After School cyber security class slides - Pat
•Als PPTX, PDF herunterladen•
1 gefällt mir•419 views
These are the slides we used for the after school ethical hacking class. Use them to revise the material covered in class.
Empfohlen
Empfohlen
Weitere ähnliche Inhalte
Was ist angesagt?
Was ist angesagt? (20)
Ähnlich wie After School cyber security class slides - Pat
Ähnlich wie After School cyber security class slides - Pat (20)
Kürzlich hochgeladen
Kürzlich hochgeladen (20)
After School cyber security class slides - Pat
- 1. TAFE NSW UNIT NAME CYBER SECURITY MASTERFUL DEFENDER OF THE UNIVERSE
- 6. TAFE NSW CYBER SECURITY Tools watch (offline) • Responder • Hashcat Offensive Security (online) • Mimikatz • PC- John the Ripper • Mobile Phones – Rubber Ducky (4 digit pin)
- 7. TAFE NSW CYBER SECURITY • White Box – full knowledge of the network and infrastructure being tested (insider) • Grey Box – partial knowledge (insider) • Black Box – no knowledge of the target of evaluation (outsider)
- 9. TAFE NSW CYBER SECURITY A vulnerability is: Any weakness such as a software flaw or logic design, that could be exploited by a threat to cause damage to an asset
- 10. TAFE NSW CYBER SECURITY A penetration test is: A full scale test of security controls of a system or network in order to identify security risks and vulnerabilities
- 11. TAFE NSW CYBER SECURITY 1. Create a folder on C: drive named Hackerstorm 2. Go to www.hackerstorm.com and click free downloads from the choices menu at the top 3. Scroll down and click the Hackerstorm OSVDB vulnerability database tool 4. Click download GUI v1.1 saving the file to the Hackerstorm… unzip the files 5. Click download OSVDB folder current database, unzip and over write as necessary
- 12. TAFE NSW CYBER SECURITY 6. C:Hackerstorm – double click Start.html 7. Click the OSVDB search button at the bottom, scroll through the vendors on the left - choose Mozilla Organisation and then click the view button 8. On the next screen click view all… scroll through the Vulnerabilities listed and choose one by clicking on it… View all sort of information about a particular vulnerability
- 13. TAFE NSW FOOTPRINTING Like everything else in Hacking, Footprinting usually follows an organised path Active Footprinting – one where the hacker has to touch the device, network or resource Passive Footprinting – measures to collect information from publically accessible sources
- 14. TAFE NSW CYBER SECURITY Nslookup (Listening Ports- Netstat – an) Traceroute Tracecert Whois Vidlersautomotive.com.au Cdiaust.com.au
- 15. TAFE NSW CYBER SECURITY Easter Eggs – filled with all sorts of fun Google: • Do a barrel roll • Tilt Do a Google image search • Atari breakout
- 16. TAFE NSW Examining Open Ports • Download CurrPorts (www.nirsoft.net/utils/cports.html) • Unzip and launch program • Select a port and go to File > Properties • Close a suspicious port – Be Careful • Download and install Fport (McAfee) • Open Command Prompt go to Fport.exe • The running ports and processes will be shown
- 17. TAFE NSW CYBER SECURITY Target specific resources Download Nmap (Zenmap) Windows GUI (Nmap.org)
- 21. TAFE NSW SCANNING AND ENUMERATION Enumeration is to specify individually, to count off or name 1 by 1 • SuperScan (McAfee) • Use Stealth - Proxy
- 22. TAFE NSW KALI LINUX SUITE Responder This tool is first an LLMNR and NBT-NS responder, it will answer to *specific* NBT-NS (NetBIOS Name Service) queries http://tools.kali.org/sniffingspoofing/responder
- 23. TAFE NSW CYBER SECURITY IP Addresses you shouldn’t scan 129.63.0.0, 128.50.0.0 etc.
- 24. TAFE NSW CYBER SECURITY • Using Stealth • Proxy Chains (http://proxychains.sourceforge.net) • Anonymizer’s (anonymouse.org) • Netcat • Netstat –an (from CMD)
- 25. TAFE NSW SNIFFING AND EVASION The art of capturing packets on the wire or air waves to review for interesting information View ARP entries (address resolution protocol) • Ping a local machine • Arp –a • Clear the ARP cache “netsh interface ip delete arpcache” • Arp -a
- 26. TAFE NSW SNIFFING Passive Sniffing Like the name suggests, plug in a sniffer and let it do it’s work Active Sniffing Requires input – injection or manipulation stance, usually involves a switch
- 27. TAFE NSW SNIFFER - WIRESHARK • Download and open • Choose which network interface (LAN) and start capture (turn off promiscuous mode) • Open a browser (www.yahoo.com) • Close the browser • Stop capture • Click the protocol header - explore
- 28. TAFE NSW SNIFFER – WIRESHARK • Scroll down to the first HTTP packet, right click and choose follow TCP stream – what does it display? • Clear the expression window, filter the command to only show packets from your machine eg. ip.src==192.186.0.8 • Pick out a packet you received and note the IP address of the machine • Clear the expression window and sort on packets from that machine eg. ip.addr==192.168.0.34
- 29. TAFE NSW EVASION Snort- most widely deployed IDS in the world https://www.snort.org/ IDS Evasion Tactics Flooding (inundator, TCP packet generator, PackETH)
- 30. TAFE NSW FIREWALLS – ROAD BLOCKS • Protect internal resources against external access • Placement of the firewall?? • HTTP tunnelling –firewall evasion • HTTP Shell – port 80 • Firewall informer – find the firewall
- 31. TAFE NSW CYBER SECURITY Students are believed to have got into their school’s IT network through staff passwords, giving them access to “personal and sensitive” information about other students Police are investigating that breach.
- 32. TAFE NSW ATTACKING A SYSTEM
- 33. TAFE NSW PASSWORDS • Windows –SAM - as a hash (C:windowssystem32config file) • Eg. M@tt123 = 9FDJEUDN455NJDM573EE • Length of password • NSWarethebestteam • N@56ndme!
- 35. TAFE NSW USING KALI • In Kali – open a terminal window • Create 2 users with the adduser command Adduser test1 –d /home/users/test1 Adduser test2 –d /home/users/test2 (or useradd …) • Set their passwords passwd test1 pass passwd test1 P@ss
- 36. TAFE NSW USING KALI • Start John the Ripper – point it to the shadow file (or copy the shadow file to the john folder for ease) • cp /etc/shadow /etc/john/shadow • cd /etc/john • /etc/shadow • “permission denied” • https://www.blackmoreops.com/2015/11/10/crack ing-password-in-kali-linux-using-john-the-ripper/
- 37. TAFE NSW CYBER SECURITY Download Cain and Abel
- 38. TAFE NSW CYBER SECURITY • Configure the menu item to the adaptor you want to sniff • Start sniffing • Head to a site requiring authentication andor start a telnet, FTP or MySQL session • Close browsing
- 41. TAFE NSW CYBER SECURITY • Examined potential targets • Mapped out open ports • Scanned for vulnerabilities • Stolen a password • Sitting on a machine • Patience!
- 42. TAFE NSW STEALTH – HIDING FILES & ACTIVITY • Alternative data streams (ADS) • Create Folder C:FStream • Create normal.txt (in same folder –add txt) • Create wanttohide.txt (add txt) • Open command prompt • Wanttohide.txt > original.txt:hidden.txt • Delete wanttohide.txt
- 43. TAFE NSW STEALTH – HIDING FILES & ACTIVITY • Now you should see only notepad.exe and normal.txt • From command prompt • Start c:testnormal.txt:hidden.txt • Contents of the text files should be displayed
- 44. TAFE NSW STEALTH – HIDING FILES & ACTIVITY • In C:Fstream create second.txt • Create a hidden copy • Notepad.exe > second.txt:notepad.exe • Delete notepad.exe from C:test • Type dir to confirm there are no more executables in the folder • Start C:testsecond.txt:notepad.exe
- 45. TAFE NSW CYBER SECURITY You’ve just opened a hidden executable Another spot - Registry
- 46. TAFE NSW ROOTKIT A collection of software put in place by an attacker that is designed to obscure system compromise More complicated
- 47. TAFE NSW CYBER SECURITY • Sectools.org (125 of the top tools) • Web servers or Wireless networks?
- 49. TAFE NSW CYBER SECURITY Remember we are a “Pen tester”
- 50. TAFE NSW CYBER SECURITY • WEP • WPA • WPA – 2 • www.ubnt.com
- 51. TAFE NSW CYBER SECURITY • Download NetSurveyor and test • Download NetStumbler and test
- 52. TAFE NSW MAC SPOOFING • Download and install SMAC (www.klcconsulting.net/smac/) • Download and install TMAC (www.technitium.com/tmac/) • Open SMAC (click proceed on trial ver.)
- 53. TAFE NSW CYBER SECURITY Click IPConfig button – find your MAC address Could also do ipconfig /all Select an adaptor from the list, click the Random button – new MAC Click the Update MAC button – note new MAC Click Remove Mac and close SMAC
- 54. TAFE NSW CYBER SECURITY Open TMAC Click change MAC, type in your own MAC or click random Ensure Auto restart network connection check box is marked Click change now (verify ipconfig /all) Click original MAC button and close TMAC
- 55. TAFE NSW MALWARE ATTACKS Software designed to harm or secretly access a computer system without the owners informed consent Download EliteWrap
- 57. TAFE NSW Cyber security Cryptography • The science or study of protecting information Steganography • Hiding messages inside a image
- 58. TAFE NSW HASH ALGORITHMS Provide a means to verify the integrity of a piece of data • Download and install DigitalVolcano MD5 hash – open it • Open Notepad, create test.txt – type into the file “Dan is good”, save and close • In Digital Volcano open test.txt
- 59. TAFE NSW CYBER SECURITY • Open test.txt again and change “good” to “great” – save and close • Select the file again and note the difference in the hash value
- 61. TAFE NSW EXTRACT THE MESSAGE
- 62. TAFE NSW 6 WEEK REVIEW
- 63. TAFE NSW THE END