y) Attack

1,113 views

Published on

The Hacker Secret #2: The Dynamite of Next Generation (Y) Attack focus on client-side exploitation with Software bugs, latest windows vulnerabilities, etc...

Published in: Technology
  • DOWNLOAD FULL BOOKS, INTO AVAILABLE FORMAT ......................................................................................................................... ......................................................................................................................... 1.DOWNLOAD FULL. PDF EBOOK here { https://tinyurl.com/yxufevpm } ......................................................................................................................... 1.DOWNLOAD FULL. EPUB Ebook here { https://tinyurl.com/yxufevpm } ......................................................................................................................... 1.DOWNLOAD FULL. doc Ebook here { https://tinyurl.com/yxufevpm } ......................................................................................................................... 1.DOWNLOAD FULL. PDF EBOOK here { https://tinyurl.com/yxufevpm } ......................................................................................................................... 1.DOWNLOAD FULL. EPUB Ebook here { https://tinyurl.com/yxufevpm } ......................................................................................................................... 1.DOWNLOAD FULL. doc Ebook here { https://tinyurl.com/yxufevpm } ......................................................................................................................... ......................................................................................................................... ......................................................................................................................... .............. Browse by Genre Available eBooks ......................................................................................................................... Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult,
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

The Dynamite of Next Generation (Y) Attack

  1. 1. The Dynamite of Next Generation (Y) Attack Prathan Phongthiproek (Lucifer@CITEC) Senior Information Security Consultant ACIS ProfessionalCenter
  2. 2. Who am I ?  CITEC Evolution  Code Name “Lucifer”, Moderator, Speaker  Instructor: Web Application (In) Security 101  Instructor: Mastering in Exploitation  ACIS ProfessionalCenter  RedTeam : Penetration Tester  Instructor / Speaker  Security Consultant / Researcher  Founder of CWH Underground Hacker  Exploits,Vulnerabilities, Papers Disclosure  Milw0rm, Exploit-db, Security Focus, Secunia, Zeroday, etc  http://www.exploit-db.com/author/?a=1275
  3. 3. Let’sTalk !?  Next Generation (Y) Attack from Software holes  Latest Microsoft Windows system vulnerabilities  StuxnetWorm From USB
  4. 4. Next Generation (Y) Attack from Software holes
  5. 5. Malicious PDF  Still Hot !!!
  6. 6. Malicious PDF  Adobe Collect Email Info  Adobe GetIcon  Adobe Jbig2Decode  Adobe UtilPrintf  Adobe U3D Mesh Declaration  Adobe PDF Embedded EXE (Affect Adobe Reader < 9.4 and Foxit )  Adobe Cooltype Sing (Affect Adobe Reader < 9.4)  Adobe to implement ReaderSandbox on version 9.4+
  7. 7. Malicious PDF – Attack via MetaData
  8. 8. Malicious PDF – Open PDF file
  9. 9. Malicious PDF – Bypass Antivirus Malicious PDF File
  10. 10. Malicious PDF – Disable JavaScript
  11. 11. PDF Embedded EXE Exploit
  12. 12. Web BrowserVulnerabilities
  13. 13. Web BrowserVulnerabilities  Google Chrome still secure !!  IE / Firefox / Safari still PWNED !!  ActiveX Control and JavaApplet stillTOP Hit for Attack!!  Web BrowserToolbar coming with other software  Using Heap Spraying via JavaScript  Focus on Client-Side Exploitation
  14. 14. Web BrowserVulnerabilities - IE  IE DHTML Behaviours User After Free  IETabular Data Control ActiveX Memory Corruption  IEWinhlp32.exe MsgBox Code Execution  Zero-Day: IE 6/7/8 CSS SetUserClip Memory Corruption (mshtml.dll) – No DEP/ASLR
  15. 15. Web BrowserVulnerabilities -Toolbars
  16. 16. Web BrowserVulnerabilities – Drive By Download Attack
  17. 17. Web BrowserVulnerabilities – Drive By Download Attack
  18. 18. Web BrowserVulnerabilities – Drive By Download Attack
  19. 19. Web BrowserVulnerabilities – Drive By Download Attack
  20. 20. Web BrowserVulnerabilities – Drive By Download Attack
  21. 21. Web BrowserVulnerabilities – Drive By Download Attack
  22. 22. Drive By Download Attack via JavaApplet
  23. 23. Latest MicrosoftWindows system vulnerabilities + StuxnetWorm From USB
  24. 24. MS Shortcut (LNK) Exploit  MSWindows Shell CouldAllow Remote Code Execution  Use DLL HijackingTechniques for exploitation  Affect every release of theWindows NT kernel (2000,XP,Server 2003,Vista,Server 2008,7)  Patch release MS10-046 on August 24 2010  Attack Layer 8 – Client-Side Exploitation  New Generation ofTargetedAttacks – StuxnetWorm  StuxnetWorm – First Attack SCADA System and Iran nuclear reactor via USB and Fileshares with Zero-dayWindows vulnerabilities  Stuxnet abused Auto-Run feature to spread (Just open it)
  25. 25. StuxnetWorms  MS Server Service Code Execution MS08-067 (Conficker worms)  MS SMBv2 Remote Code Execution MS09-050  MS Shortcut (LNK)Vulnerability MS10-046  MS Print Spooler Service Code Execution MS10-061  MS Local Ring0 Kernel Exploit MS10-015  MS Keyboard Layout File MS10-073  Zero Day – MSTask Scheduler
  26. 26. Latest Zero Day – MS Local Kernel Exploit (Win32k.sys)  MSWindows Local Kernel Exploit  Zero Day until Now !! – Still No Patch…  Affect every release of theWindows NT kernel (2000,XP,Server 2003,Vista,Server 2008,7)  Elevate Privilege from USER to SYSTEM  The Exploit takes advantage of a bug inWin32k.sys  Bypass User Account Control (UAC) GetThe Hell Outta Here !!
  27. 27. Latest Attack Methodology
  28. 28. MS Shortcut (LNK) Exploit
  29. 29. Thank you  It’s not the END !!  See you tmr in “Rock'n Roll in Database Security”

×