120 likes | 272 Vues
CITA 250. Hacking Demo Part 2 Attack Phases. Phase 4: Penetration - Obtain Control. Hackers attempt to obtain control of one or more systems in the target network. Phase 5: Advance - Launch Attack.
E N D
CITA 250 Hacking Demo Part 2 Attack Phases
Phase 4: Penetration- Obtain Control • Hackers attempt to obtain control of one or more systems in the target network
Phase 5: Advance- Launch Attack • Hackers leverage computers or accounts that have been compromised during penetration to launch additional attacks on the target network
Vulnerability Assessment Demo • Software: • Nessus (www.nessus.org) • Nikto (www.cirt.net)
Password Cracking Demo • Software: • KerbCrack (www.ntsecurity.nu/toolbox/kerbcrack) • John the Ripper (www.openwall.com) • Cain & Abel (www.oxid.it)
Keylogging Demo • Software: • Spector (www.spector.com) • Hardware: • KeyLlama/KeyKatcher (www.keyllama.com)
Buffer Overflow Demo • Vulnerability in poorly written code • Code does not check predefined size of input field • Goal • Fill overflow buffer with executable code • OS executes this code • Demo applets:nsfsecurity.pr.erau.edu/bom
Malware (Malicious Software) Demo • Virus can replicate itself through an executable host program • Worm replicates and propagates without a host • Trojan programs disguise themselves as useful programs • A self-replicated JavaScript program (quine.js and quine.htm on course Web site)
Phase 6: Covering- Eliminate Record • Hackers eliminate any records or logs showing malicious behaviors
Covering Demo • Software: • ELSave (www.ibt.ku.dk/jesper/ELSave) • WinZapper (www.ntsecurity.nu/toolbox/winzapper) • Evidence Eliminator • Rootkit (information available from en.wikipedia.org/wiki/Rootkit)
Steganography Demo • Software: • ImageHide (www.dancemammal.com/imagehide.htm) • MP3Stego (www.petitcolas.net/fabien/steganography/mp3stego) • Alternate Data Streams