Computing | Computer Security | Linux Security | Industrial Control Systems Security | Penetration Testing | Exploitation | Social Engineering | Metasploit | wifi-penetration

Exploitation

Exploitation is unethical just as robbery is unethical, however viKid believes that we should speak openly about how system vulnerabilities are exploited by ill-intentioned people.

Why?

When you don't know how an intruder may attack you, you have no ability to build a defense. For example we know that House Robbers use doors and windows to get into houses. So, we put locks on them, and in some neighbourhoods, bars on windows too.

However you are only as secure as your weakest insecurity. Just as one leaky tiles leads to a roof leak, or one window on a latch that can easily be opened.

On a high level, there are 3 vectors used for exploitation:

• System
  The perpretator has direct access to the machine
• Network
  He is on you Network
• Internet
  He is on the internet

System

• Liveware
• OS - does Authentication & Authorisation
• Hardware

• One can make a Live DVD/USB to go around the Host OS.
• Windows sticky keys exploit (press shift 5 times)

Network

In this scenario the attacker is on your network but does not have access to your machine.

The Typical Technics:

• Sniffing
• ARP - Poisoning
• DNS - Poisoning

Internet

Social Engineering and other Internet Exploits

The SAM Database (Windows)

• UN - User Name eg. admin
• UID - User ID eg. 500
• LM - Lan Man Hash - MD5
• NTLM - password encrpty then hash, AES -> SHA1

To crack hashes - the prepetrator will use Rainbow Tables

Keylogging & Anti-Keylogging

Check your AUP (Acceptable User Policy) of your company

• Relytec

Brute Force

To gain access to encrypted files:

Metasploit & Armitage

An Exploit is a piece of code which is going to take the "payload" to the target machine and going to enter the target machine by exploiting the vulnerability.

A Payload is a piece of code, which is going to be executed, once it is inside the target machine. Typically it is a malware, and specifically it is a backdoor.

Metasploit is an exploitation framework that has a huge repository of exploits and payloads

Armitage is a frontend GUI for the metasploit

Recommendations to Protect Yourself

• Check all ports
• Patch the system
• Zone Transfer files should be encrypted
• Community Name should be changed in SNMP
• Disable USB/CD/DVD drives on the system

http://thevikidtruth.com/wiki/?exploitation

30nov16

admin