Date post: | 18-Jan-2016 |
Category: |
Documents |
Upload: | lesley-claud-moore |
View: | 222 times |
Download: | 0 times |
KaaShiv InfoTechKaaShiv InfoTech
Ethical HackingEthical Hacking
For For Inplant Training / Inplant Training / InternshipInternship, , please download please download
the "Inplant training registration form" the "Inplant training registration form" from our website from our website www.kaashivinfotech.com. Fill the www.kaashivinfotech.com. Fill the form and send it to form and send it to [email protected] [email protected]
www.kaashivinfotech.com
INTRODUCTIONINTRODUCTION
Ethical Hacking
Knowledge is Power
To Teach is to Defend
Hacking is frowned upon
For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to [email protected]
www.kaashivinfotech.com
Presentation OverviewPresentation Overview
Presentation #1 will be an introduction to tools and tricks used Presentation #1 will be an introduction to tools and tricks used by “script-kiddies”, or those new to the hacker community.by “script-kiddies”, or those new to the hacker community.
Many people may have seen or used the following tools and Many people may have seen or used the following tools and tricks, but most moderate to advanced users frown upon them.tricks, but most moderate to advanced users frown upon them.
For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to [email protected]
www.kaashivinfotech.com
Presentation OverviewPresentation Overview NetBios Hacking – Connect, view, share
IP Scanning – Angry IP Scanner
Cain – Excellent script-kiddie tool
Sub7/Netbus – Remote Admin Tools
PuTTy/Token2 – Tools of the trade
For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to [email protected]
www.kaashivinfotech.com
Windows NetBios Hacking
This is one of the most basic file access tricks known to This is one of the most basic file access tricks known to Windows.Windows.
Not necessarily hacking, but beginners call it such.Not necessarily hacking, but beginners call it such.
Can be used with a samba brute-force password guesser.Can be used with a samba brute-force password guesser.
For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to [email protected]
www.kaashivinfotech.com
NetBios Hacking Protection Disable file sharing! Use a firewall such as ZoneAlarm when you are not sharing
files. Password protect your shares. Use a hardware firewall such as a router with built-in firewall. This is an old hack, but it still can compromise an entire
system.
For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to [email protected]
www.kaashivinfotech.com
IP ScanningIP Scanning Finding vulnerable targets in the wild.Finding vulnerable targets in the wild. Viruses and bots use IP sweepers, so ISPs will flag this Viruses and bots use IP sweepers, so ISPs will flag this
activity.activity. IP Scanning is very common among exploit seeking viruses.IP Scanning is very common among exploit seeking viruses.
For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to [email protected]
www.kaashivinfotech.com
Finding Appropriate IP Range
First we must find a range to search. This could be any combination of IP ranges such as 192.168.*.*
Next we must determine what we are searching for. Finally, we decide what tools to use. For now, we will stick
to Angry IP Scanner.
For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to [email protected]
www.kaashivinfotech.com
Searching for HTTPSearching for HTTP Lets find some HTTP servers! In Angry IP Scanner, set IP range and change Ports to [x] Scan Port: port 80 Begin scan…. After scan has completed, to only sort out which IPs have port 80 open, go to
Utils>Delete From List>Closed Ports Our list is complete.
For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to [email protected]
www.kaashivinfotech.com
What We Often Find
Generally we will find routers and modems. Often if they are default, they also have default passwords (for another day)
Sometimes we stumble upon websites, personal projects, etc. This is VERY dangerous as you could be scanning a computer
which is illegal to access…
For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to [email protected]
www.kaashivinfotech.com
Prevention from IP scans?Prevention from IP scans?
If you’re on the internet, you have an IP. IP scanners will give an ALIVE message.
Firewalls are VITAL if you are directly connected to the internet (ZoneAlarm, etc.)
HTTP access to routers should be turned off unless absolutely necessary. If enabled, ensure passwords are hard to guess/break.
For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to [email protected]
www.kaashivinfotech.com
Cain & Abel :-D
Cain is a very, very evil script-kiddie tool.
We can spoof, crack, trace, inject, sniff, poison, and a few other things.
This program is dangerous in the wrong hands because it works verywell.
For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to [email protected]
www.kaashivinfotech.com
ARP Poisoning Cain currently only arp poisons through ethernet cards.
Broad overview of how to get it to run.
First, enable the sniffer and retrieve list of potential victim IPs.
Next, click the IP you want to add and press the + sign.
Watch the packets come in, and capture EVERYTHING the IP is sending and receiving via ARP poisoning.
For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to [email protected]
www.kaashivinfotech.com
Creative & Powerful Tool Cain is creative, powerful, and has a huge damage potential in the wrong hands.
Keep those firewalls up! ARP Poisoning can be prevented by firewalling your connection.
Be aware of malicious users on your network, watching for that little Cain program to pop up on their screen.
For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to [email protected]
www.kaashivinfotech.com
Sub7/NetBus Remote Admin Tools, or RAT for short are essentially total control over a
computer. RAT tools are servers designed to take complete control without the user’s notice. Sub7 is a well known black-hat RAT used to take over computers without the
need for a “server” broadcast. NetBus is also well known, but is a bit noisier and often leaves more traces. Many other RATs out there.
For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to [email protected]
www.kaashivinfotech.com
SUB 7 CONFIGURE First, the hacker configures Sub7 with a configuration exe.
This produces a new server with the desired options. Options can include IRC control, broadcast of infection,
methods of install, ways to stick server, etc. Sub7 can also be password protected to prevent other hackers
access to the victim.
For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to [email protected]
www.kaashivinfotech.com
OUR Sub7 SERVER
For now we know the victim will be able to broadcast via port 4000 (radmin port)
We want to ensure server sticks. We want a password to prevent other uninvited guests. Only install the minimum, IRC, ICQ, AIM is extra so disable it.
For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to [email protected]
www.kaashivinfotech.com
SEND OUR VICTIM THE EXE
This part is difficult to pull off, hackers have many ways to This part is difficult to pull off, hackers have many ways to social engineer victims to do this part.social engineer victims to do this part.
User must execute server.exeUser must execute server.exe Once executed, server is automatically launched and we are Once executed, server is automatically launched and we are
ready to take control.ready to take control.
For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to [email protected]
www.kaashivinfotech.com
Client Side RAT Control We now have total control of our victim machine, so lets view their hard drive. Eject their cd-rom. Ok, enough of this, lets let them know we have taken over with a friendly error. Finally, using Sub7’s fun little Matrix mode, let us remind them that reality is a
mere fictional state of mind.
For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to [email protected]
www.kaashivinfotech.com
Prevention of RATsPrevention of RATs
Do not execute anything you do not trust!Do not execute anything you do not trust! Always enable show file extensions to be turned on (Windows Always enable show file extensions to be turned on (Windows
defaults them off?!?)defaults them off?!?) Be aware of strange activity. RATs do not need to broadcast to Be aware of strange activity. RATs do not need to broadcast to
take over, they can use other methods such as AIM messages, take over, they can use other methods such as AIM messages, IRC bot commands, and other various client messages.IRC bot commands, and other various client messages.
Advanced RATs will be covered in a later presentation.Advanced RATs will be covered in a later presentation.
For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to [email protected]
www.kaashivinfotech.com
PUTTY/TOKEN PUTTY/TOKEN
Excellent text based ssh/telnet/ftp/raw TTY clients. Learn how to use these as they become vital later in a hackers
life. Token 2 has excellent proxy abilities, so read up on how to use
Socks-5 and SSH. Begin learning about potential tunneling via SSH and PuTTy.
For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to [email protected]
www.kaashivinfotech.com
CONCLUSION Keep safe! Just because I teach this does not mean it is legit stuff.
Play around on test boxes, use VMWare, give your roomie a scare but not your college professor!
I would like to continue this as long as I have an audience. I learn as everyone else learns.
Ideas include advanced scanning and penetration, wireless hacking, root kit exploration, shell/exploit writing, web defacing/hacking, virus exploration/writing, maybe some old school hardware hacks (red/blue/beige boxes, credit card readers), and whatever else people want to hear about.
For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to [email protected]
www.kaashivinfotech.com
www.kaashivinfotech.com
Thank you
For Inplant Training / Internship, please download the "Inplant training registration form" from our website www.kaashivinfotech.com. Fill the form and send it to [email protected]