Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Thinking like a Hacker

34 views

Published on

An old MSDN Ignite Security conference presentation I did on thinking like a hacker.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Thinking like a Hacker

  1. 1. msdn.microsoft.ca/ignite THINKING LIKE A HACKER Dana Epp Microsoft Security MVP
  2. 2. msdn.microsoft.ca/ignite INTRODUCTION AND BACKGROUND Dana Epp WARNING: Over inflation of subject’s own ego may occur. It could get messy.
  3. 3. msdn.microsoft.ca/ignite WHO AM I?
  4. 4. msdn.microsoft.ca/ignite MICROSOFT WINDOWS SECURITY MVP
  5. 5. msdn.microsoft.ca/ignite INFORMATION SECURITY PROFESSIONAL
  6. 6. msdn.microsoft.ca/ignite COMPUTER SECURITY SOFTWARE ARCHITECT
  7. 7. msdn.microsoft.ca/ignite WHY AM I HERE?
  8. 8. msdn.microsoft.ca/ignite
  9. 9. msdn.microsoft.ca/ignite YOU MUST KNOW THE THREATS TO WHICH YOU ARE SUSCEPTIBLE TO BEFORE YOU CAN DESIGN SECURE SYSTEMS.
  10. 10. msdn.microsoft.ca/ignite TO UNDERSTAND THESE THREATS, YOU MUST THINK LIKE A HACKER
  11. 11. msdn.microsoft.ca/ignite WHAT MOTIVATES THEM?
  12. 12. msdn.microsoft.ca/ignite MOTIVATIONS OF THE MODERN HACKER
  13. 13. msdn.microsoft.ca/ignite MOTIVATION - CRED Traditional hackers Script-kiddies Noobs
  14. 14. msdn.microsoft.ca/ignite MOTIVATION - IDEOLOGY Hacktivists Spies Nationals
  15. 15. msdn.microsoft.ca/ignite MOTIVATION - MONEY Organized crime Identity thieves Spammers
  16. 16. msdn.microsoft.ca/ignite THE ULTIMATE MOTIVE…
  17. 17. msdn.microsoft.ca/ignite SO HOW DO WE THINK LIKE A HACKER?
  18. 18. msdn.microsoft.ca/ignite IMAGINE HOW YOUR SOFTWARE CAN BE USED MALICIOUSLY
  19. 19. msdn.microsoft.ca/ignite Example: Arrest the SysOp
  20. 20. msdn.microsoft.ca/ignite Example: SQL Injection
  21. 21. msdn.microsoft.ca/ignite Example: Know thy traffic
  22. 22. msdn.microsoft.ca/ignite HOW DO HACKERS LOOK AT OUR SOFTWARE?
  23. 23. msdn.microsoft.ca/ignite HOW HACKERS BREAK THINGS
  24. 24. msdn.microsoft.ca/ignite IMPLEMENTATION BUGS Buffer overflows Race conditions Untrusted input Unsafe system calls
  25. 25. msdn.microsoft.ca/ignite DESIGN FLAWS Misuse of cryptography Misuse of failure code paths Unsafe data storage Misuse of least privilege
  26. 26. msdn.microsoft.ca/ignite BOTH BUGS AND FLAWS LEAD TO VULNERABILITIES THAT HACKERS CAN EXPLOIT
  27. 27. msdn.microsoft.ca/ignite HACKERS TOOL CHEST • Decompilers and Disassemblers (ie: IDA Pro) • App scanners (ie: Prefix & Prefast, AppVerifier) • Code coverage tools(ie: Ncover, CoverageMeter) • Buffer overflow kits • Shell codes (ie: Metasploit) • Rootkits • Fault injection tools (Fuzzers, Holodeck) • Kernel debuggers (ie: WinDbg) • User-mode debuggers (ie: SoftIce)
  28. 28. msdn.microsoft.ca/ignite THE HACKING PROCESS Identify and qualify target •Find entry points Determine transactions •What inputs do the entry points allow? Apply relevant attack patterns Observe behaviour •Repeat as necessaryFind vulnerability Build an exploit •Use automated tools or custom code
  29. 29. msdn.microsoft.ca/ignite Sample Attack Patterns • Argument Injection • Relative Path Traversal • Client-side Injection, Buffer Overflow • Unicode Encoding • URL Encoding • User-Supplied Variable Passed to File System Calls • Direct Access to Executable Files • Direct Access to Configuration Files
  30. 30. msdn.microsoft.ca/ignite GOOD READING RESOURCES
  31. 31. msdn.microsoft.ca/ignite MORE RESOURCES • http://www.hex-rays.com/idapro/ • http://www.metasploit.com/ • http://research.microsoft.com/displayArticle.aspx?id=634 • http://en.wikipedia.org/wiki/WinDbg • http://blogs.msdn.com/michael_howard/ • http://www.securecoding.org/ • http://www.darkreading.com/ • http://www.cigital.com/silverbullet/ • http://blogs.technet.com/antimalware/default.aspx • http://blogs.technet.com/bluehat/ • http://blogs.msdn.com/hackers/ • http://msdn.microsoft.com/security/
  32. 32. msdn.microsoft.ca/ignite ANY QUESTIONS?

×