SlideShare a Scribd company logo

Practical Cyber Attacking Tutorial

Download as PPTX, PDF
Yam Peleg
Yam Peleg

The field of Offensive Cyber and Penetration Testing is one of the most fascinating fields in the world of information security. This talk will go through all the steps of cyber attacking, from Information gathering to penetration techniques and actual demonstrations. The talk will cover the following topics: Introduction to cyber, Reconnaissance, Network Attacks and Penetration, Privilege Escalation, Wireless and radio attacking, Web application penetration ,Exploitation and Reverse Engineering.

Technology
1 of 49
Se7en - Creative Powerpoint Template Practical Cyber Attacking Tutorial Yam Peleg
Se7en - Creative Powerpoint Template Cyber?
Se7en - Creative Powerpoint Template
Se7en - Creative Powerpoint Template Introduction To Cyber
Se7en - Creative Powerpoint Template Cyber Attacking Active Reconnaissance Gaining Access Passive Reconnaissance Maintaining Access Gaining Access This is the phase where the real hacking takes place. Vulnerabilities discovered during the reconnaissance and scanning phase are now exploited to gain access. Maintaining Access Once a hacker has gained access, they want to keep that access for future exploitation and attacks. Passive Reconnaissance Passive reconnaissance involves gathering information regarding a potential target without the targeted individual’s or company’s knowledge Active Reconnaissance Active reconnaissance involves probing the network to discover individual hosts, IP addresses, and services on the network. This usually involves more risk of detection than passive reconnaissance
Se7en - Creative Powerpoint Template Vulnerability based cyber attacks Attacker - Develops code that will be sent to the victim and then - Uses a vulnerability to insert and run that code to the victim's device. Victim - Unaware of the attacker’s code running on the device. - The malicious code transmit to the attacker. The art of running your own code on someone else’s computer :) ❞ ❞ LOLZ
Se7en - Creative Powerpoint Template Social Engineering
Se7en - Creative Powerpoint Template 9 Social Engineering Phishing Practice of sending emails Or creating sites appearing to be from reputable source with the Goal of influencing or gaining Personal information Impersonation Practice of pretexting as Another person with the goal Of obtaining information or Access to a person, Company, or computer system. Vishing Practice of eliciting Information of attempting to Influence action via the Telephone may include such Tools as “phone spoofing” Hey! I am from IT Can you please give Me your password So I can.. Blah Blah..
Se7en - Creative Powerpoint Template Passive reconnaissance
Se7en - Creative Powerpoint Template Where can we find information?
Se7en - Creative Powerpoint Template Google Hacking
Se7en - Creative Powerpoint Template Google Hacking www.victim.com
Se7en - Creative Powerpoint Template Google Hacking site:www.victim.com intitle:index.of www.victim.com
Se7en - Creative Powerpoint Template Google Hacking www.victim.com site:www.victim.com ext:xml | ext:conf | ext:cnf | ext:reg | ext:inf | ext:rdp | ext:cfg | ext:txt | ext:ora | ext:ini
Se7en - Creative Powerpoint Template Google Hacking www.victim.com site:www.victim.com ext:sql | ext:dbf | ext:mdb
Se7en - Creative Powerpoint Template Google Hacking www.victim.com site:www.victim.com ext:log
Se7en - Creative Powerpoint Template Google Hacking www.victim.com site:www.victim.com ext:bkf | ext:bkp | ext:bak | ext:old | ext:backup
Se7en - Creative Powerpoint Template Google Hacking www.victim.com site:www.victim.com inurl:login
Se7en - Creative Powerpoint Template Google Hacking www.victim.com site:www.victim.com intext:"sql syntax near" | intext:"syntax error has occurred" | intext:"incorrect syntax near" | intext:"unexpected end of SQL command" | intext:"Warning: mysql_connect()" | intext:"Warning: mysql_query()" | intext:"Warning: pg_connect()"
Se7en - Creative Powerpoint Template Google Hacking www.victim.com site:www.victim.com intext:"sql syntax near" | intext:"syntax error has occurred" | intext:"incorrect syntax near" | intext:"unexpected end of SQL command" | intext:"Warning: mysql_connect()" | intext:"Warning: mysql_query()" | intext:"Warning: pg_connect()"
Se7en - Creative Powerpoint Template Google Hacking www.victim.com site:www.victim.com ext:php intitle:phpinfo "published by the PHP Group"
Se7en - Creative Powerpoint Template Searching for information Searching for “Information”?
Se7en - Creative Powerpoint Template Whois
Se7en - Creative Powerpoint Template Kali Linux
Se7en - Creative Powerpoint Template Maltego
Se7en - Creative Powerpoint Template Active reconnaissance
Se7en - Creative Powerpoint Template Client Server Three way handshake
Se7en - Creative Powerpoint Template Me Server Port Scanning LOLZ Ports .. 25 .. 80 .. Server Open ports: 25
Se7en - Creative Powerpoint Template Network Attacking
Se7en - Creative Powerpoint Template You Someone who is good looking ARP IP:192.168.2.13 IP:192.168.2.52 MAC: 7B-DA-70-1C-2E-EA MAC: ? Who has 192.168.2.52 I Know 192.168.2.52 Mac: E5-28-EC-7E-8B-5E Someone
Se7en - Creative Powerpoint Template You Someone who is good looking ARP Poisoning IP:192.168.2.13 IP:192.168.2.52 MAC: 7B-DA-70-1C-2E-EA MAC: E5-28-EC-7E-8B-5E Me LOLZ MAC: BE-EF-CA-CE-13-37 I Know 192.168.2.52 Mac: BE-EF-CA-CE-13-37 Than you :) I Know 192.168.2.13 Mac: BE-EF-CA-CE-13-37 Than you :)
Se7en - Creative Powerpoint Template Wireless Hacking
Se7en - Creative Powerpoint Template Web HackingWWW
Se7en - Creative Powerpoint Template Client Server SQL Injection Request: auth.html POST: user: user Pass: pass SQLQuery "Do we have a user with user name: user and password: pass?” SELECT user from users WHERE user=‘user’ and password=‘pass’
Se7en - Creative Powerpoint Template Me Server SQL Injection User: user SQLQuery SELECT user from users WHERE user=‘user’ and password=‘pass’ False User: ‘OR ‘1’=‘1 SELECT user from users WHERE user=‘’OR ‘1’ =‘1’ and password=‘pass’ True LOLZ
Se7en - Creative Powerpoint Template Client Server Cross side scripting GET: Page.html Backend Data Other Guys
Se7en - Creative Powerpoint Template Cross side scripting Backend Data Runnable Script Runnable Script
Se7en - Creative Powerpoint Template Cross side scripting
Se7en - Creative Powerpoint Template Exploitation
Se7en - Creative Powerpoint Template How a normal program works..
Se7en - Creative Powerpoint Template How a normal program works..
Se7en - Creative Powerpoint Template Reverse Engineering
Se7en - Creative Powerpoint Template Exploiting
Se7en - Creative Powerpoint Template Everyday use of windows
Se7en - Creative Powerpoint Template The Vulnerability NetpwPathCanonicalize serverdir1..dir2 serverdir2
Se7en - Creative Powerpoint Template Exploiting..
Se7en - Creative Powerpoint Template Exploiting..
Se7en - Creative Powerpoint Template a7 87 ce 5c 95 b2 4d 98 d6 fc e6 0a 56 19 96 b8 cd d3 e5 77 4d 98 d6 fc e6 0a 56 Exploiting.. c0 33 5b ac 12 8 2 1b ab 2b 02 9d ac 6a 93 e0 9e a 5 ea 3a 9e 25 5c 7b c1 ad 90 29 9 b 2f e6 3a 47 7d 9a 20 c6 75 dc 0 Address

Recommended

Hacking sites for fun and profit
Hacking sites for fun and profitHacking sites for fun and profit
Hacking sites for fun and profitDavid Stockton
 
Brute Force Attack
Brute Force AttackBrute Force Attack
Brute Force AttackAhmad karawash
 
Django (Web Applications that are Secure by Default)
Django �(Web Applications that are Secure by Default�)Django �(Web Applications that are Secure by Default�)
Django (Web Applications that are Secure by Default)Kishor Kumar
 
Make profit with UI-Redressing attacks.
Make profit with UI-Redressing attacks.Make profit with UI-Redressing attacks.
Make profit with UI-Redressing attacks.n|u - The Open Security Community
 
Web Security 101
Web Security 101Web Security 101
Web Security 101Michael Peters
 
Unusual Web Bugs
Unusual Web BugsUnusual Web Bugs
Unusual Web Bugsamiable_indian
 
Secure Software: Action, Comedy or Drama? (2017 edition)
Secure Software: Action, Comedy or Drama? (2017 edition)Secure Software: Action, Comedy or Drama? (2017 edition)
Secure Software: Action, Comedy or Drama? (2017 edition)Peter Sabev
 
BSides Columbus - Lend me your IR's!
BSides Columbus - Lend me your IR's!BSides Columbus - Lend me your IR's!
BSides Columbus - Lend me your IR's!CiNPA Security SIG
 

Recommended

Hacking sites for fun and profit
Hacking sites for fun and profitHacking sites for fun and profit
Hacking sites for fun and profitDavid Stockton
 
Brute Force Attack
Brute Force AttackBrute Force Attack
Brute Force AttackAhmad karawash
 
Django (Web Applications that are Secure by Default)
Django �(Web Applications that are Secure by Default�)Django �(Web Applications that are Secure by Default�)
Django (Web Applications that are Secure by Default)Kishor Kumar
 
Make profit with UI-Redressing attacks.
Make profit with UI-Redressing attacks.Make profit with UI-Redressing attacks.
Make profit with UI-Redressing attacks.n|u - The Open Security Community
 
Web Security 101
Web Security 101Web Security 101
Web Security 101Michael Peters
 
Unusual Web Bugs
Unusual Web BugsUnusual Web Bugs
Unusual Web Bugsamiable_indian
 
Secure Software: Action, Comedy or Drama? (2017 edition)
Secure Software: Action, Comedy or Drama? (2017 edition)Secure Software: Action, Comedy or Drama? (2017 edition)
Secure Software: Action, Comedy or Drama? (2017 edition)Peter Sabev
 
BSides Columbus - Lend me your IR's!
BSides Columbus - Lend me your IR's!BSides Columbus - Lend me your IR's!
BSides Columbus - Lend me your IR's!CiNPA Security SIG
 
Password Cracking
Password CrackingPassword Cracking
Password CrackingRahul Sharma
 
DMA - Stupid Cyber Criminal Tricks
DMA - Stupid Cyber Criminal TricksDMA - Stupid Cyber Criminal Tricks
DMA - Stupid Cyber Criminal TricksCiNPA Security SIG
 
Defending Against Attacks With Rails
Defending Against Attacks With RailsDefending Against Attacks With Rails
Defending Against Attacks With RailsTony Amoyal
 
Abusing & Securing XPC in macOS apps
Abusing & Securing XPC in macOS appsAbusing & Securing XPC in macOS apps
Abusing & Securing XPC in macOS appsSecuRing
 
The art of android hacking
The art of android hackingThe art of android hacking
The art of android hackingAbhinav Mishra
 
Password craking techniques
Password craking techniques Password craking techniques
Password craking techniques أحلام انصارى
 
Security In .Net Framework
Security In .Net FrameworkSecurity In .Net Framework
Security In .Net FrameworkRamakanta Behera
 
Django Web Application Security
Django Web Application SecurityDjango Web Application Security
Django Web Application Securitylevigross
 
Website security
Website securityWebsite security
Website securityAkhilesh Kant
 
Case Study of Django: Web Frameworks that are Secure by Default
Case Study of Django: Web Frameworks that are Secure by DefaultCase Study of Django: Web Frameworks that are Secure by Default
Case Study of Django: Web Frameworks that are Secure by DefaultMohammed ALDOUB
 
OAuth Hacks A gentle introduction to OAuth 2 and Apache Oltu
OAuth Hacks A gentle introduction to OAuth 2 and Apache OltuOAuth Hacks A gentle introduction to OAuth 2 and Apache Oltu
OAuth Hacks A gentle introduction to OAuth 2 and Apache OltuAntonio Sanso
 
Personal Internet Security System
Personal Internet Security SystemPersonal Internet Security System
Personal Internet Security SystemMatthew Bricker
 
Overview of information security
Overview of information securityOverview of information security
Overview of information securityAskao Ahmed Saad
 
Attacker Ghost Stories - ShmooCon 2014
Attacker Ghost Stories - ShmooCon 2014Attacker Ghost Stories - ShmooCon 2014
Attacker Ghost Stories - ShmooCon 2014Rob Fuller
 
In The Middle of Printers - The (In)Security of Pull Printing solutions - Hac...
In The Middle of Printers - The (In)Security of Pull Printing solutions - Hac...In The Middle of Printers - The (In)Security of Pull Printing solutions - Hac...
In The Middle of Printers - The (In)Security of Pull Printing solutions - Hac...Jakub Kałużny
 
WordPress Security Essentials
WordPress Security EssentialsWordPress Security Essentials
WordPress Security EssentialsAngela Bowman
 
Sucuri Webinar: How to identify and clean a hacked Joomla! website
Sucuri Webinar: How to identify and clean a hacked Joomla! websiteSucuri Webinar: How to identify and clean a hacked Joomla! website
Sucuri Webinar: How to identify and clean a hacked Joomla! websiteSucuri
 
Google Hacking
Google HackingGoogle Hacking
Google HackingPim Piepers
 
Hacking Tutorial in Telugu
Hacking Tutorial in TeluguHacking Tutorial in Telugu
Hacking Tutorial in TeluguSravani Reddy
 
Hacking presentation BASIC
Hacking presentation BASICHacking presentation BASIC
Hacking presentation BASICLakkireddy Bali Reddy Collage of Engineering
 
Learn awesome hacking tricks
Learn awesome hacking tricksLearn awesome hacking tricks
Learn awesome hacking tricksSudhanshu Mishra
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingManish Mudhliyar
 

More Related Content

What's hot

DMA - Stupid Cyber Criminal Tricks
DMA - Stupid Cyber Criminal TricksDMA - Stupid Cyber Criminal Tricks
DMA - Stupid Cyber Criminal TricksCiNPA Security SIG
 
Defending Against Attacks With Rails
Defending Against Attacks With RailsDefending Against Attacks With Rails
Defending Against Attacks With RailsTony Amoyal
 
Abusing & Securing XPC in macOS apps
Abusing & Securing XPC in macOS appsAbusing & Securing XPC in macOS apps
Abusing & Securing XPC in macOS appsSecuRing
 
The art of android hacking
The art of android hackingThe art of android hacking
The art of android hackingAbhinav Mishra
 
Security In .Net Framework
Security In .Net FrameworkSecurity In .Net Framework
Security In .Net FrameworkRamakanta Behera
 
Django Web Application Security
Django Web Application SecurityDjango Web Application Security
Django Web Application Securitylevigross
 
Case Study of Django: Web Frameworks that are Secure by Default
Case Study of Django: Web Frameworks that are Secure by DefaultCase Study of Django: Web Frameworks that are Secure by Default
Case Study of Django: Web Frameworks that are Secure by DefaultMohammed ALDOUB
 
OAuth Hacks A gentle introduction to OAuth 2 and Apache Oltu
OAuth Hacks A gentle introduction to OAuth 2 and Apache OltuOAuth Hacks A gentle introduction to OAuth 2 and Apache Oltu
OAuth Hacks A gentle introduction to OAuth 2 and Apache OltuAntonio Sanso
 
Personal Internet Security System
Personal Internet Security SystemPersonal Internet Security System
Personal Internet Security SystemMatthew Bricker
 
Overview of information security
Overview of information securityOverview of information security
Overview of information securityAskao Ahmed Saad
 
Attacker Ghost Stories - ShmooCon 2014
Attacker Ghost Stories - ShmooCon 2014Attacker Ghost Stories - ShmooCon 2014
Attacker Ghost Stories - ShmooCon 2014Rob Fuller
 
In The Middle of Printers - The (In)Security of Pull Printing solutions - Hac...
In The Middle of Printers - The (In)Security of Pull Printing solutions - Hac...In The Middle of Printers - The (In)Security of Pull Printing solutions - Hac...
In The Middle of Printers - The (In)Security of Pull Printing solutions - Hac...Jakub Kałużny
 
WordPress Security Essentials
WordPress Security EssentialsWordPress Security Essentials
WordPress Security EssentialsAngela Bowman
 
Sucuri Webinar: How to identify and clean a hacked Joomla! website
Sucuri Webinar: How to identify and clean a hacked Joomla! websiteSucuri Webinar: How to identify and clean a hacked Joomla! website
Sucuri Webinar: How to identify and clean a hacked Joomla! websiteSucuri
 

What's hot (18)

Password Cracking
Password CrackingPassword Cracking
Password Cracking
 
DMA - Stupid Cyber Criminal Tricks
DMA - Stupid Cyber Criminal TricksDMA - Stupid Cyber Criminal Tricks
DMA - Stupid Cyber Criminal Tricks
 
Defending Against Attacks With Rails
Defending Against Attacks With RailsDefending Against Attacks With Rails
Defending Against Attacks With Rails
 
Abusing & Securing XPC in macOS apps
Abusing & Securing XPC in macOS appsAbusing & Securing XPC in macOS apps
Abusing & Securing XPC in macOS apps
 
The art of android hacking
The art of android hackingThe art of android hacking
The art of android hacking
 
Password craking techniques
Password craking techniques Password craking techniques
Password craking techniques
 
Security In .Net Framework
Security In .Net FrameworkSecurity In .Net Framework
Security In .Net Framework
 
Django Web Application Security
Django Web Application SecurityDjango Web Application Security
Django Web Application Security
 
Website security
Website securityWebsite security
Website security
 
Case Study of Django: Web Frameworks that are Secure by Default
Case Study of Django: Web Frameworks that are Secure by DefaultCase Study of Django: Web Frameworks that are Secure by Default
Case Study of Django: Web Frameworks that are Secure by Default
 
OAuth Hacks A gentle introduction to OAuth 2 and Apache Oltu
OAuth Hacks A gentle introduction to OAuth 2 and Apache OltuOAuth Hacks A gentle introduction to OAuth 2 and Apache Oltu
OAuth Hacks A gentle introduction to OAuth 2 and Apache Oltu
 
Personal Internet Security System
Personal Internet Security SystemPersonal Internet Security System
Personal Internet Security System
 
Overview of information security
Overview of information securityOverview of information security
Overview of information security
 
Attacker Ghost Stories - ShmooCon 2014
Attacker Ghost Stories - ShmooCon 2014Attacker Ghost Stories - ShmooCon 2014
Attacker Ghost Stories - ShmooCon 2014
 
In The Middle of Printers - The (In)Security of Pull Printing solutions - Hac...
In The Middle of Printers - The (In)Security of Pull Printing solutions - Hac...In The Middle of Printers - The (In)Security of Pull Printing solutions - Hac...
In The Middle of Printers - The (In)Security of Pull Printing solutions - Hac...
 
WordPress Security Essentials
WordPress Security EssentialsWordPress Security Essentials
WordPress Security Essentials
 
Sucuri Webinar: How to identify and clean a hacked Joomla! website
Sucuri Webinar: How to identify and clean a hacked Joomla! websiteSucuri Webinar: How to identify and clean a hacked Joomla! website
Sucuri Webinar: How to identify and clean a hacked Joomla! website
 
Google Hacking
Google HackingGoogle Hacking
Google Hacking
 

Viewers also liked

Hacking Tutorial in Telugu
Hacking Tutorial in TeluguHacking Tutorial in Telugu
Hacking Tutorial in TeluguSravani Reddy
 
Learn awesome hacking tricks
Learn awesome hacking tricksLearn awesome hacking tricks
Learn awesome hacking tricksSudhanshu Mishra
 
Hacking Adobe Experience Manager sites
Hacking Adobe Experience Manager sitesHacking Adobe Experience Manager sites
Hacking Adobe Experience Manager sitesMikhail Egorov
 
Ajit-Legiment_Techniques
Ajit-Legiment_TechniquesAjit-Legiment_Techniques
Ajit-Legiment_Techniquesguest66dc5f
 
The (In)Security of Topology Discovery in Software Defined Networks
The (In)Security of Topology Discovery in Software Defined NetworksThe (In)Security of Topology Discovery in Software Defined Networks
The (In)Security of Topology Discovery in Software Defined NetworksTalal Alharbi
 
VMRay intro video
VMRay intro videoVMRay intro video
VMRay intro videoChad Loeven
 
Welcome to the United States: An Acculturation Conversation
Welcome to the United States: An Acculturation ConversationWelcome to the United States: An Acculturation Conversation
Welcome to the United States: An Acculturation ConversationSuzanne M. Sullivan
 
Automated JavaScript Deobfuscation - PacSec 2007
Automated JavaScript Deobfuscation - PacSec 2007Automated JavaScript Deobfuscation - PacSec 2007
Automated JavaScript Deobfuscation - PacSec 2007Stephan Chenette
 
Code obfuscation, php shells & more
Code obfuscation, php shells & moreCode obfuscation, php shells & more
Code obfuscation, php shells & moreMattias Geniar
 
A combined approach to search for evasion techniques in network intrusion det...
A combined approach to search for evasion techniques in network intrusion det...A combined approach to search for evasion techniques in network intrusion det...
A combined approach to search for evasion techniques in network intrusion det...eSAT Journals
 
Practical IoT Exploitation (DEFCON23 IoTVillage) - Lyon Yang
Practical IoT Exploitation (DEFCON23 IoTVillage) - Lyon YangPractical IoT Exploitation (DEFCON23 IoTVillage) - Lyon Yang
Practical IoT Exploitation (DEFCON23 IoTVillage) - Lyon YangLyon Yang
 
Topics in network security
Topics in network securityTopics in network security
Topics in network securityNasir Bhutta
 
Bsides to 2016-penetration-testing
Bsides to 2016-penetration-testingBsides to 2016-penetration-testing
Bsides to 2016-penetration-testingHaydn Johnson
 
SENIOR MATERIAL ENGINEER WITH 5 YEARS OF EXPERIENCE
SENIOR MATERIAL ENGINEER WITH 5 YEARS OF EXPERIENCESENIOR MATERIAL ENGINEER WITH 5 YEARS OF EXPERIENCE
SENIOR MATERIAL ENGINEER WITH 5 YEARS OF EXPERIENCESangeetha Sankaramahadev
 
Web attacks using obfuscated script
Web attacks using obfuscated scriptWeb attacks using obfuscated script
Web attacks using obfuscated scriptAmol Kamble
 
On deobfuscation in practice
On deobfuscation in practiceOn deobfuscation in practice
On deobfuscation in practiceDmitry Schelkunov
 
Purple teaming Cyber Kill Chain
Purple teaming Cyber Kill ChainPurple teaming Cyber Kill Chain
Purple teaming Cyber Kill ChainHaydn Johnson
 
Code obfuscation
Code obfuscationCode obfuscation
Code obfuscationAmol Kamble
 

Viewers also liked (20)

Hacking Tutorial in Telugu
Hacking Tutorial in TeluguHacking Tutorial in Telugu
Hacking Tutorial in Telugu
 
Hacking presentation BASIC
Hacking presentation BASICHacking presentation BASIC
Hacking presentation BASIC
 
Learn awesome hacking tricks
Learn awesome hacking tricksLearn awesome hacking tricks
Learn awesome hacking tricks
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Hacking Adobe Experience Manager sites
Hacking Adobe Experience Manager sitesHacking Adobe Experience Manager sites
Hacking Adobe Experience Manager sites
 
Ajit-Legiment_Techniques
Ajit-Legiment_TechniquesAjit-Legiment_Techniques
Ajit-Legiment_Techniques
 
The (In)Security of Topology Discovery in Software Defined Networks
The (In)Security of Topology Discovery in Software Defined NetworksThe (In)Security of Topology Discovery in Software Defined Networks
The (In)Security of Topology Discovery in Software Defined Networks
 
VMRay intro video
VMRay intro videoVMRay intro video
VMRay intro video
 
Welcome to the United States: An Acculturation Conversation
Welcome to the United States: An Acculturation ConversationWelcome to the United States: An Acculturation Conversation
Welcome to the United States: An Acculturation Conversation
 
Automated JavaScript Deobfuscation - PacSec 2007
Automated JavaScript Deobfuscation - PacSec 2007Automated JavaScript Deobfuscation - PacSec 2007
Automated JavaScript Deobfuscation - PacSec 2007
 
Code obfuscation, php shells & more
Code obfuscation, php shells & moreCode obfuscation, php shells & more
Code obfuscation, php shells & more
 
A combined approach to search for evasion techniques in network intrusion det...
A combined approach to search for evasion techniques in network intrusion det...A combined approach to search for evasion techniques in network intrusion det...
A combined approach to search for evasion techniques in network intrusion det...
 
Practical IoT Exploitation (DEFCON23 IoTVillage) - Lyon Yang
Practical IoT Exploitation (DEFCON23 IoTVillage) - Lyon YangPractical IoT Exploitation (DEFCON23 IoTVillage) - Lyon Yang
Practical IoT Exploitation (DEFCON23 IoTVillage) - Lyon Yang
 
Topics in network security
Topics in network securityTopics in network security
Topics in network security
 
Bsides to 2016-penetration-testing
Bsides to 2016-penetration-testingBsides to 2016-penetration-testing
Bsides to 2016-penetration-testing
 
SENIOR MATERIAL ENGINEER WITH 5 YEARS OF EXPERIENCE
SENIOR MATERIAL ENGINEER WITH 5 YEARS OF EXPERIENCESENIOR MATERIAL ENGINEER WITH 5 YEARS OF EXPERIENCE
SENIOR MATERIAL ENGINEER WITH 5 YEARS OF EXPERIENCE
 
Web attacks using obfuscated script
Web attacks using obfuscated scriptWeb attacks using obfuscated script
Web attacks using obfuscated script
 
On deobfuscation in practice
On deobfuscation in practiceOn deobfuscation in practice
On deobfuscation in practice
 
Purple teaming Cyber Kill Chain
Purple teaming Cyber Kill ChainPurple teaming Cyber Kill Chain
Purple teaming Cyber Kill Chain
 
Code obfuscation
Code obfuscationCode obfuscation
Code obfuscation
 

Similar to Practical Cyber Attacking Tutorial

Intro to Php Security
Intro to Php SecurityIntro to Php Security
Intro to Php SecurityDave Ross
 
Owasp top 10 web application security hazards part 2
Owasp top 10 web application security hazards part 2Owasp top 10 web application security hazards part 2
Owasp top 10 web application security hazards part 2Abhinav Sejpal
 
My app is secure... I think
My app is secure... I thinkMy app is secure... I think
My app is secure... I thinkWim Godden
 
Cheapass.in — presented at JSFoo 2016
Cheapass.in — presented at JSFoo 2016Cheapass.in — presented at JSFoo 2016
Cheapass.in — presented at JSFoo 2016Aakash Goel
 
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. LtdBeyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. LtdNipun Jaswal
 
Demystify Information Security & Threats for Data-Driven Platforms With Cheta...
Demystify Information Security & Threats for Data-Driven Platforms With Cheta...Demystify Information Security & Threats for Data-Driven Platforms With Cheta...
Demystify Information Security & Threats for Data-Driven Platforms With Cheta...Chetan Khatri
 
Abusing bleeding edge web standards for appsec glory
Abusing bleeding edge web standards for appsec gloryAbusing bleeding edge web standards for appsec glory
Abusing bleeding edge web standards for appsec gloryPriyanka Aash
 
Workshop: Functional testing made easy with PHPUnit & Selenium (phpCE Poland,...
Workshop: Functional testing made easy with PHPUnit & Selenium (phpCE Poland,...Workshop: Functional testing made easy with PHPUnit & Selenium (phpCE Poland,...
Workshop: Functional testing made easy with PHPUnit & Selenium (phpCE Poland,...Ondřej Machulda
 
Dirty Little Secrets They Didn't Teach You In Pentest Class v2
Dirty Little Secrets They Didn't Teach You In Pentest Class v2Dirty Little Secrets They Didn't Teach You In Pentest Class v2
Dirty Little Secrets They Didn't Teach You In Pentest Class v2Rob Fuller
 
Dirty Little Secrets They Didn't Teach You In Pentest Class v2
Dirty Little Secrets They Didn't Teach You In Pentest Class v2Dirty Little Secrets They Didn't Teach You In Pentest Class v2
Dirty Little Secrets They Didn't Teach You In Pentest Class v2Chris Gates
 
hackcon2013-Dirty Little Secrets They Didn't Teach You In Pentesting Class v2
hackcon2013-Dirty Little Secrets They Didn't Teach You In Pentesting Class v2hackcon2013-Dirty Little Secrets They Didn't Teach You In Pentesting Class v2
hackcon2013-Dirty Little Secrets They Didn't Teach You In Pentesting Class v2Chris Gates
 
WSO2Con EU 2016: Real-time Monitoring of API Architectures
WSO2Con EU 2016: Real-time Monitoring of API ArchitecturesWSO2Con EU 2016: Real-time Monitoring of API Architectures
WSO2Con EU 2016: Real-time Monitoring of API ArchitecturesWSO2
 
Automated Server Administration for DevSecOps
Automated Server Administration for DevSecOpsAutomated Server Administration for DevSecOps
Automated Server Administration for DevSecOpsAarno Aukia
 
Lean Php Presentation
Lean Php PresentationLean Php Presentation
Lean Php PresentationAlan Pinstein
 
Android mobile app security offensive security workshop
Android mobile app security offensive security workshopAndroid mobile app security offensive security workshop
Android mobile app security offensive security workshopAbhinav Sejpal
 
Top 7 Skills PHP Developer Must Have
Top 7 Skills PHP Developer Must HaveTop 7 Skills PHP Developer Must Have
Top 7 Skills PHP Developer Must HaveIndumathySK
 

Similar to Practical Cyber Attacking Tutorial (20)

Intro to Php Security
Intro to Php SecurityIntro to Php Security
Intro to Php Security
 
Gearman Add To Your Project
Gearman Add To Your ProjectGearman Add To Your Project
Gearman Add To Your Project
 
Owasp top 10 web application security hazards part 2
Owasp top 10 web application security hazards part 2Owasp top 10 web application security hazards part 2
Owasp top 10 web application security hazards part 2
 
My app is secure... I think
My app is secure... I thinkMy app is secure... I think
My app is secure... I think
 
Cheapass.in — presented at JSFoo 2016
Cheapass.in — presented at JSFoo 2016Cheapass.in — presented at JSFoo 2016
Cheapass.in — presented at JSFoo 2016
 
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. LtdBeyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd
 
Starwest 2008
Starwest 2008Starwest 2008
Starwest 2008
 
Demystify Information Security & Threats for Data-Driven Platforms With Cheta...
Demystify Information Security & Threats for Data-Driven Platforms With Cheta...Demystify Information Security & Threats for Data-Driven Platforms With Cheta...
Demystify Information Security & Threats for Data-Driven Platforms With Cheta...
 
Abusing bleeding edge web standards for appsec glory
Abusing bleeding edge web standards for appsec gloryAbusing bleeding edge web standards for appsec glory
Abusing bleeding edge web standards for appsec glory
 
Workshop: Functional testing made easy with PHPUnit & Selenium (phpCE Poland,...
Workshop: Functional testing made easy with PHPUnit & Selenium (phpCE Poland,...Workshop: Functional testing made easy with PHPUnit & Selenium (phpCE Poland,...
Workshop: Functional testing made easy with PHPUnit & Selenium (phpCE Poland,...
 
Dirty Little Secrets They Didn't Teach You In Pentest Class v2
Dirty Little Secrets They Didn't Teach You In Pentest Class v2Dirty Little Secrets They Didn't Teach You In Pentest Class v2
Dirty Little Secrets They Didn't Teach You In Pentest Class v2
 
Dirty Little Secrets They Didn't Teach You In Pentest Class v2
Dirty Little Secrets They Didn't Teach You In Pentest Class v2Dirty Little Secrets They Didn't Teach You In Pentest Class v2
Dirty Little Secrets They Didn't Teach You In Pentest Class v2
 
Real-time Monitoring of API Architectures
Real-time Monitoring of API ArchitecturesReal-time Monitoring of API Architectures
Real-time Monitoring of API Architectures
 
hackcon2013-Dirty Little Secrets They Didn't Teach You In Pentesting Class v2
hackcon2013-Dirty Little Secrets They Didn't Teach You In Pentesting Class v2hackcon2013-Dirty Little Secrets They Didn't Teach You In Pentesting Class v2
hackcon2013-Dirty Little Secrets They Didn't Teach You In Pentesting Class v2
 
WSO2Con EU 2016: Real-time Monitoring of API Architectures
WSO2Con EU 2016: Real-time Monitoring of API ArchitecturesWSO2Con EU 2016: Real-time Monitoring of API Architectures
WSO2Con EU 2016: Real-time Monitoring of API Architectures
 
Automated Server Administration for DevSecOps
Automated Server Administration for DevSecOpsAutomated Server Administration for DevSecOps
Automated Server Administration for DevSecOps
 
Lean Php Presentation
Lean Php PresentationLean Php Presentation
Lean Php Presentation
 
presentation slides
presentation slidespresentation slides
presentation slides
 
Android mobile app security offensive security workshop
Android mobile app security offensive security workshopAndroid mobile app security offensive security workshop
Android mobile app security offensive security workshop
 
Top 7 Skills PHP Developer Must Have
Top 7 Skills PHP Developer Must HaveTop 7 Skills PHP Developer Must Have
Top 7 Skills PHP Developer Must Have
 

Recently uploaded

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 

Recently uploaded (20)

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 

Practical Cyber Attacking Tutorial

  • 1. Se7en - Creative Powerpoint Template Practical Cyber Attacking Tutorial Yam Peleg
  • 2. Se7en - Creative Powerpoint Template Cyber?
  • 3.
  • 4. Se7en - Creative Powerpoint Template
  • 5. Se7en - Creative Powerpoint Template Introduction To Cyber
  • 6. Se7en - Creative Powerpoint Template Cyber Attacking Active Reconnaissance Gaining Access Passive Reconnaissance Maintaining Access Gaining Access This is the phase where the real hacking takes place. Vulnerabilities discovered during the reconnaissance and scanning phase are now exploited to gain access. Maintaining Access Once a hacker has gained access, they want to keep that access for future exploitation and attacks. Passive Reconnaissance Passive reconnaissance involves gathering information regarding a potential target without the targeted individual’s or company’s knowledge Active Reconnaissance Active reconnaissance involves probing the network to discover individual hosts, IP addresses, and services on the network. This usually involves more risk of detection than passive reconnaissance
  • 7. Se7en - Creative Powerpoint Template Vulnerability based cyber attacks Attacker - Develops code that will be sent to the victim and then - Uses a vulnerability to insert and run that code to the victim's device. Victim - Unaware of the attacker’s code running on the device. - The malicious code transmit to the attacker. The art of running your own code on someone else’s computer :) ❞ ❞ LOLZ
  • 8. Se7en - Creative Powerpoint Template Social Engineering
  • 9. Se7en - Creative Powerpoint Template 9 Social Engineering Phishing Practice of sending emails Or creating sites appearing to be from reputable source with the Goal of influencing or gaining Personal information Impersonation Practice of pretexting as Another person with the goal Of obtaining information or Access to a person, Company, or computer system. Vishing Practice of eliciting Information of attempting to Influence action via the Telephone may include such Tools as “phone spoofing” Hey! I am from IT Can you please give Me your password So I can.. Blah Blah..
  • 10. Se7en - Creative Powerpoint Template Passive reconnaissance
  • 11. Se7en - Creative Powerpoint Template Where can we find information?
  • 12. Se7en - Creative Powerpoint Template Google Hacking
  • 13. Se7en - Creative Powerpoint Template Google Hacking www.victim.com
  • 14. Se7en - Creative Powerpoint Template Google Hacking site:www.victim.com intitle:index.of www.victim.com
  • 15. Se7en - Creative Powerpoint Template Google Hacking www.victim.com site:www.victim.com ext:xml | ext:conf | ext:cnf | ext:reg | ext:inf | ext:rdp | ext:cfg | ext:txt | ext:ora | ext:ini
  • 16. Se7en - Creative Powerpoint Template Google Hacking www.victim.com site:www.victim.com ext:sql | ext:dbf | ext:mdb
  • 17. Se7en - Creative Powerpoint Template Google Hacking www.victim.com site:www.victim.com ext:log
  • 18. Se7en - Creative Powerpoint Template Google Hacking www.victim.com site:www.victim.com ext:bkf | ext:bkp | ext:bak | ext:old | ext:backup
  • 19. Se7en - Creative Powerpoint Template Google Hacking www.victim.com site:www.victim.com inurl:login
  • 20. Se7en - Creative Powerpoint Template Google Hacking www.victim.com site:www.victim.com intext:"sql syntax near" | intext:"syntax error has occurred" | intext:"incorrect syntax near" | intext:"unexpected end of SQL command" | intext:"Warning: mysql_connect()" | intext:"Warning: mysql_query()" | intext:"Warning: pg_connect()"
  • 21. Se7en - Creative Powerpoint Template Google Hacking www.victim.com site:www.victim.com intext:"sql syntax near" | intext:"syntax error has occurred" | intext:"incorrect syntax near" | intext:"unexpected end of SQL command" | intext:"Warning: mysql_connect()" | intext:"Warning: mysql_query()" | intext:"Warning: pg_connect()"
  • 22. Se7en - Creative Powerpoint Template Google Hacking www.victim.com site:www.victim.com ext:php intitle:phpinfo "published by the PHP Group"
  • 23. Se7en - Creative Powerpoint Template Searching for information Searching for “Information”?
  • 24. Se7en - Creative Powerpoint Template Whois
  • 25. Se7en - Creative Powerpoint Template Kali Linux
  • 26. Se7en - Creative Powerpoint Template Maltego
  • 27. Se7en - Creative Powerpoint Template Active reconnaissance
  • 28. Se7en - Creative Powerpoint Template Client Server Three way handshake
  • 29. Se7en - Creative Powerpoint Template Me Server Port Scanning LOLZ Ports .. 25 .. 80 .. Server Open ports: 25
  • 30. Se7en - Creative Powerpoint Template Network Attacking
  • 31. Se7en - Creative Powerpoint Template You Someone who is good looking ARP IP:192.168.2.13 IP:192.168.2.52 MAC: 7B-DA-70-1C-2E-EA MAC: ? Who has 192.168.2.52 I Know 192.168.2.52 Mac: E5-28-EC-7E-8B-5E Someone
  • 32. Se7en - Creative Powerpoint Template You Someone who is good looking ARP Poisoning IP:192.168.2.13 IP:192.168.2.52 MAC: 7B-DA-70-1C-2E-EA MAC: E5-28-EC-7E-8B-5E Me LOLZ MAC: BE-EF-CA-CE-13-37 I Know 192.168.2.52 Mac: BE-EF-CA-CE-13-37 Than you :) I Know 192.168.2.13 Mac: BE-EF-CA-CE-13-37 Than you :)
  • 33. Se7en - Creative Powerpoint Template Wireless Hacking
  • 34. Se7en - Creative Powerpoint Template Web HackingWWW
  • 35. Se7en - Creative Powerpoint Template Client Server SQL Injection Request: auth.html POST: user: user Pass: pass SQLQuery "Do we have a user with user name: user and password: pass?” SELECT user from users WHERE user=‘user’ and password=‘pass’
  • 36. Se7en - Creative Powerpoint Template Me Server SQL Injection User: user SQLQuery SELECT user from users WHERE user=‘user’ and password=‘pass’ False User: ‘OR ‘1’=‘1 SELECT user from users WHERE user=‘’OR ‘1’ =‘1’ and password=‘pass’ True LOLZ
  • 37. Se7en - Creative Powerpoint Template Client Server Cross side scripting GET: Page.html Backend Data Other Guys
  • 38. Se7en - Creative Powerpoint Template Cross side scripting Backend Data Runnable Script Runnable Script
  • 39. Se7en - Creative Powerpoint Template Cross side scripting
  • 40. Se7en - Creative Powerpoint Template Exploitation
  • 41. Se7en - Creative Powerpoint Template How a normal program works..
  • 42. Se7en - Creative Powerpoint Template How a normal program works..
  • 43. Se7en - Creative Powerpoint Template Reverse Engineering
  • 44. Se7en - Creative Powerpoint Template Exploiting
  • 45. Se7en - Creative Powerpoint Template Everyday use of windows
  • 46. Se7en - Creative Powerpoint Template The Vulnerability NetpwPathCanonicalize serverdir1..dir2 serverdir2
  • 47. Se7en - Creative Powerpoint Template Exploiting..
  • 48. Se7en - Creative Powerpoint Template Exploiting..
  • 49. Se7en - Creative Powerpoint Template a7 87 ce 5c 95 b2 4d 98 d6 fc e6 0a 56 19 96 b8 cd d3 e5 77 4d 98 d6 fc e6 0a 56 Exploiting.. c0 33 5b ac 12 8 2 1b ab 2b 02 9d ac 6a 93 e0 9e a 5 ea 3a 9e 25 5c 7b c1 ad 90 29 9 b 2f e6 3a 47 7d 9a 20 c6 75 dc 0 Address